Vulnerabilities > Low
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-07-13 | CVE-2016-6542 | Improper Input Validation vulnerability in Ieasytec Itrackeasy The iTrack device tracking ID number, also called "LosserID" in the web API, can be obtained by being in the range of an iTrack device. | 3.7 |
| 2018-07-06 | CVE-2016-6539 | Information Exposure vulnerability in Thetrackr Trackr Firmware The Trackr device ID is constructed of a manufacturer identifier of four zeroes followed by the BLE MAC address in reverse. | 3.5 |
| 2018-07-02 | CVE-2017-17317 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Huawei products Common Open Policy Service Protocol (COPS) module in Huawei USG6300 V100R001C10; V100R001C20; V100R001C30; V500R001C00; V500R001C20; V500R001C30; V500R001C50; Secospace USG6500 V100R001C10; V100R001C20; V100R001C30; V500R001C00; V500R001C20; V500R001C30; V500R001C50; Secospace USG6600 V100R001C00; V100R001C20; V100R001C30; V500R001C00; V500R001C20; V500R001C30; V500R001C50; TE30 V100R001C02; V100R001C10; V500R002C00; V600R006C00; TE40 V500R002C00; V600R006C00; TE50 V500R002C00; V600R006C00; TE60 V100R001C01; V100R001C10; V500R002C00; V600R006C00 has a buffer overflow vulnerability. | 3.7 |
| 2018-07-02 | CVE-2018-13053 | Integer Overflow or Wraparound vulnerability in multiple products The alarm_timer_nsleep function in kernel/time/alarmtimer.c in the Linux kernel through 4.17.3 has an integer overflow via a large relative timeout because ktime_add_safe is not used. | 3.3 |
| 2018-06-20 | CVE-2018-12446 | Improper Authentication vulnerability in Dropbox 98.2.2 An issue was discovered in the com.dropbox.android application 98.2.2 for Android. | 3.6 |
| 2018-06-20 | CVE-2018-12445 | Improper Authentication vulnerability in Dropbox 98.2.2 An issue was discovered in the com.dropbox.android application 98.2.2 for Android. | 3.1 |
| 2018-06-13 | CVE-2018-3759 | Race Condition vulnerability in Private Address Check Project Private Address Check private_address_check ruby gem before 0.5.0 is vulnerable to a time-of-check time-of-use (TOCTOU) race condition due to the address the socket uses not being checked. | 3.7 |
| 2018-06-11 | CVE-2017-5387 | File and Directory Information Exposure vulnerability in Mozilla Firefox The existence of a specifically requested local file can be found due to the double firing of the "onerror" when the "source" attribute on a "<track>" tag refers to a file that does not exist if the source page is loaded locally. | 3.3 |
| 2018-06-11 | CVE-2016-9062 | Information Exposure vulnerability in Mozilla Firefox Private browsing mode leaves metadata information, such as URLs, for sites visited in "browser.db" and "browser.db-wal" files within the Firefox profile after the mode is exited. | 3.3 |
| 2018-06-08 | CVE-2018-4238 | Incorrect Permission Assignment for Critical Resource vulnerability in Apple Iphone OS An issue was discovered in certain Apple products. | 2.4 |