Vulnerabilities > Low
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-07-25 | CVE-2023-38496 | Unspecified vulnerability in Lfprojects Apptainer 1.2.0 Apptainer is an open source container platform. | 3.3 |
| 2023-07-25 | CVE-2023-37361 | SQL Injection vulnerability in Vanderbilt Redcap REDCap 12.0.26 LTS and 12.3.2 Standard allows SQL Injection via scheduling, repeatforms, purpose, app_title, or randomization. | 2.7 |
| 2023-07-21 | CVE-2023-25840 | Unspecified vulnerability in Esri Arcgis Server 10.8.1/10.9.0/10.9.1 There is a Cross-site Scripting vulnerability in ArcGIS Server in versions 11.1 and below that may allow a remote, authenticated attacker to create a crafted link which onmouseover wont execute but could potentially render an image in the victims browser. | 3.4 |
| 2023-07-21 | CVE-2023-3803 | Unrestricted Upload of File with Dangerous Type vulnerability in Cdwanjiang Flash Flood Disaster Monitoring and Warning System 2.0 A vulnerability classified as problematic has been found in Chengdu Flash Flood Disaster Monitoring and Warning System 2.0. | 3.7 |
| 2023-07-20 | CVE-2023-3072 | Missing Authorization vulnerability in Hashicorp Nomad HashiCorp Nomad and Nomad Enterprise 0.7.0 up to 1.5.6 and 1.4.10 ACL policies using a block without a label generates unexpected results. | 3.8 |
| 2023-07-20 | CVE-2023-3299 | Exposure of Resource to Wrong Sphere vulnerability in Hashicorp Nomad HashiCorp Nomad Enterprise 1.2.11 up to 1.5.6, and 1.4.10 ACL policies using a block without a label generates unexpected results. | 2.7 |
| 2023-07-19 | CVE-2023-3674 | A flaw was found in the keylime attestation verifier, which fails to flag a device's submitted TPM quote as faulty when the quote's signature does not validate for some reason. | 2.8 |
| 2023-07-17 | CVE-2023-3584 | Incorrect Authorization vulnerability in Mattermost Server Mattermost fails to properly check the authorization of POST /api/v4/teams when passing a team override scheme ID in the request, allowing an authenticated attacker with knowledge of a Team Override Scheme ID to create a new team with said team override scheme. | 3.1 |
| 2023-07-17 | CVE-2023-3587 | Missing Authorization vulnerability in Mattermost Server Mattermost fails to properly show information in the UI, allowing a system admin to modify a board state allowing any user with a valid sharing link to join the board with editor access, without the UI showing the updated permissions. | 2.7 |
| 2023-07-17 | CVE-2023-3613 | Incorrect Authorization vulnerability in Mattermost Server Mattermost WelcomeBot plugin fails to to validate the membership status when inviting or adding users to channels allowing guest accounts to be added or invited to channels by default. | 3.5 |