Vulnerabilities > Low
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-11-14 | CVE-2023-45585 | Unspecified vulnerability in Fortinet Fortisiem An insertion of sensitive information into log file vulnerability [CWE-532] in FortiSIEM version 7.0.0, version 6.7.6 and below, version 6.6.3 and below, version 6.5.1 and below, version 6.4.2 and below, version 6.3.3 and below, version 6.2.1 and below, version 6.1.2 and below, version 5.4.0, version 5.3.3 and below may allow an authenticated user to view an encrypted ElasticSearch password via debug log files generated when FortiSIEM is configured with ElasticSearch Event Storage. | 3.3 |
| 2023-11-14 | CVE-2023-6109 | Race Condition vulnerability in Yop-Poll YOP Poll The YOP Poll plugin for WordPress is vulnerable to a race condition in all versions up to, and including, 6.5.26. | 3.7 |
| 2023-11-10 | CVE-2023-47614 | Unspecified vulnerability in Telit products A CWE-200: Exposure of Sensitive Information to an Unauthorized Actor vulnerability exists in Telit Cinterion BGS5, Telit Cinterion EHS5/6/8, Telit Cinterion PDS5/6/8, Telit Cinterion ELS61/81, Telit Cinterion PLS62 that could allow a local, low privileged attacker to disclose hidden virtual paths and file names on the targeted system. | 3.3 |
| 2023-11-10 | CVE-2023-45816 | Unspecified vulnerability in Discourse Discourse is an open source platform for community discussion. | 3.3 |
| 2023-11-09 | CVE-2023-5543 | When duplicating a BigBlueButton activity, the original meeting ID was also duplicated instead of using a new ID for the new activity. | 3.3 |
| 2023-11-09 | CVE-2023-5551 | Separate Groups mode restrictions were not honoured in the forum summary report, which would display users from other groups. | 3.3 |
| 2023-11-08 | CVE-2023-47111 | Unspecified vulnerability in Zitadel ZITADEL provides identity infrastructure. | 3.7 |
| 2023-11-08 | CVE-2023-26221 | Insufficiently Protected Credentials vulnerability in Tibco products The Spotfire Connectors component of TIBCO Software Inc.'s Spotfire Analyst, Spotfire Server, and Spotfire for AWS Marketplace contains an easily exploitable vulnerability that allows a low privileged attacker with read/write access to craft malicious Analyst files. | 3.9 |
| 2023-11-07 | CVE-2023-42542 | Unspecified vulnerability in Samsung Push Service Improper access control vulnerability in Samsung Push Service prior to 3.4.10 allows local attackers to get register ID to identify the device. | 3.3 |
| 2023-11-07 | CVE-2023-42552 | Unspecified vulnerability in Samsung Firewall 12.1.00.24/13.1.00.16 Implicit intent hijacking vulnerability in Firewall application prior to versions 12.1.00.24 in Android 11, 13.1.00.16 in Android 12 and 14.1.00.7 in Android 13 allows 3rd party application to tamper the database of Firewall. | 3.3 |