Vulnerabilities > Low

DATE CVE VULNERABILITY TITLE RISK
2020-03-12 CVE-2020-10457 Path Traversal vulnerability in Chadhaajay PHPkb 9.0
Path Traversal in admin/imagepaster/image-renaming.php in Chadha PHPKB Standard Multi-Language 9 allows attackers to rename any file on the webserver using a dot-dot-slash sequence (../) via the POST parameter imgName (for the new name) and imgUrl (for the current file to be renamed).
network
low complexity
chadhaajay CWE-22
2.7
2.7
2020-03-10 CVE-2020-6197 Insufficient Session Expiration vulnerability in SAP Enable NOW 10/1902
SAP Enable Now, before version 1908, does not invalidate session tokens in a timely manner.
local
low complexity
sap CWE-613
3.3
3.3
2020-03-10 CVE-2020-0047 Missing Authorization vulnerability in Google Android 10.0
In setMasterMute of AudioService.java, there is a missing permission check.
local
low complexity
google CWE-862
3.3
3.3
2020-03-10 CVE-2020-0029 Information Exposure vulnerability in Google Android 10.0
In the WifiConfigManager, there is a possible storage of location history which can only be deleted by triggering a factory reset.
local
low complexity
google CWE-200
2.3
2.3
2020-03-05 CVE-2019-20382 Memory Leak vulnerability in multiple products
QEMU 4.1.0 has a memory leak in zrle_compress_data in ui/vnc-enc-zrle.c during a VNC disconnect operation because libz is misused, resulting in a situation where memory allocated in deflateInit2 is not freed in deflateEnd. 		3.5
3.5
2020-03-03 CVE-2020-4197 Insecure Storage of Sensitive Information vulnerability in IBM Tivoli Netcool/Omnibus 8.1.0
IBM Tivoli Netcool/OMNIbus_GUI 8.1.0 allows web pages to be stored locally which can be read by another user on the system.
low complexity
ibm CWE-922
2.4
2.4
2020-03-02 CVE-2020-8013 A UNIX Symbolic Link (Symlink) Following vulnerability in chkstat of SUSE Linux Enterprise Server 12, SUSE Linux Enterprise Server 15, SUSE Linux Enterprise Server 11 set permissions intended for specific binaries on other binaries because it erroneously followed symlinks.
local
high complexity
suse opensuse
2.5
2.5
2020-02-27 CVE-2020-3873 Unspecified vulnerability in Apple Iphone OS
This issue was addressed with improved setting propagation.
local
low complexity
apple
3.3
3.3
2020-02-27 CVE-2020-3859 Unspecified vulnerability in Apple Iphone OS
An inconsistent user interface issue was addressed with improved state management.
low complexity
apple
2.4
2.4
2020-02-27 CVE-2020-3844 Unspecified vulnerability in Apple Iphone OS
This issue was addressed with improved checks.
local
low complexity
apple
3.3
3.3