Vulnerabilities > Low

DATE CVE VULNERABILITY TITLE RISK
2024-07-02 CVE-2024-31071 Type Confusion vulnerability in Openatom Openharmony
in OpenHarmony v4.0.0 and prior versions allow a local attacker cause apps crash through type confusion.
local
low complexity
openatom CWE-843
3.3
2024-07-02 CVE-2024-36278 Type Confusion vulnerability in Openatom Openharmony
in OpenHarmony v4.0.0 and prior versions allow a local attacker cause apps crash through type confusion.
local
low complexity
openatom CWE-843
3.3
2024-07-01 CVE-2024-36995 Missing Authorization vulnerability in Splunk and Splunk Cloud Platform
In Splunk Enterprise versions below 9.2.2, 9.1.5, and 9.0.10 and Splunk Cloud Platform versions below 9.1.2312.200 and 9.1.2308.207, a low-privileged user that does not hold the admin or power Splunk roles could create experimental items.
network
low complexity
splunk CWE-862
3.5
2024-06-30 CVE-2023-35022 Unspecified vulnerability in IBM Infosphere Information Server 11.7
IBM InfoSphere Information Server 11.7 could allow a local user to update projects that they do not have the authorization to access.
local
low complexity
ibm
3.3
2024-06-28 CVE-2022-38383 Unspecified vulnerability in IBM Cloud PAK for Security and Qradar Suite
IBM Cloud Pak for Security (CP4S) 1.10.0.0 through 1.10.11.0 and IBM QRadar Software Suite 1.10.12.0 through 1.10.21.0 allows web pages to be stored locally which can be read by another user on the system.
local
low complexity
ibm
3.3
2024-06-26 CVE-2024-28830 Information Exposure Through Log Files vulnerability in Checkmk
Insertion of Sensitive Information into Log File in Checkmk GmbH's Checkmk versions <2.3.0p7, <2.2.0p28, <2.1.0p45 and <=2.0.0p39 (EOL) causes automation user secrets to be written to audit log files accessible to administrators.
network
low complexity
checkmk CWE-532
2.7
2024-06-26 CVE-2024-37141 Unspecified vulnerability in Dell Data Domain Operating System
Dell PowerProtect DD, versions prior to 8.0, LTS 7.13.1.0, LTS 7.10.1.30, LTS 7.7.5.40 contain an open redirect vulnerability.
network
low complexity
dell
3.5
2024-06-26 CVE-2024-29177 Unspecified vulnerability in Dell Data Domain Operating System
Dell PowerProtect DD, versions prior to 8.0, LTS 7.13.1.0, LTS 7.10.1.30, LTS 7.7.5.40 contain a disclosure of temporary sensitive information vulnerability.
network
low complexity
dell
2.7
2024-06-25 CVE-2024-6299 Unspecified vulnerability in Conduit
Lack of consideration of key expiry when validating signatures in Conduit, allowing an attacker which has compromised an expired key to forge requests as the remote server, as well as PDUs with timestamps past the expiry date
network
high complexity
conduit
3.7
2024-06-24 CVE-2024-3121 OS Command Injection vulnerability in Lollms 5.9.0
A remote code execution vulnerability exists in the create_conda_env function of the parisneo/lollms repository, version 5.9.0.
local
low complexity
lollms CWE-78
3.3