Vulnerabilities > Low

DATE CVE VULNERABILITY TITLE RISK
2023-10-27 CVE-2023-40127 Unspecified vulnerability in Google Android
In multiple locations, there is a possible way to access screenshots due to a confused deputy.
local
low complexity
google
3.3
3.3
2023-10-27 CVE-2023-40134 Unspecified vulnerability in Google Android 12.0/12.1/13.0
In isFullScreen of FillUi.java, there is a possible way to view another user's images due to a confused deputy.
local
low complexity
google
3.3
3.3
2023-10-27 CVE-2023-40135 Unspecified vulnerability in Google Android
In applyCustomDescription of SaveUi.java, there is a possible way to view another user's images due to a confused deputy.
local
low complexity
google
3.3
3.3
2023-10-27 CVE-2023-40136 Unspecified vulnerability in Google Android
In setHeader of DialogFillUi.java, there is a possible way to view another user's images due to a confused deputy.
local
low complexity
google
3.3
3.3
2023-10-27 CVE-2023-40137 Unspecified vulnerability in Google Android
In multiple functions of DialogFillUi.java, there is a possible way to view another user's images due to a confused deputy.
local
low complexity
google
3.3
3.3
2023-10-27 CVE-2023-40138 Unspecified vulnerability in Google Android
In FillUi of FillUi.java, there is a possible way to view another user's images due to a confused deputy.
local
low complexity
google
3.3
3.3
2023-10-25 CVE-2023-40405 Information Exposure Through Log Files vulnerability in Apple Macos 14.0
A privacy issue was addressed with improved private data redaction for log entries.
local
low complexity
apple CWE-532
3.3
3.3
2023-10-25 CVE-2023-42857 Information Exposure Through Log Files vulnerability in Apple Ipados and Macos
A privacy issue was addressed with improved private data redaction for log entries.
local
low complexity
apple CWE-532
3.3
3.3
2023-10-25 CVE-2023-41960 Unspecified vulnerability in Boschrexroth products
The vulnerability allows an unprivileged(untrusted) third-party application to interact with a content-provider unsafely exposed by the Android Agent application, potentially modifying sensitive settings of the Android Client application itself.
local
low complexity
boschrexroth
3.3
3.3
2023-10-25 CVE-2023-5752 Command Injection vulnerability in Pypa PIP
When installing a package from a Mercurial VCS URL (ie "pip install hg+...") with pip prior to v23.3, the specified Mercurial revision could be used to inject arbitrary configuration options to the "hg clone" call (ie "--config").
local
low complexity
pypa CWE-77
3.3
3.3