Vulnerabilities > Low

DATE CVE VULNERABILITY TITLE RISK
2023-11-07 CVE-2023-42542 Unspecified vulnerability in Samsung Push Service
Improper access control vulnerability in Samsung Push Service prior to 3.4.10 allows local attackers to get register ID to identify the device.
local
low complexity
samsung
3.3
2023-11-07 CVE-2023-42552 Unspecified vulnerability in Samsung Firewall 12.1.00.24/13.1.00.16
Implicit intent hijacking vulnerability in Firewall application prior to versions 12.1.00.24 in Android 11, 13.1.00.16 in Android 12 and 14.1.00.7 in Android 13 allows 3rd party application to tamper the database of Firewall.
local
low complexity
samsung
3.3
2023-11-06 CVE-2023-4535 Out-of-bounds Read vulnerability in multiple products
An out-of-bounds read vulnerability was found in OpenSC packages within the MyEID driver when handling symmetric key encryption.
3.8
2023-11-02 CVE-2023-5920 Unspecified vulnerability in Mattermost Desktop
Mattermost Desktop for MacOS fails to utilize the secure keyboard input functionality provided by macOS, allowing for other processes to read the keyboard input.
local
low complexity
mattermost
3.3
2023-10-31 CVE-2023-37833 Improper Input Validation vulnerability in Elenos Etg150 Firmware 3.12
Improper access control in Elenos ETG150 FM transmitter v3.12 allows attackers to make arbitrary configuration edits that are only accessed by privileged users.
network
low complexity
elenos CWE-20
2.7
2023-10-31 CVE-2023-43295 Cross-Site Request Forgery (CSRF) vulnerability in Clickstudios Passwordstate 9.7
Cross Site Request Forgery vulnerability in Click Studios (SA) Pty Ltd Passwordstate v.Build 9785 and before allows a local attacker to execute arbitrary code via a crafted request.
network
low complexity
clickstudios CWE-352
3.5
2023-10-31 CVE-2023-5862 Unspecified vulnerability in Hamza417 Inure
Missing Authorization in GitHub repository hamza417/inure prior to Build95.
local
low complexity
hamza417
3.3
2023-10-30 CVE-2023-5349 Memory Leak vulnerability in multiple products
A memory leak flaw was found in ruby-magick, an interface between Ruby and ImageMagick.
local
low complexity
rmagick fedoraproject CWE-401
3.3
2023-10-30 CVE-2023-21345 Information Exposure Through Discrepancy vulnerability in Google Android
In Game Manager Service, there is a possible way to determine whether an app is installed, without query permissions, due to side channel information disclosure.
local
low complexity
google CWE-203
3.3
2023-10-30 CVE-2023-21346 Information Exposure Through Discrepancy vulnerability in Google Android
In the Device Idle Controller, there is a possible way to determine whether an app is installed, without query permissions, due to side channel information disclosure.
local
low complexity
google CWE-203
3.3