Vulnerabilities > Low
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-02-29 | CVE-2023-47634 | Race Condition vulnerability in Decidim Decidim is a participatory democracy framework. | 3.1 |
| 2024-02-27 | CVE-2021-46971 | Unspecified vulnerability in Linux Kernel In the Linux kernel, the following vulnerability has been resolved: perf/core: Fix unconditional security_locked_down() call Currently, the lockdown state is queried unconditionally, even though its result is used only if the PERF_SAMPLE_REGS_INTR bit is set in attr.sample_type. | 3.3 |
| 2024-02-27 | CVE-2021-46934 | Improper Check for Unusual or Exceptional Conditions vulnerability in Linux Kernel In the Linux kernel, the following vulnerability has been resolved: i2c: validate user data in compat ioctl Wrong user data may cause warning in i2c_transfer(), ex: zero msgs. Userspace should not be able to trigger warnings, so this patch adds validation checks for user data in compact ioctl to prevent reported warnings | 3.3 |
| 2024-02-26 | CVE-2023-5775 | Unspecified vulnerability in Inpsyde Backwpup The BackWPup plugin for WordPress is vulnerable to Plaintext Storage of Backup Destination Password in all versions up to, and including, 4.0.2. | 2.7 |
| 2024-02-21 | CVE-2023-50955 | Path Traversal vulnerability in IBM Infosphere Information Server 11.7 IBM InfoSphere Information Server 11.7 could allow an authenticated privileged user to obtain the absolute path of the web server installation which could aid in further attacks against the system. | 2.7 |
| 2024-02-21 | CVE-2023-42939 | Unspecified vulnerability in Apple Iphone OS A logic issue was addressed with improved checks. | 3.3 |
| 2024-02-20 | CVE-2023-50306 | Information Exposure Through Discrepancy vulnerability in IBM Common Licensing 9.0 IBM Common Licensing 9.0 could allow a local user to enumerate usernames due to an observable response discrepancy. | 3.3 |
| 2024-02-19 | CVE-2024-1633 | Integer Overflow or Wraparound vulnerability in Renesas Arm-Trusted-Firmware Rcargen32.5 During the secure boot, bl2 (the second stage of the bootloader) loops over images defined in the table “bl2_mem_params_descs”. For each image, the bl2 reads the image length and destination from the image’s certificate. Because of the way of reading from the image, which base on 32-bit unsigned integer value, it can result to an integer overflow. An attacker can bypass memory range restriction and write data out of buffer bounds, which could result in bypass of secure boot. Affected git version from c2f286820471ed276c57e603762bd831873e5a17 until (not | 2.0 |
| 2024-02-17 | CVE-2024-20905 | Unspecified vulnerability in Oracle JD Edwards Enterpriseone Tools Vulnerability in the JD Edwards EnterpriseOne Tools product of Oracle JD Edwards (component: Enterprise Infrastructure SEC). | 2.7 |
| 2024-02-16 | CVE-2024-1591 | Unspecified vulnerability in Beyondtrust Privilege Management for Windows Prior to version 24.1, a local authenticated attacker can view Sysvol when Privilege Management for Windows is configured to use a GPO policy. | 3.3 |