Vulnerabilities > Low
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-09-04 | CVE-2023-4216 | Unspecified vulnerability in Villatheme Orders Tracking for Woocommerce The Orders Tracking for WooCommerce WordPress plugin before 1.2.6 doesn't validate the file_url parameter when importing a CSV file, allowing high privilege users with the manage_woocommerce capability to access any file on the web server via a Traversal attack. | 2.7 |
| 2023-09-01 | CVE-2023-3950 | Cleartext Storage of Sensitive Information vulnerability in Gitlab An information disclosure issue in GitLab EE affecting all versions from 16.2 prior to 16.2.5, and 16.3 prior to 16.3.1 allowed other Group Owners to see the Public Key for a Google Cloud Logging audit event streaming destination, if configured. | 3.8 |
| 2023-08-31 | CVE-2023-41044 | Unspecified vulnerability in Graylog 5.1.0/5.1.1/5.1.2 Graylog is a free and open log management platform. | 3.8 |
| 2023-08-31 | CVE-2023-33833 | Missing Encryption of Sensitive Data vulnerability in IBM Security Verify Information Queue 10.0.4/10.0.5 IBM Security Verify Information Queue 10.0.4 and 10.0.5 stores sensitive information in plain clear text which can be read by a local user. | 3.3 |
| 2023-08-31 | CVE-2023-4654 | Unspecified vulnerability in Instantcms Sensitive Cookie in HTTPS Session Without 'Secure' Attribute in GitHub repository instantsoft/icms2 prior to 2.16.1. | 3.5 |
| 2023-08-30 | CVE-2023-41041 | Unspecified vulnerability in Graylog Graylog is a free and open log management platform. | 3.1 |
| 2023-08-30 | CVE-2023-4624 | Server-Side Request Forgery (SSRF) vulnerability in Bookstackapp Bookstack Server-Side Request Forgery (SSRF) in GitHub repository bookstackapp/bookstack prior to v23.08. | 2.4 |
| 2023-08-29 | CVE-2023-0654 | Improper Restriction of Rendered UI Layers or Frames vulnerability in Cloudflare Warp Due to a misconfiguration, the WARP Mobile Client (< 6.29) for Android was susceptible to a tapjacking attack. | 3.7 |
| 2023-08-22 | CVE-2020-19909 | Integer Overflow or Wraparound vulnerability in Haxx Curl 7.65.2 Integer overflow vulnerability in tool_operate.c in curl 7.65.2 via a large value as the retry delay. | 3.3 |
| 2023-08-21 | CVE-2023-39061 | Cross-Site Request Forgery (CSRF) vulnerability in Chamilo Cross Site Request Forgery (CSRF) vulnerability in Chamilo v.1.11 thru v.1.11.20 allows a remote authenticated privileged attacker to execute arbitrary code. | 3.5 |