Vulnerabilities > Low
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-11-08 | CVE-2023-47111 | Unspecified vulnerability in Zitadel ZITADEL provides identity infrastructure. | 3.7 |
| 2023-11-08 | CVE-2023-26221 | Insufficiently Protected Credentials vulnerability in Tibco products The Spotfire Connectors component of TIBCO Software Inc.'s Spotfire Analyst, Spotfire Server, and Spotfire for AWS Marketplace contains an easily exploitable vulnerability that allows a low privileged attacker with read/write access to craft malicious Analyst files. | 3.9 |
| 2023-11-07 | CVE-2023-42542 | Unspecified vulnerability in Samsung Push Service Improper access control vulnerability in Samsung Push Service prior to 3.4.10 allows local attackers to get register ID to identify the device. | 3.3 |
| 2023-11-07 | CVE-2023-42552 | Unspecified vulnerability in Samsung Firewall 12.1.00.24/13.1.00.16 Implicit intent hijacking vulnerability in Firewall application prior to versions 12.1.00.24 in Android 11, 13.1.00.16 in Android 12 and 14.1.00.7 in Android 13 allows 3rd party application to tamper the database of Firewall. | 3.3 |
| 2023-11-06 | CVE-2023-4535 | Out-of-bounds Read vulnerability in multiple products An out-of-bounds read vulnerability was found in OpenSC packages within the MyEID driver when handling symmetric key encryption. | 3.8 |
| 2023-11-02 | CVE-2023-5920 | Unspecified vulnerability in Mattermost Desktop Mattermost Desktop for MacOS fails to utilize the secure keyboard input functionality provided by macOS, allowing for other processes to read the keyboard input. | 3.3 |
| 2023-10-31 | CVE-2023-37833 | Improper Input Validation vulnerability in Elenos Etg150 Firmware 3.12 Improper access control in Elenos ETG150 FM transmitter v3.12 allows attackers to make arbitrary configuration edits that are only accessed by privileged users. | 2.7 |
| 2023-10-31 | CVE-2023-43295 | Cross-Site Request Forgery (CSRF) vulnerability in Clickstudios Passwordstate 9.7 Cross Site Request Forgery vulnerability in Click Studios (SA) Pty Ltd Passwordstate v.Build 9785 and before allows a local attacker to execute arbitrary code via a crafted request. | 3.5 |
| 2023-10-31 | CVE-2023-5862 | Unspecified vulnerability in Hamza417 Inure Missing Authorization in GitHub repository hamza417/inure prior to Build95. | 3.3 |
| 2023-10-30 | CVE-2023-5349 | Memory Leak vulnerability in multiple products A memory leak flaw was found in ruby-magick, an interface between Ruby and ImageMagick. | 3.3 |