Vulnerabilities > Low

DATE CVE VULNERABILITY TITLE RISK
2020-01-15 CVE-2020-2517 Unspecified vulnerability in Oracle Database Server
Vulnerability in the Database Gateway for ODBC component of Oracle Database Server.
network
high complexity
oracle
3.3
2020-01-15 CVE-2020-2516 Unspecified vulnerability in Oracle Database Server
Vulnerability in the Core RDBMS component of Oracle Database Server.
network
low complexity
oracle
2.4
2020-01-14 CVE-2019-3981 Unspecified vulnerability in Mikrotik Routeros and Winbox
MikroTik Winbox 3.20 and below is vulnerable to man in the middle attacks.
network
high complexity
mikrotik
3.7
2020-01-14 CVE-2020-6306 Missing Authorization vulnerability in SAP Leasing
Missing authorization check in a transaction within SAP Leasing (update provided in SAP_APPL 6.18, EA-APPL 6.0, 6.02, 6.03, 6.04, 6.05, 6.06, 6.16 and 6.17).
network
low complexity
sap CWE-862
2.7
2020-01-09 CVE-2010-3282 Cleartext Storage of Sensitive Information vulnerability in multiple products
389 Directory Server before 1.2.7.1 (aka Red Hat Directory Server 8.2) and HP-UX Directory Server before B.08.10.03, when audit logging is enabled, logs the Directory Manager password (nsslapd-rootpw) in cleartext when changing cn=config:nsslapd-rootpw, which might allow local users to obtain sensitive information by reading the log.
local
low complexity
hp redhat fedoraproject CWE-312
3.3
2020-01-09 CVE-2019-6331 Information Exposure vulnerability in HP Samsung Mobile Print
An issue was found in Samsung Mobile Print (Android) versions prior to 4.08.007.
local
low complexity
hp CWE-200
3.3
2020-01-08 CVE-2016-6586 Improper Input Validation vulnerability in Symantec Norton Mobile Security
A security bypass vulnerability exists in Symantec Norton Mobile Security for Android before 3.16, which could let a malicious user conduct a man-in-the-middle via specially crafted JavaScript to add arbitrary URLs to the URL whitelist.
network
high complexity
symantec CWE-20
3.7
2020-01-07 CVE-2019-14834 A vulnerability was found in dnsmasq before version 2.81, where the memory leak allows remote attackers to cause a denial of service (memory consumption) via vectors involving DHCP response creation.
network
high complexity
thekelleys fedoraproject
3.7
2019-12-29 CVE-2019-20057 Insufficient Verification of Data Authenticity vulnerability in Proxyman
com.proxyman.NSProxy.HelperTool in Privileged Helper Tool in Proxyman for macOS 1.11.0 and earlier allows an attacker to change the System Proxy and redirect all traffic to an attacker-controlled computer, enabling MITM attacks.
network
high complexity
proxyman CWE-345
3.7
2019-12-23 CVE-2019-6679 Link Following vulnerability in F5 products
On BIG-IP versions 15.0.0-15.0.1, 14.1.0.2-14.1.2.2, 14.0.0.5-14.0.1, 13.1.1.5-13.1.3.1, 12.1.4.1-12.1.5, 11.6.4-11.6.5, and 11.5.9-11.5.10, the access controls implemented by scp.whitelist and scp.blacklist are not properly enforced for paths that are symlinks.
local
low complexity
f5 CWE-59
3.3