Vulnerabilities > Low

DATE CVE VULNERABILITY TITLE RISK
2024-02-09 CVE-2024-23319 Cross-Site Request Forgery (CSRF) vulnerability in Mattermost Server 5.23.0
Mattermost Jira Plugin fails to protect against logout CSRF allowing an attacker to post a specially crafted message that would disconnect a user's Jira connection in Mattermost only by viewing the message.
network
low complexity
mattermost CWE-352
3.5
2024-02-07 CVE-2024-0628 Server-Side Request Forgery (SSRF) vulnerability in Wprssaggregator WP RSS Aggregator
The WP RSS Aggregator plugin for WordPress is vulnerable to Server-Side Request Forgery in all versions up to, and including, 4.23.5 via the RSS feed source in admin settings.
network
low complexity
wprssaggregator CWE-918
3.8
2024-02-06 CVE-2024-1048 Incomplete Cleanup vulnerability in multiple products
A flaw was found in the grub2-set-bootflag utility of grub2.
local
low complexity
gnu redhat fedoraproject CWE-459
3.3
2024-02-06 CVE-2024-20810 Improper Restriction of Rendered UI Layers or Frames vulnerability in Samsung Android 12.0/13.0
Implicit intent hijacking vulnerability in Smart Suggestions prior to SMR Feb-2024 Release 1 allows attackers to get sensitive information.
local
low complexity
samsung CWE-1021
3.3
2024-02-06 CVE-2024-20811 Unspecified vulnerability in Samsung Android 11.0/12.0
Improper caller verification in GameOptimizer prior to SMR Feb-2024 Release 1 allows local attackers to configure GameOptimizer.
local
low complexity
samsung
3.3
2024-02-02 CVE-2024-23824 Unspecified vulnerability in Mailcow Mailcow: Dockerized
mailcow is a dockerized email package, with multiple containers linked in one bridged network.
network
low complexity
mailcow
2.7
2024-01-30 CVE-2024-21671 Information Exposure Through Discrepancy vulnerability in Vantage6
The vantage6 technology enables to manage and deploy privacy enhancing technologies like Federated Learning (FL) and Multi-Party Computation (MPC).
network
high complexity
vantage6 CWE-203
3.7
2024-01-28 CVE-2024-23743 Unspecified vulnerability in Notion 3.1.0
Notion through 3.1.0 on macOS might allow code execution because of RunAsNode and enableNodeClilnspectArguments.
local
low complexity
notion
3.3
2024-01-26 CVE-2024-21336 Unspecified vulnerability in Microsoft Edge Chromium
Microsoft Edge (Chromium-based) Spoofing Vulnerability
local
high complexity
microsoft
2.5
2024-01-26 CVE-2024-21383 Unspecified vulnerability in Microsoft Edge Chromium
Microsoft Edge (Chromium-based) Spoofing Vulnerability
local
low complexity
microsoft
3.3