Vulnerabilities > Low

DATE CVE VULNERABILITY TITLE RISK
2020-04-27 CVE-2020-9488 Improper Certificate Validation vulnerability in multiple products
Improper validation of certificate with host mismatch in Apache Log4j SMTP appender.
network
high complexity
apache oracle debian qos CWE-295
3.7
2020-04-27 CVE-2020-1807 Unspecified vulnerability in Huawei Mate 20 Firmware
HUAWEI Mate 20 smartphones with versions earlier than 10.0.0.188(C00E74R3P8) have an improper authorization vulnerability.
low complexity
huawei
3.5
2020-04-27 CVE-2020-11810 Race Condition vulnerability in multiple products
An issue was discovered in OpenVPN 2.4.x before 2.4.9.
network
high complexity
openvpn debian fedoraproject CWE-362
3.7
2020-04-24 CVE-2020-6824 Session Fixation vulnerability in Mozilla Firefox
Initially, a user opens a Private Browsing Window and generates a password for a site, then closes the Private Browsing Window but leaves Firefox open.
local
low complexity
mozilla CWE-384
2.8
2020-04-22 CVE-2020-10905 Out-of-bounds Read vulnerability in Foxitsoftware Phantompdf
This vulnerability allows remote attackers to disclose sensitive information on affected installations of Foxit PhantomPDF 9.7.1.29511.
local
low complexity
foxitsoftware CWE-125
3.3
2020-04-22 CVE-2020-10903 Out-of-bounds Read vulnerability in Foxitsoftware Phantompdf
This vulnerability allows remote attackers to disclose sensitive information on affected installations of Foxit PhantomPDF 9.7.1.29511.
local
low complexity
foxitsoftware CWE-125
3.3
2020-04-22 CVE-2020-10901 Out-of-bounds Read vulnerability in Foxitsoftware Phantompdf
This vulnerability allows remote attackers to disclose sensitive information on affected installations of Foxit PhantomPDF 9.7.1.29511.
local
low complexity
foxitsoftware CWE-125
3.3
2020-04-22 CVE-2020-10894 Out-of-bounds Read vulnerability in Foxitsoftware Phantompdf
This vulnerability allows remote attackers to disclose sensitive information on affected installations of Foxit PhantomPDF 9.7.1.29511.
local
low complexity
foxitsoftware CWE-125
3.3
2020-04-22 CVE-2020-11692 Incorrect Default Permissions vulnerability in Jetbrains Youtrack
In JetBrains YouTrack before 2020.1.659, DB export was accessible to read-only administrators.
network
low complexity
jetbrains CWE-276
2.7
2020-04-22 CVE-2020-11686 Unspecified vulnerability in Jetbrains Teamcity
In JetBrains TeamCity before 2019.1.4, a project administrator was able to retrieve some TeamCity server settings.
network
low complexity
jetbrains
2.7