Vulnerabilities > Low

DATE CVE VULNERABILITY TITLE RISK
2023-08-31 CVE-2023-4654 Unspecified vulnerability in Instantcms
Sensitive Cookie in HTTPS Session Without 'Secure' Attribute in GitHub repository instantsoft/icms2 prior to 2.16.1.
network
low complexity
instantcms
3.5
2023-08-30 CVE-2023-41041 Unspecified vulnerability in Graylog
Graylog is a free and open log management platform.
network
high complexity
graylog
3.1
2023-08-30 CVE-2023-4624 Server-Side Request Forgery (SSRF) vulnerability in Bookstackapp Bookstack
Server-Side Request Forgery (SSRF) in GitHub repository bookstackapp/bookstack prior to v23.08.
network
low complexity
bookstackapp CWE-918
2.4
2023-08-29 CVE-2023-0654 Improper Restriction of Rendered UI Layers or Frames vulnerability in Cloudflare Warp
Due to a misconfiguration, the WARP Mobile Client (< 6.29) for Android was susceptible to a tapjacking attack.
network
high complexity
cloudflare CWE-1021
3.7
2023-08-22 CVE-2020-19909 Integer Overflow or Wraparound vulnerability in Haxx Curl 7.65.2
Integer overflow vulnerability in tool_operate.c in curl 7.65.2 via a large value as the retry delay.
local
low complexity
haxx CWE-190
3.3
2023-08-21 CVE-2023-39061 Cross-Site Request Forgery (CSRF) vulnerability in Chamilo
Cross Site Request Forgery (CSRF) vulnerability in Chamilo v.1.11 thru v.1.11.20 allows a remote authenticated privileged attacker to execute arbitrary code.
network
low complexity
chamilo CWE-352
3.5
2023-08-18 CVE-2023-4413 Information Exposure Through Log Files vulnerability in Rootkit Hunter Project Rootkit Hunter 1.4.4/1.4.6
** DISPUTED ** A vulnerability was found in rkhunter Rootkit Hunter 1.4.4/1.4.6.
local
high complexity
rootkit-hunter-project CWE-532
2.5
2023-08-17 CVE-2023-25647 Incorrect Authorization vulnerability in ZTE products
There is a permission and access control vulnerability in some ZTE mobile phones.
local
low complexity
zte CWE-863
3.3
2023-08-16 CVE-2023-32453 Unspecified vulnerability in Dell products
Dell BIOS contains an improper authentication vulnerability.
low complexity
dell
3.9
2023-08-15 CVE-2023-39842 Missing Encryption of Sensitive Data vulnerability in Mydigoo Dg-Hamb Smart Home Security System Firmware 1.0
Missing encryption in the RFID tag of Digoo DG-HAMB Smart Home Security System v1.0 allows attackers to create a cloned tag via brief physical proximity to the original device.
low complexity
mydigoo CWE-311
2.4