Vulnerabilities > Low
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-02-28 | CVE-2023-20932 | Improper Input Validation vulnerability in Google Android In onCreatePreferences of EditInfoFragment.java, there is a possible way to read contacts belonging to other users due to improper input validation. | 3.3 |
| 2023-02-27 | CVE-2022-42838 | Operation on a Resource after Expiration or Release vulnerability in Apple Macos An issue with app access to camera data was addressed with improved logic. | 3.3 |
| 2023-02-27 | CVE-2023-23493 | Improper Authentication vulnerability in Apple Macos A logic issue was addressed with improved state management. | 3.3 |
| 2023-02-27 | CVE-2023-23498 | Unspecified vulnerability in Apple Ipados, Iphone OS and Macos A logic issue was addressed with improved state management. | 3.3 |
| 2023-02-27 | CVE-2023-23505 | Information Exposure Through Log Files vulnerability in Apple products A privacy issue was addressed with improved private data redaction for log entries. | 3.3 |
| 2023-02-27 | CVE-2023-27265 | Exposure of Resource to Wrong Sphere vulnerability in Mattermost Server Mattermost fails to honor the ShowEmailAddress setting when constructing a response to the "Regenerate Invite Id" API endpoint, allowing an attacker with team admin privileges to learn the team owner's email address in the response. | 2.7 |
| 2023-02-27 | CVE-2023-27266 | Information Exposure vulnerability in Mattermost Server Mattermost fails to honor the ShowEmailAddress setting when constructing a response to the /api/v4/users/me/teams API endpoint, allowing an attacker with team admin privileges to learn the team owner's email address in the response. | 2.7 |
| 2023-02-27 | CVE-2023-22636 | Unspecified vulnerability in Fortinet Fortiweb An unauthorized configuration download vulnerability in FortiWeb 6.3.6 through 6.3.21, 6.4.0 through 6.4.2 and 7.0.0 through 7.0.4 may allow a local attacker to access confidential configuration files via a crafted http request. | 3.3 |
| 2023-02-24 | CVE-2023-0481 | Exposure of Resource to Wrong Sphere vulnerability in Quarkus In RestEasy Reactive implementation of Quarkus the insecure File.createTempFile() is used in the FileBodyHandler class which creates temp files with insecure permissions that could be read by a local user. | 3.3 |
| 2023-02-19 | CVE-2023-0919 | Missing Authentication for Critical Function vulnerability in Kavitareader Kavita Missing Authentication for Critical Function in GitHub repository kareadita/kavita prior to 0.7.0. | 3.5 |