Vulnerabilities > Low

DATE CVE VULNERABILITY TITLE RISK
2021-05-26 CVE-2021-22746 Unspecified vulnerability in Schneider-Electric products
Improper Check for Unusual or Exceptional Conditions vulnerability exists in Triconex Model 3009 MP installed on Tricon V11.3.x systems that could cause module reset when TCM receives malformed TriStation packets while the write-protect keyswitch is in the program position.
low complexity
schneider-electric
3.9
2021-05-26 CVE-2021-22747 Unspecified vulnerability in Schneider-Electric products
Improper Check for Unusual or Exceptional Conditions vulnerability exists in Triconex Model 3009 MP installed on Tricon V11.3.x systems that could cause module reset when TCM receives malformed TriStation packets while the write-protect keyswitch is in the program position.
low complexity
schneider-electric
3.9
2021-05-25 CVE-2020-13599 Incorrect Default Permissions vulnerability in Zephyrproject Zephyr
Security problem with settings and littlefs.
local
low complexity
zephyrproject CWE-276
3.3
2021-05-22 CVE-2021-1306 Externally Controlled Reference to a Resource in Another Sphere vulnerability in Cisco Identity Services Engine
A vulnerability in the restricted shell of Cisco Evolved Programmable Network (EPN) Manager, Cisco Identity Services Engine (ISE), and Cisco Prime Infrastructure could allow an authenticated, local attacker to identify directories and write arbitrary files to the file system.
local
low complexity
cisco CWE-610
3.4
2021-05-19 CVE-2020-4765 Insecure Storage of Sensitive Information vulnerability in IBM Cloud PAK for Multicloud Management
IBM Cloud Pak for Multicloud Management prior to 2.3 allows web pages to be stored locally which can be read by another user on the system.
local
low complexity
ibm CWE-922
3.3
2021-05-18 CVE-2021-3200 Classic Buffer Overflow vulnerability in multiple products
Buffer overflow vulnerability in libsolv 2020-12-13 via the Solver * testcase_read(Pool *pool, FILE *fp, const char *testcase, Queue *job, char **resultp, int *resultflagsp function at src/testcase.c: line 2334, which could cause a denial of service
local
low complexity
opensuse oracle CWE-120
3.3
2021-05-18 CVE-2020-15279 Unspecified vulnerability in Bitdefender Endpoint Security Tools 6.6.18.261
An Improper Access Control vulnerability in the logging component of Bitdefender Endpoint Security Tools for Windows versions prior to 6.6.23.320 allows a regular user to learn the scanning exclusion paths.
local
low complexity
bitdefender
3.3
2021-05-17 CVE-2021-32453 Missing Authentication for Critical Function vulnerability in Sitel-Sa Cap/Prx Firmware 5.2.01
SITEL CAP/PRX firmware version 5.2.01 allows an attacker with access to the local network, to access via HTTP to the internal configuration database of the device without any authentication.
local
low complexity
sitel-sa CWE-306
3.3
2021-05-14 CVE-2020-27769 In ImageMagick versions before 7.0.9-0, there are outside the range of representable values of type 'float' at MagickCore/quantize.c.
local
low complexity
imagemagick redhat fedoraproject
3.3
2021-05-14 CVE-2020-4811 Improper Input Validation vulnerability in IBM Cloud PAK for Security
IBM Cloud Pak for Security (CP4S) 1.4.0.0, 1.5.0.0, 1.5.0.1, 1.6.0.0, and 1.6.0.1 could allow a privileged user to inject inject malicious data using a specially crafted HTTP request due to improper input validation.
network
low complexity
ibm CWE-20
2.4