Vulnerabilities > Low
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-06-04 | CVE-2019-5296 | Out-of-bounds Read vulnerability in Huawei Mate20 Firmware Mate20 Huawei smartphones versions earlier than HMA-AL00C00B175 have an out-of-bounds read vulnerability. | 3.9 |
| 2019-05-28 | CVE-2019-5435 | Integer Overflow or Wraparound vulnerability in Haxx Curl An integer overflow in curl's URL API results in a buffer overflow in libcurl 7.62.0 to and including 7.64.1. | 3.7 |
| 2019-05-22 | CVE-2018-1991 | Information Exposure vulnerability in IBM API Connect IBM API Connect 5.0.0.0, and 5.0.8.6 could could return sensitive information that could provide critical information as to the underlying software stack in CMC UI headers. | 2.7 |
| 2019-05-20 | CVE-2018-2005 | Information Exposure vulnerability in IBM Bigfix Platform IBM BigFix Platform 9.2 and 9.5 stores potentially sensitive information in process memory that could be read by a local attacker with elevated permissions. | 3.3 |
| 2019-05-10 | CVE-2019-11884 | The do_hidp_sock_ioctl function in net/bluetooth/hidp/sock.c in the Linux kernel before 5.0.15 allows a local user to obtain potentially sensitive information from kernel stack memory via a HIDPCONNADD command, because a name field may not end with a '\0' character. | 3.3 |
| 2019-05-07 | CVE-2019-4207 | Unspecified vulnerability in IBM Tririga Application Platform 3.5.3.0/3.6.0.0 IBM TRIRIGA Application Platform 3.5.3 and 3.6.0 may disclose sensitive information only available to a local user that could be used in further attacks against the system. | 3.3 |
| 2019-05-07 | CVE-2019-11808 | Use of Cryptographically Weak Pseudo-Random Number Generator (PRNG) vulnerability in Ratpack Project Ratpack Ratpack versions before 1.6.1 generate a session ID using a cryptographically weak PRNG in the JDK's ThreadLocalRandom. | 3.7 |
| 2019-04-25 | CVE-2019-4146 | Unspecified vulnerability in IBM Sterling B2B Integrator 6.0.0.0/6.0.0.1 IBM Sterling B2B Integrator Standard Edition 6.0.0.0 and 6.0.0.1 could allow an authenticated user to obtain sensitive document information under unusual circumstances. | 3.1 |
| 2019-04-24 | CVE-2019-3868 | Information Exposure vulnerability in Redhat Keycloak Keycloak up to version 6.0.0 allows the end user token (access or id token JWT) to be used as the session cookie for browser sessions for OIDC. | 3.8 |
| 2019-04-23 | CVE-2019-2720 | Unspecified vulnerability in Oracle Data Integrator 11.1.1.9.0/12.2.1.3.0 Vulnerability in the Oracle Data Integrator component of Oracle Fusion Middleware (subcomponent: ODI Tools). | 3.1 |