Vulnerabilities > Low
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-06-04 | CVE-2016-1000346 | Key Management Errors vulnerability in multiple products In the Bouncy Castle JCE Provider version 1.55 and earlier the other party DH public key is not fully validated. | 3.7 |
| 2018-05-31 | CVE-2016-10538 | Race Condition vulnerability in multiple products The package `node-cli` before 1.0.0 insecurely uses the lock_file and log_file. | 3.5 |
| 2018-05-30 | CVE-2018-11567 | Session Fixation vulnerability in Amazon products Prior to 2018-04-27, the reprompt feature in Amazon Echo devices could be misused by a custom Alexa skill. | 3.3 |
| 2018-05-29 | CVE-2018-1369 | Information Exposure vulnerability in IBM Security Guardium BIG Data Intelligence 3.1 IBM Security Guardium Big Data Intelligence (SonarG) 3.1 stores sensitive information in URL parameters. | 3.7 |
| 2018-05-25 | CVE-2018-8864 | Missing Encryption of Sensitive Data vulnerability in Atisystem products In ATI Systems Emergency Mass Notification Systems (HPSS16, HPSS32, MHPSS, and ALERT4000) devices, a missing encryption of sensitive data vulnerability caused by specially crafted malicious radio transmissions may allow an attacker to remotely trigger false alarms. | 3.1 |
| 2018-05-25 | CVE-2018-8862 | Improper Authentication vulnerability in Atisystem products In ATI Systems Emergency Mass Notification Systems (HPSS16, HPSS32, MHPSS, and ALERT4000) devices, an improper authentication vulnerability caused by specially crafted malicious radio transmissions may allow an attacker to remotely trigger false alarms. | 3.1 |
| 2018-05-25 | CVE-2018-6674 | Missing Encryption of Sensitive Data vulnerability in Mcafee Virusscan Enterprise 8.8.0 Privilege Escalation vulnerability in Microsoft Windows client (McTray.exe) in McAfee VirusScan Enterprise (VSE) 8.8 prior to Patch 13 allows local users to spawn unrelated processes with elevated privileges via the system administrator granting McTray.exe elevated privileges (by default it runs with the current user's privileges). | 3.9 |
| 2018-05-18 | CVE-2017-9635 | Inadequate Encryption Strength vulnerability in Schneider-Electric Ampla Manufacturing Execution System 6.4 Schneider Electric Ampla MES 6.4 provides capability to configure users and their privileges. | 3.9 |
| 2018-05-15 | CVE-2017-2603 | Information Exposure vulnerability in Jenkins Jenkins before versions 2.44, 2.32.2 is vulnerable to a user data leak in disconnected agents' config.xml API. | 3.5 |
| 2018-05-10 | CVE-2018-6254 | Out-of-bounds Read vulnerability in Google Android In Android before the 2018-05-05 security patch level, NVIDIA Media Server contains an out-of-bounds read (due to improper input validation) vulnerability which could lead to local information disclosure. | 3.3 |