Vulnerabilities > Low
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2017-09-25 | CVE-2017-1346 | Race Condition vulnerability in IBM Business Process Manager IBM Business Process Manager 7.5, 8.0, and 8.5 temporarily stores files in a temporary folder during offline installs which could be read by a local user within a short timespan. | 2.5 |
| 2017-09-20 | CVE-2017-14595 | Unspecified vulnerability in Joomla Joomla! In Joomla! before 3.8.0, a logic bug in a SQL query could lead to the disclosure of article intro texts when these articles are in the archived state. | 3.7 |
| 2017-09-20 | CVE-2015-8224 | Information Exposure vulnerability in Huawei P8 Firmware Huawei P8 before GRA-CL00C92B210, before GRA-L09C432B200, before GRA-TL00C01B210, and before GRA-UL00C00B210 allows remote attackers to obtain user equipment (aka UE) measurements of signal strengths. | 3.7 |
| 2017-09-15 | CVE-2017-10856 | Unspecified vulnerability in Seil products SEIL/X 4.60 to 5.72, SEIL/B1 4.60 to 5.72, SEIL/x86 3.20 to 5.72, SEIL/BPV4 5.00 to 5.72 allows remote attackers to cause a temporary failure of the device's encrypted communications via a specially crafted packet. | 3.7 |
| 2017-09-13 | CVE-2017-8676 | Information Exposure vulnerability in Microsoft products The Windows Graphics Device Interface (GDI) in Microsoft Windows Server 2008 SP2 and R2 SP1; Windows 7 SP1; Windows 8.1; Windows Server 2012 Gold and R2; Windows RT 8.1; Windows 10 Gold, 1511, 1607, 1703, and Server 2016; Office 2007 SP3; Office 2010 SP2; Word Viewer; Office for Mac 2011 and 2016; Skype for Business 2016; Lync 2013 SP1; Lync 2010; Lync 2010 Attendee; and Live Meeting 2007 Add-in and Console allows an authenticated attacker to retrieve information from a targeted system via a specially crafted application, aka "Windows GDI+ Information Disclosure Vulnerability." | 3.3 |
| 2017-09-12 | CVE-2017-1520 | Improper Authentication vulnerability in IBM DB2 and DB2 Connect IBM DB2 9.7, 10,1, 10.5, and 11.1 is vulnerable to an unauthorized command that allows the database to be activated when authentication type is CLIENT. | 3.7 |
| 2017-08-29 | CVE-2016-2978 | Information Exposure vulnerability in IBM Sametime IBM Sametime 8.5.2 and 9.0 could store potentially sensitive information from the browser cache locally that could be available to a local user. | 3.3 |
| 2017-08-29 | CVE-2016-2974 | Information Exposure vulnerability in IBM Sametime IBM Sametime Connect 8.5.2 and 9.0, after uninstalling the Sametime Rich Client, could disclose potentially sensitive information related to the Sametime environment as well as other users on the local machine of the user. | 3.3 |
| 2017-08-22 | CVE-2017-1422 | Information Exposure vulnerability in IBM Maas360 DTM 3.81 IBM MaaS360 DTM all versions up to 3.81 does not perform proper verification for user rights of certain applications which could disclose sensitive information. | 3.3 |
| 2017-08-20 | CVE-2017-12973 | Improper Validation of Integrity Check Value vulnerability in Connect2Id Nimbus Jose+Jwt Nimbus JOSE+JWT before 4.39 proceeds improperly after detection of an invalid HMAC in authenticated AES-CBC decryption, which allows attackers to conduct a padding oracle attack. | 3.1 |