Vulnerabilities > Low

DATE CVE VULNERABILITY TITLE RISK
2017-11-15 CVE-2017-11768 Information Exposure vulnerability in Microsoft Windows Media Player
Windows Media Player in Windows 7 SP1, Windows Server 2008 SP2 and R2 SP1, Windows 8.1 and RT 8.1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, 1703, and 1709, Windows Server 2016, and Windows Server, version 1709 allows remote attackers to test for the presence of files on disk via a specially crafted application.
local
high complexity
microsoft CWE-200
2.5
2.5
2017-11-13 CVE-2017-13852 Information Exposure vulnerability in Apple products
An issue was discovered in certain Apple products.
local
low complexity
apple CWE-200
3.3
3.3
2017-11-13 CVE-2017-13844 Information Exposure vulnerability in Apple Iphone OS
An issue was discovered in certain Apple products.
low complexity
apple CWE-200
2.4
2.4
2017-11-13 CVE-2017-13805 Information Exposure vulnerability in Apple Iphone OS
An issue was discovered in certain Apple products.
low complexity
apple CWE-200
2.4
2.4
2017-11-13 CVE-2017-13801 Information Exposure vulnerability in Apple mac OS X
An issue was discovered in certain Apple products.
local
low complexity
apple CWE-200
3.3
3.3
2017-11-01 CVE-2017-1000242 Information Exposure vulnerability in Jenkins GIT Client
Jenkins Git Client Plugin 2.4.2 and earlier creates temporary file with insecure permissions resulting in information disclosure
local
low complexity
jenkins CWE-200
3.3
3.3
2017-10-27 CVE-2017-5084 Improper Privilege Management vulnerability in Google Chrome OS
Inappropriate implementation in image-burner in Google Chrome OS prior to 59.0.3071.92 allowed a local attacker to read local files via dbus-send commands to a BurnImage D-Bus endpoint.
local
low complexity
google CWE-269
3.3
3.3
2017-10-27 CVE-2017-5081 Improper Input Validation vulnerability in multiple products
Lack of verification of an extension's locale folder in Google Chrome prior to 59.0.3071.86 for Mac, Windows, and Linux, and 59.0.3071.92 for Android, allowed an attacker with local write access to modify extensions by modifying extension files.
local
low complexity
google debian redhat CWE-20
3.3
3.3
2017-10-26 CVE-2017-1228 Information Exposure vulnerability in IBM Bigfix Platform 9.2/9.5
IBM Tivoli Endpoint Manager (IBM BigFix Platform 9.2 and 9.5) could allow a remote attacker to obtain sensitive information, caused by the failure to properly enable the secure cookie attribute.
network
high complexity
ibm CWE-200
3.7
3.7
2017-10-26 CVE-2017-15096 NULL Pointer Dereference vulnerability in Gluster Glusterfs
A flaw was found in GlusterFS in versions prior to 3.10.
local
low complexity
gluster CWE-476
3.3
3.3