Vulnerabilities > Low

DATE CVE VULNERABILITY TITLE RISK
2019-11-05 CVE-2016-4983 Incorrect Permission Assignment for Critical Resource vulnerability in multiple products
A postinstall script in the dovecot rpm allows local users to read the contents of newly created SSL/TLS key files.
local
low complexity
dovecot opensuse redhat CWE-732
3.3
3.3
2019-11-05 CVE-2016-1000002 Information Exposure vulnerability in multiple products
gdm3 3.14.2 and possibly later has an information leak before screen lock 		2.4
2.4
2019-10-31 CVE-2013-1945 Inclusion of Functionality from Untrusted Control Sphere vulnerability in Ruby-Lang Ruby193
ruby193 uses an insecure LD_LIBRARY_PATH setting.
local
low complexity
ruby-lang CWE-829
3.3
3.3
2019-10-29 CVE-2019-10209 Out-of-bounds Read vulnerability in Postgresql
Postgresql, versions 11.x before 11.5, is vulnerable to a memory disclosure in cross-type comparison for hashed subplan.
network
high complexity
postgresql CWE-125
2.2
2.2
2019-10-25 CVE-2019-4395 Unspecified vulnerability in IBM Cloud Orchestrator
IBM Cloud Orchestrator 2.4 through 2.4.0.5 and 2.5 through 2.5.0.9 could allow a local user to obtain sensitive information from temporary script files.
local
low complexity
ibm
3.3
3.3
2019-10-25 CVE-2019-4394 Unspecified vulnerability in IBM Cloud Orchestrator
IBM Cloud Orchestrator 2.4 through 2.4.0.5 and 2.5 through 2.5.0.9 contain APIs that could be used by a local user to send email.
local
low complexity
ibm
2.3
2.3
2019-10-24 CVE-2019-4398 Files or Directories Accessible to External Parties vulnerability in IBM Cloud Orchestrator and Cloud Orchestrator Enterprise
IBM Cloud Orchestrator and IBM Cloud Orchestrator Enterprise 2.5 through 2.5.0.9 and 2.4 through 2.4.0.5 could allow a local user to obtain sensitive information from SessionManagement cookies.
local
low complexity
ibm CWE-552
3.3
3.3
2019-10-22 CVE-2017-8087 Information Exposure vulnerability in AVM Fritz!Os 6.80/6.83
Information Leakage in PPPoE Packet Padding in AVM Fritz!Box 7490 with Firmware versions Fritz!OS 6.80 and 6.83 allows physically proximate attackers to view slices of previously transmitted packets or portions of memory via via unspecified vectors.
low complexity
avm CWE-200
2.4
2.4
2019-10-16 CVE-2019-3008 Unspecified vulnerability in Oracle Solaris 11
Vulnerability in the Oracle Solaris product of Oracle Systems (component: LDAP Library).
local
high complexity
oracle
1.8
1.8
2019-10-16 CVE-2019-2992 Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: 2D).
network
high complexity
oracle redhat netapp debian canonical opensuse
3.7
3.7