Vulnerabilities > Low
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-07-21 | CVE-2023-3803 | Unrestricted Upload of File with Dangerous Type vulnerability in Cdwanjiang Flash Flood Disaster Monitoring and Warning System 2.0 A vulnerability classified as problematic has been found in Chengdu Flash Flood Disaster Monitoring and Warning System 2.0. | 3.7 |
| 2023-07-20 | CVE-2023-3072 | Missing Authorization vulnerability in Hashicorp Nomad HashiCorp Nomad and Nomad Enterprise 0.7.0 up to 1.5.6 and 1.4.10 ACL policies using a block without a label generates unexpected results. | 3.8 |
| 2023-07-20 | CVE-2023-3299 | Exposure of Resource to Wrong Sphere vulnerability in Hashicorp Nomad HashiCorp Nomad Enterprise 1.2.11 up to 1.5.6, and 1.4.10 ACL policies using a block without a label generates unexpected results. | 2.7 |
| 2023-07-19 | CVE-2023-3674 | A flaw was found in the keylime attestation verifier, which fails to flag a device's submitted TPM quote as faulty when the quote's signature does not validate for some reason. | 2.8 |
| 2023-07-17 | CVE-2023-3584 | Incorrect Authorization vulnerability in Mattermost Server Mattermost fails to properly check the authorization of POST /api/v4/teams when passing a team override scheme ID in the request, allowing an authenticated attacker with knowledge of a Team Override Scheme ID to create a new team with said team override scheme. | 3.1 |
| 2023-07-17 | CVE-2023-3587 | Missing Authorization vulnerability in Mattermost Server Mattermost fails to properly show information in the UI, allowing a system admin to modify a board state allowing any user with a valid sharing link to join the board with editor access, without the UI showing the updated permissions. | 2.7 |
| 2023-07-17 | CVE-2023-3613 | Incorrect Authorization vulnerability in Mattermost Server Mattermost WelcomeBot plugin fails to to validate the membership status when inviting or adding users to channels allowing guest accounts to be added or invited to channels by default. | 3.5 |
| 2023-07-17 | CVE-2023-3614 | Resource Exhaustion vulnerability in Mattermost Server Mattermost fails to properly validate a gif image file, allowing an attacker to consume a significant amount of server resources, making the server unresponsive for an extended period of time by linking to specially crafted image file. | 3.3 |
| 2023-07-13 | CVE-2023-30565 | Cleartext Transmission of Sensitive Information vulnerability in BD Guardrails CQI Reporter 10.17 An insecure connection between Systems Manager and CQI Reporter application could expose infusion data to an attacker. | 3.5 |
| 2023-07-13 | CVE-2023-2620 | Unspecified vulnerability in Gitlab An issue has been discovered in GitLab CE/EE affecting all versions starting from 15.1 prior to 15.11.10, all versions from 16.0 prior to 16.0.6, all versions from 16.1 prior to 16.1.1. | 3.8 |