Vulnerabilities > Low

DATE CVE VULNERABILITY TITLE RISK
2019-12-18 CVE-2019-8566 Improper Input Validation vulnerability in Apple Iphone OS
An API issue existed in the handling of microphone data.
local
low complexity
apple CWE-20
3.3
2019-12-18 CVE-2019-8548 Incomplete Cleanup vulnerability in Apple Watchos
An issue existed where partially entered passcodes may not clear when the device went to sleep.
low complexity
apple CWE-459
2.4
2019-12-18 CVE-2019-8541 Unspecified vulnerability in Apple Iphone OS
A privacy issue existed in motion sensor calibration.
local
low complexity
apple
3.3
2019-12-18 CVE-2019-8502 Improper Input Validation vulnerability in Apple products
An API issue existed in the handling of dictation requests.
local
low complexity
apple CWE-20
3.3
2019-12-14 CVE-2019-5252 Improper Authentication vulnerability in Huawei products
There is an improper authentication vulnerability in Huawei smartphones (Y9, Honor 8X, Honor 9 Lite, Honor 9i, Y6 Pro).
low complexity
huawei CWE-287
3.5
2019-12-10 CVE-2019-1488 Unspecified vulnerability in Microsoft products
A security feature bypass vulnerability exists when Microsoft Defender improperly handles specific buffers, aka 'Microsoft Defender Security Feature Bypass Vulnerability'.
local
low complexity
microsoft
3.3
2019-12-10 CVE-2019-13762 Improper Locking vulnerability in multiple products
Insufficient policy enforcement in downloads in Google Chrome on Windows prior to 79.0.3945.79 allowed a local attacker to spoof downloaded files via local code.
local
low complexity
google debian fedoraproject redhat CWE-667
3.3
2019-12-06 CVE-2012-2148 Improper Privilege Management vulnerability in Redhat products
An issue exists in the property replacements feature in any descriptor in JBoxx AS 7.1.1 ignores java security policies
local
low complexity
redhat CWE-269
3.3
2019-12-06 CVE-2019-19620 Improper Preservation of Permissions vulnerability in Dell RED Cloak Windows Agent
In SecureWorks Red Cloak Windows Agent before 2.0.7.9, a local user can bypass the generation of telemetry alerts by removing NT AUTHORITY\SYSTEM permissions from a file.
local
low complexity
dell CWE-281
3.3
2019-12-05 CVE-2018-1002102 Open Redirect vulnerability in multiple products
Improper validation of URL redirection in the Kubernetes API server in versions prior to v1.14.0 allows an attacker-controlled Kubelet to redirect API server requests from streaming endpoints to arbitrary hosts.
network
high complexity
kubernetes fedoraproject CWE-601
2.6