Vulnerabilities > Low
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-01-11 | CVE-2020-24003 | Unspecified vulnerability in Microsoft Skype 8.59.0.77 Microsoft Skype through 8.59.0.77 on macOS has the disable-library-validation entitlement, which allows a local process (with the user's privileges) to obtain unprompted microphone and camera access by loading a crafted library and thereby inheriting Skype Client's microphone and camera access. | 3.3 |
| 2021-01-05 | CVE-2020-23250 | Use of a Broken or Risky Cryptographic Algorithm vulnerability in Gigamon Gigavue-Os GigaVUE-OS (GVOS) 5.4 - 5.9 uses a weak algorithm for a hash stored in internal database. | 2.3 |
| 2021-01-04 | CVE-2020-4919 | Unspecified vulnerability in IBM Cloud PAK System IBM Cloud Pak System 2.3 has insufficient logout controls which could allow an authenticated privileged user to impersonate another user on the system. | 3.8 |
| 2020-12-31 | CVE-2020-11947 | Out-of-bounds Read vulnerability in Qemu 4.1.0 iscsi_aio_ioctl_cb in block/iscsi.c in QEMU 4.1.0 has a heap-based buffer over-read that may disclose unrelated information from process memory to an attacker. | 3.8 |
| 2020-12-27 | CVE-2020-35448 | Out-of-bounds Read vulnerability in multiple products An issue was discovered in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.35.1. | 3.3 |
| 2020-12-24 | CVE-2020-2505 | Information Exposure Through an Error Message vulnerability in Qnap QES If exploited, this vulnerability could allow attackers to gain sensitive information via generation of error messages. | 2.3 |
| 2020-12-18 | CVE-2020-24693 | Unspecified vulnerability in Mitel Micontact Center Business The Ignite portal in Mitel MiContact Center Business before 9.3.0.0 could allow a local attacker to view system information due to insufficient output sanitization. | 3.3 |
| 2020-12-17 | CVE-2020-4846 | Information Exposure Through an Error Message vulnerability in IBM Security KEY Lifecycle Manager IBM Security Key Lifecycle Manager 3.0.1 and 4.0 could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned in the browser. | 2.7 |
| 2020-12-16 | CVE-2020-4906 | Insecure Storage of Sensitive Information vulnerability in IBM Financial Transaction Manager for Multiplatform 3.2.4 IBM Financial Transaction Manager for SWIFT Services for Multiplatforms 3.2.4 allows web pages to be stored locally which can be read by another user on the system. | 3.3 |
| 2020-12-16 | CVE-2020-4008 | Unspecified vulnerability in VMWare Carbon Black Cloud The installer of the macOS Sensor for VMware Carbon Black Cloud (prior to 3.5.1) handles certain files in an insecure way. | 3.6 |