Vulnerabilities > Low
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-03-16 | CVE-2020-1738 | Argument Injection or Modification vulnerability in Redhat products A flaw was found in Ansible Engine when the module package or service is used and the parameter 'use' is not specified. | 3.9 |
| 2020-03-16 | CVE-2020-1736 | Incorrect Permission Assignment for Critical Resource vulnerability in multiple products A flaw was found in Ansible Engine when a file is moved using atomic_move primitive as the file mode cannot be specified. | 3.3 |
| 2020-03-12 | CVE-2020-1739 | A flaw was found in Ansible 2.7.16 and prior, 2.8.8 and prior, and 2.9.5 and prior when a password is set with the argument "password" of svn module, it is used on svn command line, disclosing to other users within the same node. | 3.9 |
| 2020-03-12 | CVE-2020-0506 | Improper Initialization vulnerability in Intel Graphics Driver Improper initialization in Intel(R) Graphics Drivers before versions 15.40.44.5107, 15.45.29.5077, and 26.20.100.7000 may allow a privileged user to potentially enable a denial of service via local access. | 2.3 |
| 2020-03-12 | CVE-2020-0884 | Cleartext Transmission of Sensitive Information vulnerability in Microsoft Visual Studio 2017 and Visual Studio 2019 A spoofing vulnerability exists in Microsoft Visual Studio as it includes a reply URL that is not secured by SSL, aka 'Microsoft Visual Studio Spoofing Vulnerability'. | 3.7 |
| 2020-03-12 | CVE-2020-10459 | Path Traversal vulnerability in Chadhaajay PHPkb 9.0 Path Traversal in admin/assetmanager/assetmanager.php (vulnerable function saved in admin/assetmanager/functions.php) in Chadha PHPKB Standard Multi-Language 9 allows attackers to list the files that are stored on the webserver using a dot-dot-slash sequence (../) via the POST parameter inpCurrFolder. | 2.7 |
| 2020-03-12 | CVE-2020-10457 | Path Traversal vulnerability in Chadhaajay PHPkb 9.0 Path Traversal in admin/imagepaster/image-renaming.php in Chadha PHPKB Standard Multi-Language 9 allows attackers to rename any file on the webserver using a dot-dot-slash sequence (../) via the POST parameter imgName (for the new name) and imgUrl (for the current file to be renamed). | 2.7 |
| 2020-03-10 | CVE-2020-6197 | Insufficient Session Expiration vulnerability in SAP Enable NOW 10/1902 SAP Enable Now, before version 1908, does not invalidate session tokens in a timely manner. | 3.3 |
| 2020-03-10 | CVE-2020-0047 | Missing Authorization vulnerability in Google Android 10.0 In setMasterMute of AudioService.java, there is a missing permission check. | 3.3 |
| 2020-03-10 | CVE-2020-0029 | Information Exposure vulnerability in Google Android 10.0 In the WifiConfigManager, there is a possible storage of location history which can only be deleted by triggering a factory reset. | 2.3 |