Vulnerabilities > Low
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-05-08 | CVE-2023-23523 | Unspecified vulnerability in Apple Iphone OS A logic issue was addressed with improved restrictions. | 3.3 |
| 2023-05-08 | CVE-2023-23541 | Unspecified vulnerability in Apple Iphone OS A privacy issue was addressed with improved private data redaction for log entries. | 3.3 |
| 2023-05-08 | CVE-2023-23543 | Unspecified vulnerability in Apple Macos The issue was addressed with additional restrictions on the observability of app states. | 3.6 |
| 2023-05-08 | CVE-2023-27928 | Unspecified vulnerability in Apple products A privacy issue was addressed with improved private data redaction for log entries. | 3.3 |
| 2023-05-08 | CVE-2023-28194 | Unspecified vulnerability in Apple Iphone OS The issue was addressed with improved checks. | 3.3 |
| 2023-05-04 | CVE-2023-21487 | Improper Authentication vulnerability in Samsung Android 11.0/12.0/13.0 Improper access control vulnerability in Telephony framework prior to SMR May-2023 Release 1 allows local attackers to change a call setting. | 3.3 |
| 2023-05-04 | CVE-2023-31413 | Information Exposure Through Log Files vulnerability in Elastic Filebeat 8.6.2 Filebeat versions through 7.17.9 and 8.6.2 have a flaw in httpjson input that allows the http request Authorization or Proxy-Authorization header contents to be leaked in the logs when debug logging is enabled. | 3.3 |
| 2023-05-01 | CVE-2023-2197 | Inadequate Encryption Strength vulnerability in Hashicorp Vault 1.13.0 HashiCorp Vault Enterprise 1.13.0 up to 1.13.1 is vulnerable to a padding oracle attack when using an HSM in conjunction with the CKM_AES_CBC_PAD or CKM_AES_CBC encryption mechanisms. An attacker with privileges to modify storage and restart Vault may be able to intercept or modify cipher text in order to derive Vault’s root key. | 2.5 |
| 2023-04-28 | CVE-2023-30857 | Unspecified vulnerability in Aedart ION @aedart/support is the support package for Ion, a monorepo for JavaScript/TypeScript packages. | 3.7 |
| 2023-04-28 | CVE-2023-28473 | Improper Authentication vulnerability in Concretecms Concrete CMS Concrete CMS (previously concrete5) versions 8.5.12 and below, and 9.0 through 9.1.3 is vulnerable to possible Auth bypass in the jobs section. | 3.3 |