Vulnerabilities > Low
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-06-20 | CVE-2023-26427 | Incorrect Permission Assignment for Critical Resource vulnerability in Open-Xchange Appsuite Backend Default permissions for a properties file were too permissive. | 3.3 |
| 2023-06-19 | CVE-2022-48506 | Use of Cryptographically Weak Pseudo-Random Number Generator (PRNG) vulnerability in Dominionvoting Democracy Suite A flawed pseudorandom number generator in Dominion Voting Systems ImageCast Precinct (ICP and ICP2) and ImageCast Evolution (ICE) scanners allows anyone to determine the order in which ballots were cast from public ballot-level data, allowing deanonymization of voted ballots, in several types of scenarios. | 2.4 |
| 2023-06-19 | CVE-2023-34414 | Improper Certificate Validation vulnerability in Mozilla Firefox The error page for sites with invalid TLS certificates was missing the activation-delay Firefox uses to protect prompts and permission dialogs from attacks that exploit human response time delays. | 3.1 |
| 2023-06-16 | CVE-2023-25186 | Path Traversal vulnerability in Nokia Asika Airscale Firmware An issue was discovered on NOKIA Airscale ASIKA Single RAN devices before 21B. | 2.8 |
| 2023-06-16 | CVE-2023-3291 | Unspecified vulnerability in Gpac Heap-based Buffer Overflow in GitHub repository gpac/gpac prior to 2.2.2. | 3.3 |
| 2023-06-13 | CVE-2023-34115 | Classic Buffer Overflow vulnerability in Zoom Meeting SDK Buffer copy without checking size of input in Zoom Meeting SDK before 5.13.0 may allow an authenticated user to potentially enable a denial of service via local access. | 3.8 |
| 2023-06-13 | CVE-2023-20867 | Improper Authentication vulnerability in multiple products A fully compromised ESXi host can force VMware Tools to fail to authenticate host-to-guest operations, impacting the confidentiality and integrity of the guest virtual machine. | 3.9 |
| 2023-06-13 | CVE-2022-42474 | Path Traversal vulnerability in Fortinet Fortiproxy and Fortiswitchmanager A relative path traversal vulnerability [CWE-23] in Fortinet FortiOS version 7.2.0 through 7.2.3, version 7.0.0 through 7.0.9 and before 6.4.12, FortiProxy version 7.2.0 through 7.2.1 and 7.0.0 through 7.0.7, FortiSwitchManager version 7.2.0 through 7.2.1 and before 7.0.1 allows an privileged attacker to delete arbitrary directories from the filesystem through crafted HTTP requests. | 2.7 |
| 2023-06-13 | CVE-2023-32114 | Unspecified vulnerability in SAP Netweaver SAP NetWeaver (Change and Transport System) - versions 702, 731, 740, 750, 751, 752, 753, 754, 755, 756, 757, allows an authenticated user with admin privileges to maliciously run a benchmark program repeatedly in intent to slowdown or make the server unavailable which may lead to a limited impact on Availability with No impact on Confidentiality and Integrity of the application. | 2.7 |
| 2023-06-09 | CVE-2023-1430 | Unspecified vulnerability in Wpmanageninja Fluentcrm The FluentCRM - Marketing Automation For WordPress plugin for WordPress is vulnerable to unauthorized modification of data in versions up to, and including, 2.7.40 due to the use of an MD5 hash without a salt to control subscriptions. | 3.7 |