Vulnerabilities > Low
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-12-02 | CVE-2023-6467 | Unspecified vulnerability in Thecosy Icecms 2.0.1 A vulnerability was found in Thecosy IceCMS 2.0.1. | 3.7 |
| 2023-12-01 | CVE-2023-28896 | Inadequate Encryption Strength vulnerability in Preh Mib3 Firmware Access to critical Unified Diagnostics Services (UDS) of the Modular Infotainment Platform 3 (MIB3) infotainment is transmitted via Controller Area Network (CAN) bus in a form that can be easily decoded by attackers with physical access to the vehicle. Vulnerability discovered on Škoda Superb III (3V3) - 2.0 TDI manufactured in 2022. | 2.4 |
| 2023-12-01 | CVE-2023-4658 | Unspecified vulnerability in Gitlab An issue has been discovered in GitLab EE affecting all versions starting from 8.13 before 16.4.3, all versions starting from 16.5 before 16.5.3, all versions starting from 16.6 before 16.6.1. | 3.1 |
| 2023-12-01 | CVE-2023-43089 | Unspecified vulnerability in Dell Rugged Control Center Dell Rugged Control Center, version prior to 4.7, contains insufficient protection for the Policy folder. | 3.3 |
| 2023-11-29 | CVE-2023-49652 | Missing Authorization vulnerability in Jenkins Google Compute Engine Incorrect permission checks in Jenkins Google Compute Engine Plugin 4.550.vb_327fca_3db_11 and earlier allow attackers with global Item/Configure permission (while lacking Item/Configure permission on any particular job) to enumerate system-scoped credentials IDs of credentials stored in Jenkins and to connect to Google Cloud Platform using attacker-specified credentials IDs obtained through another method, to obtain information about existing projects. | 2.7 |
| 2023-11-28 | CVE-2023-29062 | Improper Authentication vulnerability in BD Facschorus The Operating System hosting the FACSChorus application is configured to allow transmission of hashed user credentials upon user action without adequately validating the identity of the requested resource. | 3.8 |
| 2023-11-28 | CVE-2023-29063 | Missing Authentication for Critical Function vulnerability in BD Facschorus The FACSChorus workstation does not prevent physical access to its PCI express (PCIe) slots, which could allow a threat actor to insert a PCI card designed for memory capture. | 2.4 |
| 2023-11-28 | CVE-2023-29066 | Improper Privilege Management vulnerability in BD Facschorus The FACSChorus software does not properly assign data access privileges for operating system user accounts. | 3.5 |
| 2023-11-24 | CVE-2023-48711 | Unspecified vulnerability in Cjvnjde Google Translate API Browser google-translate-api-browser is an npm package which interfaces with the google translate web api. | 3.7 |
| 2023-11-24 | CVE-2023-6251 | Cross-Site Request Forgery (CSRF) vulnerability in Checkmk 2.0.0/2.1.0/2.2.0 Cross-site Request Forgery (CSRF) in Checkmk < 2.2.0p15, < 2.1.0p37, <= 2.0.0p39 allow an authenticated attacker to delete user-messages for individual users. | 3.5 |