Vulnerabilities > Low

DATE CVE VULNERABILITY TITLE RISK
2020-03-12 CVE-2020-1739 A flaw was found in Ansible 2.7.16 and prior, 2.8.8 and prior, and 2.9.5 and prior when a password is set with the argument "password" of svn module, it is used on svn command line, disclosing to other users within the same node.
local
low complexity
redhat fedoraproject debian
3.9
2020-03-12 CVE-2020-0506 Improper Initialization vulnerability in Intel Graphics Driver
Improper initialization in Intel(R) Graphics Drivers before versions 15.40.44.5107, 15.45.29.5077, and 26.20.100.7000 may allow a privileged user to potentially enable a denial of service via local access.
local
low complexity
intel CWE-665
2.3
2020-03-12 CVE-2020-0884 Cleartext Transmission of Sensitive Information vulnerability in Microsoft Visual Studio 2017 and Visual Studio 2019
A spoofing vulnerability exists in Microsoft Visual Studio as it includes a reply URL that is not secured by SSL, aka 'Microsoft Visual Studio Spoofing Vulnerability'.
network
high complexity
microsoft CWE-319
3.7
2020-03-12 CVE-2020-10459 Path Traversal vulnerability in Chadhaajay PHPkb 9.0
Path Traversal in admin/assetmanager/assetmanager.php (vulnerable function saved in admin/assetmanager/functions.php) in Chadha PHPKB Standard Multi-Language 9 allows attackers to list the files that are stored on the webserver using a dot-dot-slash sequence (../) via the POST parameter inpCurrFolder.
network
low complexity
chadhaajay CWE-22
2.7
2020-03-12 CVE-2020-10457 Path Traversal vulnerability in Chadhaajay PHPkb 9.0
Path Traversal in admin/imagepaster/image-renaming.php in Chadha PHPKB Standard Multi-Language 9 allows attackers to rename any file on the webserver using a dot-dot-slash sequence (../) via the POST parameter imgName (for the new name) and imgUrl (for the current file to be renamed).
network
low complexity
chadhaajay CWE-22
2.7
2020-03-10 CVE-2020-6197 Insufficient Session Expiration vulnerability in SAP Enable NOW 10/1902
SAP Enable Now, before version 1908, does not invalidate session tokens in a timely manner.
local
low complexity
sap CWE-613
3.3
2020-03-10 CVE-2020-0047 Missing Authorization vulnerability in Google Android 10.0
In setMasterMute of AudioService.java, there is a missing permission check.
local
low complexity
google CWE-862
3.3
2020-03-10 CVE-2020-0029 Information Exposure vulnerability in Google Android 10.0
In the WifiConfigManager, there is a possible storage of location history which can only be deleted by triggering a factory reset.
local
low complexity
google CWE-200
2.3
2020-03-05 CVE-2019-20382 Memory Leak vulnerability in multiple products
QEMU 4.1.0 has a memory leak in zrle_compress_data in ui/vnc-enc-zrle.c during a VNC disconnect operation because libz is misused, resulting in a situation where memory allocated in deflateInit2 is not freed in deflateEnd.
3.5
2020-03-03 CVE-2020-4197 Insecure Storage of Sensitive Information vulnerability in IBM Tivoli Netcool/Omnibus 8.1.0
IBM Tivoli Netcool/OMNIbus_GUI 8.1.0 allows web pages to be stored locally which can be read by another user on the system.
low complexity
ibm CWE-922
2.4