Vulnerabilities > Low
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-10-01 | CVE-2019-17053 | Incorrect Default Permissions vulnerability in Linux Kernel ieee802154_create in net/ieee802154/socket.c in the AF_IEEE802154 network module in the Linux kernel through 5.3.2 does not enforce CAP_NET_RAW, which means that unprivileged users can create a raw socket, aka CID-e69dbd4619e7. | 3.3 |
| 2019-10-01 | CVE-2019-17052 | Incorrect Default Permissions vulnerability in multiple products ax25_create in net/ax25/af_ax25.c in the AF_AX25 network module in the Linux kernel 3.16 through 5.3.2 does not enforce CAP_NET_RAW, which means that unprivileged users can create a raw socket, aka CID-0614e2b73768. | 3.3 |
| 2019-10-01 | CVE-2019-10433 | Cleartext Storage of Sensitive Information vulnerability in Jenkins Dingding Jenkins Dingding[??] Plugin stores credentials unencrypted in job config.xml files on the Jenkins master where they can be viewed by users with Extended Read permission, or access to the master file system. | 3.3 |
| 2019-09-30 | CVE-2019-3729 | Out-of-bounds Write vulnerability in Dell Bsafe Micro-Edition-Suite RSA BSAFE Micro Edition Suite versions prior to 4.4 (in 4.0.x, 4.1.x, 4.2.x and 4.3.x) are vulnerable to a Heap-based Buffer Overflow vulnerability when parsing ECDSA signature. | 2.4 |
| 2019-09-30 | CVE-2019-4112 | Improper Privilege Management vulnerability in IBM Websphere Extreme Scale IBM WebSphere eXtreme Scale 8.6 Admin Console allows web pages to be stored locally which can be read by another user on the system. | 3.3 |
| 2019-09-27 | CVE-2019-9440 | Unspecified vulnerability in Google Android 10.0 In AOSP Email, there is a possible information disclosure due to a confused deputy. | 3.3 |
| 2019-09-27 | CVE-2019-9438 | Unspecified vulnerability in Google Android 10.0 In the Package Manager service, there is a possible information disclosure due to a confused deputy. | 3.3 |
| 2019-09-27 | CVE-2019-9377 | Missing Authorization vulnerability in Google Android 10.0 In FingerprintService, there is a possible bypass for operating system protections that isolate user profiles from each other due to a missing permission check. | 3.3 |
| 2019-09-27 | CVE-2019-9364 | Incorrect Authorization vulnerability in Google Android 10.0 In AudioService, there is a possible trigger of background user audio due to a permissions bypass. | 3.3 |
| 2019-09-27 | CVE-2019-9351 | Missing Authorization vulnerability in Google Android 10.0 In SyncStatusObserver, there is a possible bypass for operating system protections that isolate user profiles from each other due to a missing permission check. | 3.3 |