Vulnerabilities > Low
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-05-07 | CVE-2021-31467 | Unspecified vulnerability in Foxitsoftware 3D This vulnerability allows remote attackers to disclose sensitive information on affected installations of Foxit Reader 10.1.3.37598. | 3.3 |
| 2021-05-07 | CVE-2021-31469 | Unspecified vulnerability in Foxitsoftware 3D This vulnerability allows remote attackers to disclose sensitive information on affected installations of Foxit Reader 10.1.1.37576. | 3.3 |
| 2021-05-05 | CVE-2021-25317 | A Incorrect Default Permissions vulnerability in the packaging of cups of SUSE Linux Enterprise Server 11-SP4-LTSS, SUSE Manager Server 4.0, SUSE OpenStack Cloud Crowbar 9; openSUSE Leap 15.2, Factory allows local attackers with control of the lp users to create files as root with 0644 permissions without the ability to set the content. | 3.3 |
| 2021-04-30 | CVE-2021-21544 | Improper Authentication vulnerability in Dell Idrac9 Firmware Dell EMC iDRAC9 versions prior to 4.40.00.00 contain an improper authentication vulnerability. | 2.7 |
| 2021-04-30 | CVE-2021-21534 | Information Exposure vulnerability in Dell Hybrid Client 1.0/1.1/1.1.01 Dell Hybrid Client versions prior to 1.5 contain an information exposure vulnerability. | 3.3 |
| 2021-04-28 | CVE-2021-31815 | Cleartext Transmission of Sensitive Information vulnerability in Google Google/Apple Exposure Notifications 20210427 GAEN (aka Google/Apple Exposure Notifications) through 2021-04-27 on Android allows attackers to obtain sensitive information, such as a user's location history, in-person social graph, and (sometimes) COVID-19 infection status, because Rolling Proximity Identifiers and MAC addresses are written to the Android system log, and many Android devices have applications (preinstalled by the hardware manufacturer or network operator) that read system log data and send it to third parties. | 3.3 |
| 2021-04-27 | CVE-2021-21429 | Unspecified vulnerability in Openapi-Generator Openapi Generator OpenAPI Generator allows generation of API client libraries, server stubs, documentation and configuration automatically given an OpenAPI Spec. | 3.3 |
| 2021-04-26 | CVE-2021-29473 | Exiv2 is a C++ library and a command-line utility to read, write, delete and modify Exif, IPTC, XMP and ICC image metadata. | 2.5 |
| 2021-04-23 | CVE-2021-31403 | Information Exposure Through Discrepancy vulnerability in Vaadin Non-constant-time comparison of CSRF tokens in UIDL request handler in com.vaadin:vaadin-server versions 7.0.0 through 7.7.23 (Vaadin 7.0.0 through 7.7.23), and 8.0.0 through 8.12.2 (Vaadin 8.0.0 through 8.12.2) allows attacker to guess a security token via timing attack | 2.5 |
| 2021-04-23 | CVE-2021-31404 | Information Exposure Through Discrepancy vulnerability in Vaadin Flow Non-constant-time comparison of CSRF tokens in UIDL request handler in com.vaadin:flow-server versions 1.0.0 through 1.0.13 (Vaadin 10.0.0 through 10.0.16), 1.1.0 prior to 2.0.0 (Vaadin 11 prior to 14), 2.0.0 through 2.4.6 (Vaadin 14.0.0 through 14.4.6), 3.0.0 prior to 5.0.0 (Vaadin 15 prior to 18), and 5.0.0 through 5.0.2 (Vaadin 18.0.0 through 18.0.5) allows attacker to guess a security token via timing attack. | 2.5 |