Vulnerabilities > Low
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-07-13 | CVE-2023-3363 | Information Exposure Through Log Files vulnerability in Gitlab An information disclosure issue in Gitlab CE/EE affecting all versions from 13.6 prior to 15.11.10, all versions from 16.0 prior to 16.0.6, all versions from 16.1 prior to 16.1.1, resulted in the Sidekiq log including webhook tokens when the log format was set to `default`. | 3.8 |
| 2023-07-13 | CVE-2023-21246 | Improper Check for Unusual or Exceptional Conditions vulnerability in Google Android In ShortcutInfo of ShortcutInfo.java, there is a possible way for an app to retain notification listening access due to an uncaught exception. | 3.3 |
| 2023-07-13 | CVE-2023-21262 | Race Condition vulnerability in Google Android 12.0/12.1/13.0 In startInput of AudioPolicyInterfaceImpl.cpp, there is a possible way of erroneously displaying the microphone privacy indicator due to a race condition. | 3.1 |
| 2023-07-12 | CVE-2023-37948 | Improper Input Validation vulnerability in Jenkins Cloud Infrastructure Compute Jenkins Oracle Cloud Infrastructure Compute Plugin 1.0.16 and earlier does not validate SSH host keys when connecting OCI clouds, enabling man-in-the-middle attacks. | 3.7 |
| 2023-07-12 | CVE-2023-38069 | Unspecified vulnerability in Jetbrains Intellij Idea In JetBrains IntelliJ IDEA before 2023.1.4 license dialog could be suppressed in certain cases | 3.3 |
| 2023-07-12 | CVE-2023-33879 | Missing Authorization vulnerability in Google Android In music service, there is a missing permission check. | 3.3 |
| 2023-07-12 | CVE-2023-33880 | Missing Authorization vulnerability in Google Android In music service, there is a missing permission check. | 3.3 |
| 2023-07-11 | CVE-2023-34117 | Path Traversal vulnerability in Zoom Software Development KIT Relative path traversal in the Zoom Client SDK before version 5.15.0 may allow an unauthorized user to enable information disclosure via local access. | 3.3 |
| 2023-07-11 | CVE-2022-22302 | Cleartext Storage of Sensitive Information vulnerability in Fortinet Fortiauthenticator and Fortios A clear text storage of sensitive information (CWE-312) vulnerability in both FortiGate version 6.4.0 through 6.4.1, 6.2.0 through 6.2.9 and 6.0.0 through 6.0.13 and FortiAuthenticator version 5.5.0 and all versions of 6.1 and 6.0 may allow a local unauthorized party to retrieve the Fortinet private keys used to establish secure communication with both Apple Push Notification and Google Cloud Messaging services, via accessing the files on the filesystem. | 3.3 |
| 2023-07-10 | CVE-2023-34442 | Unspecified vulnerability in Apache Camel Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Apache Software Foundation Apache Camel.This issue affects Apache Camel: from 3.X through <=3.14.8, from 3.18.X through <=3.18.7, from 3.20.X through <= 3.20.5, from 4.X through <= 4.0.0-M3. Users should upgrade to 3.14.9, 3.18.8, 3.20.6 or 3.21.0 and for users on Camel 4.x update to 4.0.0-M1 | 3.3 |