Vulnerabilities > Low

DATE CVE VULNERABILITY TITLE RISK
2024-07-29 CVE-2023-42925 Unspecified vulnerability in Apple Iphone OS
The issue was addressed with improved restriction of data container access.
local
low complexity
apple
3.3
2024-07-29 CVE-2023-42948 Unspecified vulnerability in Apple Macos
This issue was addressed through improved state management.
local
low complexity
apple
3.3
2024-07-29 CVE-2023-42949 Unspecified vulnerability in Apple products
This issue was addressed with improved data protection.
local
low complexity
apple
3.3
2024-07-29 CVE-2023-42957 Unspecified vulnerability in Apple products
A permissions issue was addressed with additional restrictions.
local
low complexity
apple
3.3
2024-07-29 CVE-2024-6984 Information Exposure Through an Error Message vulnerability in Canonical Juju
An issue was discovered in Juju that resulted in the leak of the sensitive context ID, which allows a local unprivileged attacker to access other sensitive data or relation accessible to the local charm.
local
low complexity
canonical CWE-209
3.8
2024-07-26 CVE-2024-41686 Unspecified vulnerability in Syrotech Sy-Gpon-1110-Wdont Firmware 3.1.02231102
This vulnerability exists in SyroTech SY-GPON-1110-WDONT Router due to improper implementation of password policies.
local
low complexity
syrotech
3.3
2024-07-25 CVE-2024-40873 Cross-site Scripting vulnerability in Absolute Secure Access
There is a cross-site scripting vulnerability in the Secure Access administrative console of Absolute Secure Access prior to version 13.07. Attackers with system administrator permissions can interfere with another system administrator’s use of the publishing UI when the administrators are editing the same management object.
network
low complexity
absolute CWE-79
3.4
2024-07-24 CVE-2024-0231 Injection vulnerability in Gitlab
A resource misdirection vulnerability in GitLab CE/EE versions 12.0 prior to 17.0.5, 17.1 prior to 17.1.3, and 17.2 prior to 17.2.1 allows an attacker to craft a repository import in such a way as to misdirect commits.
network
low complexity
gitlab CWE-74
2.7
2024-07-24 CVE-2024-3454 Unspecified vulnerability in Csa-Iot Matter
An implementation issue in the Connectivity Standards Alliance Matter 1.2 protocol as used in the connectedhomeip SDK allows a third party to disclose information about devices part of the same fabric (footprinting), even though the protocol is designed to prevent access to such information.
low complexity
csa-iot
3.5
2024-07-23 CVE-2024-41839 Unspecified vulnerability in Adobe Experience Manager
Adobe Experience Manager versions 6.5.20 and earlier are affected by an Improper Input Validation vulnerability that could lead to a security feature bypass.
network
low complexity
adobe
3.5