Vulnerabilities > Low

DATE CVE VULNERABILITY TITLE RISK
2024-01-10 CVE-2023-49619 Race Condition vulnerability in Apache Answer
Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') vulnerability in Apache Answer. This issue affects Apache Answer: through 1.2.0. Under normal circumstances, a user can only bookmark a question once, and will only increase the number of questions bookmarked once.
network
high complexity
apache CWE-362
3.1
2024-01-09 CVE-2024-0351 Session Fixation vulnerability in Engineers Online Portal Project Engineers Online Portal 1.0
A vulnerability classified as problematic has been found in SourceCodester Engineers Online Portal 1.0.
network
low complexity
engineers-online-portal-project CWE-384
3.5
2024-01-09 CVE-2024-0347 Weak Password Requirements vulnerability in Engineers Online Portal Project Engineers Online Portal 1.0
A vulnerability was found in SourceCodester Engineers Online Portal 1.0 and classified as problematic.
network
high complexity
engineers-online-portal-project CWE-521
3.7
2024-01-05 CVE-2023-34321 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in XEN
Arm provides multiple helpers to clean & invalidate the cache for a given region.
local
low complexity
xen CWE-119
3.3
2024-01-05 CVE-2023-46837 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in XEN
Arm provides multiple helpers to clean & invalidate the cache for a given region.
local
low complexity
xen CWE-119
3.3
2024-01-04 CVE-2024-22047 Race Condition vulnerability in Collectiveidea Audited
A race condition exists in Audited 4.0.0 to 5.3.3 that can result in an authenticated user to cause audit log entries to be attributed to another user.
network
high complexity
collectiveidea CWE-362
3.1
2024-01-04 CVE-2024-20807 Unspecified vulnerability in Samsung Email 6.1.82.0
Implicit intent hijacking vulnerability in Samsung Email prior to version 6.1.90.16 allows local attacker to get sensitive information.
local
low complexity
samsung
3.3
2024-01-03 CVE-2024-0217 Use After Free vulnerability in multiple products
A use-after-free flaw was found in PackageKitd.
3.3
2024-01-02 CVE-2020-26623 SQL Injection vulnerability in Gilacms Gila CMS
SQL Injection vulnerability discovered in Gila CMS 1.15.4 and earlier allows a remote attacker to execute arbitrary web scripts via the Area parameter under the Administration>Widget tab after the login portal.
network
low complexity
gilacms CWE-89
3.8
2024-01-02 CVE-2020-26624 SQL Injection vulnerability in Gilacms Gila CMS
A SQL injection vulnerability was discovered in Gila CMS 1.15.4 and earlier which allows a remote attacker to execute arbitrary web scripts via the ID parameter after the login portal.
network
low complexity
gilacms CWE-89
3.8