Vulnerabilities > Low
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-06-18 | CVE-2019-13033 | Information Exposure vulnerability in multiple products In CISOfy Lynis 2.x through 2.7.5, the license key can be obtained by looking at the process list when a data upload is being performed. | 3.3 |
| 2020-06-17 | CVE-2020-6752 | Incorrect Authorization vulnerability in Openmicroscopy Omero In OMERO before 5.6.1, group owners can access members' data in other groups. | 3.8 |
| 2020-06-15 | CVE-2017-18869 | Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability in Chownr Project Chownr A TOCTOU issue in the chownr package before 1.1.0 for Node.js 10.10 could allow a local attacker to trick it into descending into unintended directories via symlink attacks. | 2.5 |
| 2020-06-12 | CVE-2020-4050 | In affected versions of WordPress, misuse of the `set-screen-option` filter's return value allows arbitrary user meta fields to be saved. | 3.1 |
| 2020-06-12 | CVE-2020-4049 | In affected versions of WordPress, when uploading themes, the name of the theme folder can be crafted in a way that could lead to JavaScript execution in /wp-admin on the themes page. | 2.4 |
| 2020-06-12 | CVE-2020-3930 | Information Exposure Through Log Files vulnerability in Geovision Gv-Gf192X Firmware 1.10 GeoVision Door Access Control device family improperly stores and controls access to system logs, any users can read these logs. | 3.3 |
| 2020-06-09 | CVE-2020-9848 | Unspecified vulnerability in Apple Iphone OS An authorization issue was addressed with improved state management. low complexity apple | 2.4 |
| 2020-06-04 | CVE-2020-13838 | Missing Authentication for Critical Function vulnerability in Google Android 10.0/9.0 An issue was discovered on Samsung mobile devices with P(9.0) and Q(10.0) software. | 3.5 |
| 2020-06-04 | CVE-2020-13837 | Missing Authentication for Critical Function vulnerability in Google Android 10.0 An issue was discovered on Samsung mobile devices with Q(10.0) software. | 3.5 |
| 2020-06-03 | CVE-2020-5297 | Externally Controlled Reference to a Resource in Another Sphere vulnerability in Octobercms October In OctoberCMS (october/october composer package) versions from 1.0.319 and before 1.0.466, an attacker can exploit this vulnerability to upload jpg, jpeg, bmp, png, webp, gif, ico, css, js, woff, woff2, svg, ttf, eot, json, md, less, sass, scss, xml files to any directory of an October CMS server. | 2.7 |