Vulnerabilities > Low
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-11-14 | CVE-2019-15332 | Improper Privilege Management vulnerability in Lavamobiles Z61 Firmware The Lava Z61 Android device with a build fingerprint of LAVA/Z61_2GB/Z61_2GB:8.1.0/O11019/1533889281:user/release-keys contains a pre-installed app with a package name of com.android.lava.powersave app (versionCode=400, versionName=v4.0.27) that allows any app co-located on the device to programmatically disable and enable Wi-Fi without the corresponding access permission through an exported interface. | 3.3 |
| 2019-11-14 | CVE-2012-1160 | Incorrect Permission Assignment for Critical Resource vulnerability in multiple products Moodle before 2.2.2 has a permission issue in Forum Subscriptions where unenrolled users can subscribe/unsubscribe via mod/forum/index.php | 2.7 |
| 2019-11-13 | CVE-2019-5292 | Unspecified vulnerability in Huawei products Honor 10 Lite, Honor 8A, Huawei Y6 mobile phones with the versions before 9.1.0.217(C00E215R3P1), the versions before 9.1.0.205(C00E97R1P9), the versions before 9.1.0.205(C00E97R2P2) have an information leak vulnerability. | 3.3 |
| 2019-11-12 | CVE-2019-5213 | Improper Authentication vulnerability in Huawei Honor Play Firmware 9.1.0.333(C00E333R1P1T8)/Cornellal00A9.0.0.156(C00E156R1P13T8) Honor play smartphones with versions earlier than Cornell-AL00A 9.1.0.321(C00E320R1P1T8) have an insufficient authentication vulnerability. | 2.4 |
| 2019-11-12 | CVE-2019-1418 | Information Exposure vulnerability in Microsoft products An information vulnerability exists when Windows Modules Installer Service improperly discloses file information, aka 'Windows Modules Installer Service Information Disclosure Vulnerability'. | 3.3 |
| 2019-11-09 | CVE-2009-3614 | Improper Input Validation vulnerability in multiple products liboping 1.3.2 allows users reading arbitrary files upon the local system. | 3.3 |
| 2019-11-09 | CVE-2009-3552 | Improper Certificate Validation vulnerability in Redhat Enterprise Virtualization Manager 2.2 In RHEV-M VDC 2.2.0, it was found that the SSL certificate was not verified when using the client-side Red Hat Enterprise Virtualization Manager interface (a Windows Presentation Foundation (WPF) XAML browser application) to connect to the Red Hat Enterprise Virtualization Manager. | 3.1 |
| 2019-11-06 | CVE-2019-5642 | Incorrect Permission Assignment for Critical Resource vulnerability in Rapid7 Metasploit 4.15.0/4.15.1/4.16.0 Rapid7 Metasploit Pro version 4.16.0-2019081901 and prior suffers from an instance of CWE-732, wherein the unique server.key is written to the file system during installation with world-readable permissions. | 3.3 |
| 2019-11-06 | CVE-2019-6122 | Information Exposure Through an Error Message vulnerability in Nicehash Miner A Username Enumeration via Error Message issue was discovered in NiceHash Miner before 2.0.3.0 because an "EMAIL DOES NOT EXIST" error message occurs whenever a submitted email address is incorrect, but there is a different error message for invalid credentials with a correct email address. | 3.1 |
| 2019-11-06 | CVE-2019-6121 | Missing Authorization vulnerability in Nicehash Miner An issue was discovered in NiceHash Miner before 2.0.3.0. | 3.7 |