Vulnerabilities > Low
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2017-06-07 | CVE-2017-1125 | Information Exposure vulnerability in IBM Cognos Business Intelligence Server IBM Cognos Analytics 10.1 and 10.2 could allow a local user to craft a URL which could confirm the existence of and expose postial contents of a file. | 3.3 |
| 2017-06-04 | CVE-2017-3741 | Unspecified vulnerability in Lenovo Power Management 1.67.12.19/1.67.12.23 In the Lenovo Power Management driver before 1.67.12.24, a local user may alter the trackpoint's firmware and stop the trackpoint from functioning correctly. | 3.3 |
| 2017-05-25 | CVE-2015-3189 | Weak Password Recovery Mechanism for Forgotten Password vulnerability in multiple products With Cloud Foundry Runtime cf-release versions v208 or earlier, UAA Standalone versions 2.2.5 or earlier and Pivotal Cloud Foundry Runtime 1.4.5 or earlier, old Password Reset Links are not expired after the user changes their current email address to a new one. | 3.7 |
| 2017-05-22 | CVE-2017-2161 | Forced Browsing vulnerability in Toshiba Flashair FlashAirTM SDHC Memory Card (SD-WE Series <W-03>) V3.00.02 and earlier and FlashAirTM SDHC Memory Card (SD-WD/WC Series <W-02>) V2.00.04 and earlier allows authenticated attackers to bypass access restrictions to obtain unauthorized image data via unspecified vectors. | 3.5 |
| 2017-05-21 | CVE-2017-9139 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Tendacn F1200 Firmware, F1202 Firmware and Fh1202 Firmware There is a stack-based buffer overflow on some Tenda routers (FH1202/F1202/F1200: versions before 1.2.0.20). | 3.5 |
| 2017-05-15 | CVE-2016-5979 | Permissions, Privileges, and Access Controls vulnerability in IBM Distributed Marketing IBM Distributed Marketing 8.6, 9.0, and 10.0 could allow a privileged authenticated user to create an instance that gets created with security profile not valid for the templates, that results in the new instance not accessible for the intended user. | 2.7 |
| 2017-05-15 | CVE-2017-8933 | Improper Input Validation vulnerability in Libmenu-Cache Project Libmenu-Cache 1.0.2 Libmenu-cache 1.0.2 insecurely uses /tmp for a socket file, allowing a local user to cause a denial of service (menu unavailability). | 3.3 |
| 2017-05-10 | CVE-2017-4896 | Unspecified vulnerability in VMWare Airwatch Agent and Airwatch Inbox Airwatch Inbox for Android contains a vulnerability that may allow a rooted device to decrypt the local data used by the application. | 3.8 |
| 2017-05-08 | CVE-2017-0895 | Information Exposure vulnerability in Nextcloud Server Nextcloud Server before 10.0.4 and 11.0.2 are vulnerable to disclosure of calendar and addressbook names to other logged-in users. | 3.5 |
| 2017-05-08 | CVE-2017-0892 | Session Fixation vulnerability in Nextcloud Server Nextcloud Server before 11.0.3 is vulnerable to an improper session handling allowed an application specific password without permission to the files access to the users file. | 3.5 |