Vulnerabilities > Low
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-09-27 | CVE-2019-9292 | Unspecified vulnerability in Google Android 10.0 In the Activity Manager service, there is a possible information disclosure due to a confused deputy. | 3.3 |
| 2019-09-27 | CVE-2019-9280 | Unspecified vulnerability in Google Android 10.0 In keyguard, there is a possible escalation of privilege due to improper permission checks. | 3.3 |
| 2019-09-27 | CVE-2019-9277 | Information Exposure Through Log Files vulnerability in Google Android 10.0 In the proc filesystem, there is a possible information disclosure due to log information disclosure. | 3.3 |
| 2019-09-27 | CVE-2018-9581 | Information Exposure vulnerability in Google Android 10.0 In WiFi, the RSSI value and SSID information is broadcast as part of android.net.wifi.RSSI_CHANGE and android.net.wifi.STATE_CHANGE intents. | 3.3 |
| 2019-09-27 | CVE-2019-11743 | Information Exposure Through Discrepancy vulnerability in Mozilla Firefox Navigation events were not fully adhering to the W3C's "Navigation-Timing Level 2" draft specification in some instances for the unload event, which restricts access to detailed timing attributes to only be same-origin. | 3.7 |
| 2019-09-26 | CVE-2019-12617 | Unspecified vulnerability in Silverstripe In SilverStripe through 4.3.3, there is access escalation for CMS users with limited access through permission cache pollution. | 2.7 |
| 2019-09-24 | CVE-2019-12068 | Infinite Loop vulnerability in multiple products In QEMU 1:4.1-1, 1:2.1+dfsg-12+deb8u6, 1:2.8+dfsg-6+deb9u8, 1:3.1+dfsg-8~deb10u1, 1:3.1+dfsg-8+deb10u2, and 1:2.1+dfsg-12+deb8u12 (fixed), when executing script in lsi_execute_script(), the LSI scsi adapter emulator advances 's->dsp' index to read next opcode. | 3.8 |
| 2019-09-17 | CVE-2019-4271 | Improper Input Validation vulnerability in IBM Websphere Application Server IBM WebSphere Application Server 7.0, 8.0, 8.5, and 9.0 Admin console is vulnerable to a Client-side HTTP parameter pollution vulnerability. | 3.5 |
| 2019-09-17 | CVE-2019-4171 | Missing Encryption of Sensitive Data vulnerability in IBM Cognos Controller IBM Cognos Controller 10.3.0, 10.3.1, 10.4.0, and 10.4.1 does not set the secure attribute on authorization tokens or session cookies. | 3.7 |
| 2019-09-13 | CVE-2019-13922 | Missing Encryption of Sensitive Data vulnerability in Siemens Sinema Remote Connect Server A vulnerability has been identified in SINEMA Remote Connect Server (All versions < V2.0 SP1). | 2.7 |