Vulnerabilities > Low

DATE CVE VULNERABILITY TITLE RISK
2021-03-12 CVE-2021-21726 Improper Input Validation vulnerability in ZTE products
Some ZTE products have an input verification vulnerability in the diagnostic function interface.
local
low complexity
zte CWE-20
2.3
2021-03-10 CVE-2021-20668 Path Traversal vulnerability in Weseek Growi
Path traversal vulnerability in GROWI versions v4.2.2 and earlier allows an attacker with administrator rights to read an arbitrary path via a specially crafted URL.
network
low complexity
weseek CWE-22
2.7
2021-03-09 CVE-2021-20263 Unspecified vulnerability in Qemu
A flaw was found in the virtio-fs shared file system daemon (virtiofsd) of QEMU.
local
low complexity
qemu
3.3
2021-03-09 CVE-2021-27584 Unspecified vulnerability in SAP 3D Visual Enterprise Viewer 9
When a user opens manipulated PhotoShop Document (.PSD) format files received from untrusted sources in SAP 3D Visual Enterprise Viewer version 9, the application crashes and becomes temporarily unavailable to the user until restart of the application.
local
low complexity
sap
3.3
2021-03-09 CVE-2021-21493 Unspecified vulnerability in SAP 3D Visual Enterprise Viewer 9
When a user opens manipulated Graphics Interchange Format (.GIF) format files received from untrusted sources in SAP 3D Visual Enterprise Viewer version 9, the application crashes and becomes temporarily unavailable to the user until restart of the application.
local
low complexity
sap
3.3
2021-03-04 CVE-2021-25348 Unspecified vulnerability in Samsung Internet
Improper permission grant check in Samsung Internet prior to version 13.0.1.60 allows access to files in internal storage without authorized STORAGE permission.
low complexity
samsung
2.4
2021-03-04 CVE-2021-25343 Improper Authentication vulnerability in Samsung Members 2.4.81.13/2.4.85.11
Calling of non-existent provider in Samsung Members prior to version 2.4.81.13 (in Android O(8.1) and below) and 3.8.00.13 (in Android P(9.0) and above) allows unauthorized actions including denial of service attack by hijacking the provider.
local
low complexity
samsung CWE-287
3.3
2021-03-04 CVE-2021-25342 Improper Authentication vulnerability in Samsung Members 2.4.81.13/2.4.85.11
Calling of non-existent provider in SMP sdk prior to version 3.0.9 allows unauthorized actions including denial of service attack by hijacking the provider.
local
low complexity
samsung CWE-287
3.3
2021-03-04 CVE-2021-25341 Improper Authentication vulnerability in Samsung S Assistant
Calling of non-existent provider in S Assistant prior to version 6.5.01.22 allows unauthorized actions including denial of service attack by hijacking the provider.
local
low complexity
samsung CWE-287
3.3
2021-03-04 CVE-2021-25340 Unspecified vulnerability in Google Android 10.0
Improper access control vulnerability in Samsung keyboard version prior to SMR Feb-2021 Release 1 allows physically proximate attackers to change in arbitrary settings during Initialization State.
low complexity
google
2.4