Vulnerabilities > Low
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-09-13 | CVE-2018-8366 | Information Exposure vulnerability in Microsoft Edge An information disclosure vulnerability exists when the Microsoft Edge Fetch API incorrectly handles a filtered response type, aka "Microsoft Edge Information Disclosure Vulnerability." This affects Microsoft Edge. | 3.1 |
| 2018-09-07 | CVE-2018-0660 | Path Traversal vulnerability in Hibara Attachecase Directory traversal vulnerability in ver.2.8.4.0 and earlier and ver.3.3.0.0 and earlier allows an attacker to create arbitrary files via specially crafted ATC file. | 3.3 |
| 2018-09-05 | CVE-2018-16252 | XXE vulnerability in Fspro Event LOG Explorer 4.6.1.2115 FsPro Labs Event Log Explorer 4.6.1.2115 has ".elx" FileType XML External Entity Injection. | 3.3 |
| 2018-09-04 | CVE-2018-7938 | Information Exposure vulnerability in Huawei P10 Firmware P10 Huawei smartphones with the versions before Victoria-AL00AC00B217 have an information leak vulnerability due to the lack of permission validation. | 3.3 |
| 2018-08-31 | CVE-2018-6259 | Information Exposure vulnerability in Nvidia Geforce Experience NVIDIA GeForce Experience all versions prior to 3.14.1 contains a potential vulnerability when GameStream is enabled, an attacker has system access, and certain system features are enabled, where limited information disclosure may be possible. | 2.5 |
| 2018-08-30 | CVE-2018-16237 | Path Traversal vulnerability in Damicms 6.0.1 An issue was discovered in damiCMS V6.0.1. | 2.7 |
| 2018-08-30 | CVE-2016-0234 | Insufficient Session Expiration vulnerability in IBM Openpages GRC Platform IBM OpenPages GRC Platform 7.1, 7.2, and 7.3 could allow a local user to obtain sensitive information when a previous user has logged out of the system but neglected to close their browser. | 3.3 |
| 2018-08-30 | CVE-2016-0205 | Information Exposure vulnerability in IBM Cloud Orchestrator A vulnerability has been identified in IBM Cloud Orchestrator 2.3, 2.3.0.1, 2.4, and 2.4.0.1 that could allow an attacker after authentication to enumerate valid users of the system. | 3.3 |
| 2018-08-28 | CVE-2014-6049 | Improper Authorization vulnerability in PHPmyfaq phpMyFAQ before 2.8.13 allows remote authenticated users with admin privileges to bypass authorization via a crafted instance ID parameter. | 2.7 |
| 2018-08-22 | CVE-2018-14799 | Use of Externally-Controlled Format String vulnerability in Philips products In Philips PageWriter TC10, TC20, TC30, TC50, TC70 Cardiographs, all versions prior to May 2018, the PageWriter device does not sanitize data entered by user. | 3.7 |