Vulnerabilities > Low
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2024-04-05 | CVE-2024-21848 | Improper Check for Dropped Privileges vulnerability in Mattermost Server Improper Access Control in Mattermost Server versions 8.1.x before 8.1.11 allows an attacker that is in a channel with an active call to keep participating in the call even if they are removed from the channel | 3.1 |
2024-04-05 | CVE-2024-29221 | Unspecified vulnerability in Mattermost Server Improper Access Control in Mattermost Server versions 9.5.x before 9.5.2, 9.4.x before 9.4.4, 9.3.x before 9.3.3, 8.1.x before 8.1.11 lacked proper access control in the `/api/v4/users/me/teams` endpoint allowing a team admin to get the invite ID of their team, thus allowing them to invite users, even if the "Add Members" permission was explicitly removed from team admins. | 3.8 |
2024-04-04 | CVE-2024-30261 | Undici is an HTTP/1.1 client, written from scratch for Node.js. | 3.5 |
2024-03-22 | CVE-2022-32756 | Unspecified vulnerability in IBM Security Verify Directory 10.0.0 IBM Security Verify Directory 10.0.0 could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned in the browser. | 2.7 |
2024-03-22 | CVE-2024-1742 | Unspecified vulnerability in Checkmk Invocation of the sqlplus command with sensitive information in the command line in the mk_oracle Checkmk agent plugin before Checkmk 2.3.0b4 (beta), 2.2.0p24, 2.1.0p41 and 2.0.0 (EOL) allows the extraction of this information from the process list. | 3.3 |
2024-03-15 | CVE-2023-46181 | Unspecified vulnerability in IBM Sterling Secure Proxy 6.0.3/6.1.0 IBM Sterling Secure Proxy 6.0.3 and 6.1.0 allows web pages to be stored locally which can be read by another user on the system. | 3.3 |
2024-03-14 | CVE-2024-26246 | Unspecified vulnerability in Microsoft Edge 112.0.1722.34/118.0.2088.88/122.0.2365.63 Microsoft Edge (Chromium-based) Security Feature Bypass Vulnerability low complexity microsoft | 3.9 |
2024-03-11 | CVE-2024-0052 | Missing Authorization vulnerability in Google Android 14.0 In multiple functions of healthconnect, there is a possible leakage of exercise route data due to a missing permission check. | 3.3 |
2024-03-11 | CVE-2024-0053 | Unspecified vulnerability in Google Android In getCustomPrinterIcon of PrintManagerService.java, there is a possible way to view other user's images due to a confused deputy. | 3.3 |
2024-03-08 | CVE-2024-23227 | Unspecified vulnerability in Apple Macos This issue was addressed with improved redaction of sensitive information. | 3.3 |