Vulnerabilities > Low
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2021-02-24 | CVE-2021-27645 | Double Free vulnerability in multiple products The nameserver caching daemon (nscd) in the GNU C Library (aka glibc or libc6) 2.29 through 2.33, when processing a request for netgroup lookup, may crash due to a double-free, potentially resulting in degraded service or Denial of Service on the local system. | 2.5 |
2021-02-23 | CVE-2020-27768 | In ImageMagick, there is an outside the range of representable values of type 'unsigned int' at MagickCore/quantum-private.h. | 3.3 |
2021-02-16 | CVE-2021-23839 | Use of a Broken or Risky Cryptographic Algorithm vulnerability in multiple products OpenSSL 1.0.2 supports SSLv2. | 3.7 |
2021-02-16 | CVE-2020-29023 | Improper Encoding or Escaping of Output vulnerability in Secomea products Improper Encoding or Escaping of Output from CSV Report Generator of Secomea GateManager allows an authenticated administrator to generate a CSV file that may run arbitrary commands on a victim's computer when opened in a spreadsheet program (like Excel). | 3.5 |
2021-02-11 | CVE-2019-19004 | Integer Overflow or Wraparound vulnerability in multiple products A biWidth*biBitCnt integer overflow in input-bmp.c in autotrace 0.31.1 allows attackers to provide an unexpected input value to malloc via a malformed bitmap image. | 3.3 |
2021-02-11 | CVE-2020-1717 | Information Exposure Through an Error Message vulnerability in Redhat products A flaw was found in Keycloak 7.0.1. | 2.7 |
2021-02-11 | CVE-2020-10734 | Unspecified vulnerability in Redhat products A vulnerability was found in keycloak in the way that the OIDC logout endpoint does not have CSRF protection. | 3.3 |
2021-02-11 | CVE-2021-20402 | Information Exposure Through an Error Message vulnerability in IBM Security Verify Information Queue 1.0.6/1.0.7 IBM Security Verify Information Queue 1.0.6 and 1.0.7 could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned in the browser. | 2.7 |
2021-02-10 | CVE-2021-21296 | Unspecified vulnerability in Fleetdm Fleet Fleet is an open source osquery manager. | 2.7 |
2021-02-10 | CVE-2021-22133 | Information Exposure Through Log Files vulnerability in Elastic APM Agent The Elastic APM agent for Go versions before 1.11.0 can leak sensitive HTTP header information when logging the details during an application panic. | 2.4 |