Vulnerabilities > Low
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-04-01 | CVE-2021-26071 | Cross-Site Request Forgery (CSRF) vulnerability in Atlassian products The SetFeatureEnabled.jspa resource in Jira Server and Data Center before version 8.5.13, from version 8.6.0 before version 8.13.5, and from version 8.14.0 before version 8.15.1 allows remote anonymous attackers to enable and disable Jira Software configuration via a cross-site request forgery (CSRF) vulnerability. | 3.5 |
| 2021-03-30 | CVE-2021-27266 | Out-of-bounds Read vulnerability in Foxitsoftware Foxit Reader This vulnerability allows remote attackers to disclose sensitive information on affected installations of Foxit PhantomPDF 10.1.0.37527. | 3.3 |
| 2021-03-30 | CVE-2021-27265 | Unspecified vulnerability in Foxitsoftware Foxit Reader This vulnerability allows remote attackers to disclose sensitive information on affected installations of Foxit PhantomPDF 10.1.0.37527. | 3.3 |
| 2021-03-30 | CVE-2021-27264 | Unspecified vulnerability in Foxitsoftware Foxit Reader This vulnerability allows remote attackers to disclose sensitive information on affected installations of Foxit PhantomPDF 10.1.0.37527. | 3.3 |
| 2021-03-30 | CVE-2021-27263 | Unspecified vulnerability in Foxitsoftware Foxit Reader This vulnerability allows remote attackers to disclose sensitive information on affected installations of Foxit PhantomPDF 10.1.0.37527. | 3.3 |
| 2021-03-30 | CVE-2021-27262 | Unspecified vulnerability in Foxitsoftware Foxit Reader This vulnerability allows remote attackers to disclose sensitive information on affected installations of Foxit PhantomPDF 10.1.0.37527. | 3.3 |
| 2021-03-26 | CVE-2021-20193 | Memory Leak vulnerability in GNU TAR A flaw was found in the src/list.c of tar 1.33 and earlier. | 3.3 |
| 2021-03-26 | CVE-2021-20677 | Unspecified vulnerability in Necplatforms products UNIVERGE Aspire series PBX (UNIVERGE Aspire WX from 1.00 to 3.51, UNIVERGE Aspire UX from 1.00 to 9.70, UNIVERGE SV9100 from 1.00 to 10.70, and SL2100 from 1.00 to 3.00) allows a remote authenticated attacker to cause system down and a denial of service (DoS) condition by sending a specially crafted command. | 3.1 |
| 2021-03-25 | CVE-2021-25366 | Unspecified vulnerability in Samsung Internet 13.2.1.46 Improper access control in Samsung Internet prior to version 13.2.1.70 allows physically proximate attackers to bypass the secret mode's authentication. low complexity samsung | 2.9 |
| 2021-03-25 | CVE-2021-25351 | Unspecified vulnerability in Samsung Account 10.7.07/10.8.0.4 Improper Access Control in EmailValidationView in Samsung Account prior to version 10.7.0.7 and 12.1.1.3 allows physically proximate attackers to log out user account on device without user password. low complexity samsung | 2.4 |