Vulnerabilities > Low

DATE CVE VULNERABILITY TITLE RISK
2023-08-08 CVE-2023-39342 Unspecified vulnerability in Freedom Dangerzone
Dangerzone is software for converting potentially dangerous PDFs, office documents, or images to safe PDFs.
local
low complexity
freedom
3.6
2023-08-08 CVE-2023-39978 Memory Leak vulnerability in multiple products
ImageMagick before 6.9.12-91 allows attackers to cause a denial of service (memory consumption) in Magick::Draw.
local
low complexity
imagemagick fedoraproject CWE-401
3.3
2023-08-04 CVE-2023-38700 Unspecified vulnerability in Matrix IRC Bridge
matrix-appservice-irc is a Node.js IRC bridge for Matrix.
network
high complexity
matrix
3.7
2023-08-03 CVE-2023-26979 Improper Enforcement of Message Integrity During Transmission in a Communication Channel vulnerability in Bluetens Bluetensq 4.3.15
Bluetens Electrostimulation Device BluetensQ device app version 4.3.15 is vulnerable to Man-in-the-middle attacks in the BLE channel.
high complexity
bluetens CWE-924
3.1
2023-08-02 CVE-2023-26438 Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability in Open-Xchange Appsuite Backend 7.10.6/8.10.0
External service lookups for a number of protocols were vulnerable to a time-of-check/time-of-use (TOCTOU) weakness, involving the JDK DNS cache.
network
high complexity
open-xchange CWE-367
3.1
2023-08-02 CVE-2023-26442 Server-Side Request Forgery (SSRF) vulnerability in Open-Xchange Appsuite Office 7.8.3
In case Cacheservice was configured to use a sproxyd object-storage backend, it would follow HTTP redirects issued by that backend.
local
high complexity
open-xchange CWE-918
3.2
2023-08-02 CVE-2023-4016 Out-of-bounds Write vulnerability in multiple products
Under some circumstances, this weakness allows a user who has access to run the “ps” utility on a machine, the ability to write almost unlimited amounts of unfiltered data into the process heap.
local
low complexity
procps-project fedoraproject CWE-787
3.3
2023-07-29 CVE-2022-4923 Unspecified vulnerability in Google Chrome
Inappropriate implementation in Omnibox in Google Chrome prior to 99.0.4844.51 allowed an attacker in a privileged network position to perform a man-in-the-middle attack via malicious network traffic.
network
high complexity
google
3.1
2023-07-28 CVE-2023-37904 Unspecified vulnerability in Discourse
Discourse is an open source discussion platform.
network
high complexity
discourse
3.1
2023-07-27 CVE-2023-37900 Unspecified vulnerability in Cncf Crossplane
Crossplane is a framework for building cloud native control planes without needing to write code.
network
low complexity
cncf
2.7