Vulnerabilities > Low

DATE CVE VULNERABILITY TITLE RISK
2021-04-01 CVE-2021-26071 Cross-Site Request Forgery (CSRF) vulnerability in Atlassian products
The SetFeatureEnabled.jspa resource in Jira Server and Data Center before version 8.5.13, from version 8.6.0 before version 8.13.5, and from version 8.14.0 before version 8.15.1 allows remote anonymous attackers to enable and disable Jira Software configuration via a cross-site request forgery (CSRF) vulnerability.
network
low complexity
atlassian CWE-352
3.5
2021-03-30 CVE-2021-27266 Out-of-bounds Read vulnerability in Foxitsoftware Foxit Reader
This vulnerability allows remote attackers to disclose sensitive information on affected installations of Foxit PhantomPDF 10.1.0.37527.
local
low complexity
foxitsoftware CWE-125
3.3
2021-03-30 CVE-2021-27265 Unspecified vulnerability in Foxitsoftware Foxit Reader
This vulnerability allows remote attackers to disclose sensitive information on affected installations of Foxit PhantomPDF 10.1.0.37527.
local
low complexity
foxitsoftware
3.3
2021-03-30 CVE-2021-27264 Unspecified vulnerability in Foxitsoftware Foxit Reader
This vulnerability allows remote attackers to disclose sensitive information on affected installations of Foxit PhantomPDF 10.1.0.37527.
local
low complexity
foxitsoftware
3.3
2021-03-30 CVE-2021-27263 Unspecified vulnerability in Foxitsoftware Foxit Reader
This vulnerability allows remote attackers to disclose sensitive information on affected installations of Foxit PhantomPDF 10.1.0.37527.
local
low complexity
foxitsoftware
3.3
2021-03-30 CVE-2021-27262 Unspecified vulnerability in Foxitsoftware Foxit Reader
This vulnerability allows remote attackers to disclose sensitive information on affected installations of Foxit PhantomPDF 10.1.0.37527.
local
low complexity
foxitsoftware
3.3
2021-03-26 CVE-2021-20193 Memory Leak vulnerability in GNU TAR
A flaw was found in the src/list.c of tar 1.33 and earlier.
local
low complexity
gnu CWE-401
3.3
2021-03-26 CVE-2021-20677 Unspecified vulnerability in Necplatforms products
UNIVERGE Aspire series PBX (UNIVERGE Aspire WX from 1.00 to 3.51, UNIVERGE Aspire UX from 1.00 to 9.70, UNIVERGE SV9100 from 1.00 to 10.70, and SL2100 from 1.00 to 3.00) allows a remote authenticated attacker to cause system down and a denial of service (DoS) condition by sending a specially crafted command.
network
high complexity
necplatforms
3.1
2021-03-25 CVE-2021-25366 Unspecified vulnerability in Samsung Internet 13.2.1.46
Improper access control in Samsung Internet prior to version 13.2.1.70 allows physically proximate attackers to bypass the secret mode's authentication.
low complexity
samsung
2.9
2021-03-25 CVE-2021-25351 Unspecified vulnerability in Samsung Account 10.7.07/10.8.0.4
Improper Access Control in EmailValidationView in Samsung Account prior to version 10.7.0.7 and 12.1.1.3 allows physically proximate attackers to log out user account on device without user password.
low complexity
samsung
2.4