Vulnerabilities > Low
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-10-13 | CVE-2020-25779 | Unspecified vulnerability in Trendmicro Antivirus 2020 Trend Micro Antivirus for Mac 2020 (Consumer) has a vulnerability in which a Internationalized Domain Name homograph attack (Puny-code) could be used to add a malicious website to the approved websites list of Trend Micro Antivirus for Mac to bypass the web threat protection feature. | 3.3 |
| 2020-10-09 | CVE-2020-26930 | Insecure Default Initialization of Resource vulnerability in Netgear Ex7700 Firmware NETGEAR EX7700 devices before 1.0.0.210 are affected by incorrect configuration of security settings. | 3.8 |
| 2020-10-09 | CVE-2020-26925 | Unspecified vulnerability in Netgear Gs808E Firmware 1.7.0.7 NETGEAR GS808E devices before 1.7.1.0 are affected by denial of service. | 3.2 |
| 2020-10-08 | CVE-2020-2291 | Insufficiently Protected Credentials vulnerability in Jenkins Couchdb-Statistics Jenkins couchdb-statistics Plugin 0.3 and earlier stores its server password unencrypted in its global configuration file on the Jenkins controller where it can be viewed by users with access to the Jenkins controller file system. | 3.3 |
| 2020-10-08 | CVE-2020-2297 | Insufficiently Protected Credentials vulnerability in Jenkins SMS Notification 1.0.1/1.1/1.2 Jenkins SMS Notification Plugin 1.2 and earlier stores an access token unencrypted in its global configuration file on the Jenkins controller where it can be viewed by users with access to the Jenkins controller file system. | 3.3 |
| 2020-10-07 | CVE-2020-13342 | Allocation of Resources Without Limits or Throttling vulnerability in Gitlab An issue has been discovered in GitLab affecting versions prior to 13.2.10, 13.3.7 and 13.4.2: Lack of Rate Limiting at Re-Sending Confirmation Email | 2.7 |
| 2020-10-06 | CVE-2020-15239 | Unspecified vulnerability in Xmpp-Http-Upload Project Xmpp-Http-Upload 0.1/0.2.0/0.3.0 In xmpp-http-upload before version 0.4.0, when the GET method is attacked, attackers can read files which have a `.data` suffix and which are accompanied by a JSON file with the `.meta` suffix. | 3.5 |
| 2020-10-06 | CVE-2020-1905 | Use of Insufficiently Random Values vulnerability in Whatsapp Media ContentProvider URIs used for opening attachments in other apps were generated sequentially prior to WhatsApp for Android v2.20.185, which could have allowed a malicious third party app chosen to open the file to guess the URIs for previously opened attachments until the opener app is terminated. | 3.3 |
| 2020-10-06 | CVE-2020-25743 | NULL Pointer Dereference vulnerability in multiple products hw/ide/pci.c in QEMU before 5.1.1 can trigger a NULL pointer dereference because it lacks a pointer check before an ide_cancel_dma_sync call. | 3.2 |
| 2020-10-06 | CVE-2020-25742 | NULL Pointer Dereference vulnerability in Qemu pci_change_irq_level in hw/pci/pci.c in QEMU before 5.1.1 has a NULL pointer dereference because pci_get_bus() might not return a valid pointer. | 3.2 |