Vulnerabilities > Low
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2024-09-23 | CVE-2024-8263 | Unspecified vulnerability in Github Enterprise Server An improper privilege management vulnerability allowed arbitrary workflows to be committed using an improperly scoped PAT through the use of nested tags. | 2.7 |
2024-09-20 | CVE-2024-8612 | A flaw was found in QEMU, in the virtio-scsi, virtio-blk, and virtio-crypto devices. | 3.8 |
2024-09-17 | CVE-2024-40791 | Information Exposure Through Log Files vulnerability in Apple Macos A privacy issue was addressed with improved private data redaction for log entries. | 3.3 |
2024-09-17 | CVE-2024-40830 | Unspecified vulnerability in Apple Iphone OS This issue was addressed with improved data protection. | 3.3 |
2024-09-17 | CVE-2024-40838 | Unspecified vulnerability in Apple Macos A privacy issue was addressed by moving sensitive data to a protected location. | 3.3 |
2024-09-17 | CVE-2024-44139 | Unspecified vulnerability in Apple Iphone OS The issue was addressed with improved checks. low complexity apple | 2.4 |
2024-09-17 | CVE-2024-44180 | Unspecified vulnerability in Apple Iphone OS The issue was addressed with improved checks. low complexity apple | 2.4 |
2024-09-12 | CVE-2024-36066 | Unspecified vulnerability in Keyfactor Ejbca 8.0.0 The CMP CLI client in KeyFactor EJBCA before 8.3.1 has only 6 octets of salt, and is thus not compliant with the security requirements of RFC 4211, and might make man-in-the-middle attacks easier. | 3.1 |
2024-09-12 | CVE-2024-6446 | Unspecified vulnerability in Gitlab An issue has been discovered in GitLab affecting all versions starting from 17.1 to 17.1.7, 17.2 prior to 17.2.5 and 17.3 prior to 17.3.2. | 3.5 |
2024-09-10 | CVE-2024-36511 | Unspecified vulnerability in Fortinet Fortiadc An improperly implemented security check for standard vulnerability [CWE-358] in FortiADC Web Application Firewall (WAF) 7.4.0 through 7.4.4, 7.2 all versions, 7.1 all versions, 7.0 all versions, 6.2 all versions, 6.1 all versions, 6.0 all versions when cookie security policy is enabled may allow an attacker, under specific conditions, to retrieve the initial encrypted and signed cookie protected by the feature | 3.7 |