Vulnerabilities > Low

DATE CVE VULNERABILITY TITLE RISK
2021-08-05 CVE-2021-32002 Unspecified vulnerability in Secomea Sitemanager Firmware
Improper Access Control vulnerability in web service of Secomea SiteManager allows local attacker without credentials to gather network information and configuration of the SiteManager.
local
low complexity
secomea
3.3
2021-08-05 CVE-2021-3655 Improper Input Validation vulnerability in multiple products
A vulnerability was found in the Linux kernel in versions prior to v5.14-rc1.
local
low complexity
linux redhat debian CWE-20
3.3
2021-08-02 CVE-2021-24371 Unspecified vulnerability in Carrcommunications Rsvpmaker
The Import feature of the RSVPMaker WordPress plugin before 8.7.3 (/wp-admin/tools.php?page=rsvpmaker_export_screen) takes an URL input and calls curl on it, without first validating it to ensure it's a remote one.
network
low complexity
carrcommunications
2.7
2021-07-25 CVE-2021-37468 Cleartext Storage of Sensitive Information vulnerability in NCH Reflect Customer Relationship Management 3.01
NCH Reflect CRM 3.01 allows local users to discover cleartext user account information by reading the configuration files.
local
low complexity
nch CWE-312
3.3
2021-07-20 CVE-2021-20478 Unspecified vulnerability in IBM Cloud PAK System 2.3
IBM Cloud Pak System 2.3 could allow a local user in some situations to view the artifacts of another user in self service console.
local
low complexity
ibm
3.3
2021-07-15 CVE-2021-20499 Information Exposure Through an Error Message vulnerability in IBM Security Verify Access 10.0.0
IBM Security Verify Access Docker 10.0.0 could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned in the browser.
network
low complexity
ibm CWE-209
2.7
2021-07-15 CVE-2021-20523 Information Exposure Through an Error Message vulnerability in IBM Security Verify Access 10.0.0
IBM Security Verify Access Docker 10.0.0 could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned in the browser.
network
low complexity
ibm CWE-209
2.7
2021-07-15 CVE-2021-20534 Open Redirect vulnerability in IBM Security Verify Access 10.0.0
IBM Security Verify Access Docker 10.0.0 could allow a remote attacker to conduct phishing attacks, using an open redirect attack.
network
low complexity
ibm CWE-601
3.5
2021-07-15 CVE-2021-21587 Information Exposure vulnerability in Dell Wyse Management Suite
Dell Wyse Management Suite versions 3.2 and earlier contain a full path disclosure vulnerability.
local
low complexity
dell CWE-200
3.3
2021-07-15 CVE-2021-34688 Use of Hard-coded Credentials vulnerability in Idrive Remotepc
iDrive RemotePC before 7.6.48 on Windows allows information disclosure.
local
low complexity
idrive CWE-798
3.3