Vulnerabilities > Low
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-07-11 | CVE-2023-34117 | Path Traversal vulnerability in Zoom Software Development KIT Relative path traversal in the Zoom Client SDK before version 5.15.0 may allow an unauthorized user to enable information disclosure via local access. | 3.3 |
| 2023-07-11 | CVE-2022-22302 | Cleartext Storage of Sensitive Information vulnerability in Fortinet Fortiauthenticator and Fortios A clear text storage of sensitive information (CWE-312) vulnerability in both FortiGate version 6.4.0 through 6.4.1, 6.2.0 through 6.2.9 and 6.0.0 through 6.0.13 and FortiAuthenticator version 5.5.0 and all versions of 6.1 and 6.0 may allow a local unauthorized party to retrieve the Fortinet private keys used to establish secure communication with both Apple Push Notification and Google Cloud Messaging services, via accessing the files on the filesystem. | 3.3 |
| 2023-07-10 | CVE-2023-34442 | Unspecified vulnerability in Apache Camel Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Apache Software Foundation Apache Camel.This issue affects Apache Camel: from 3.X through <=3.14.8, from 3.18.X through <=3.18.7, from 3.20.X through <= 3.20.5, from 4.X through <= 4.0.0-M3. Users should upgrade to 3.14.9, 3.18.8, 3.20.6 or 3.21.0 and for users on Camel 4.x update to 4.0.0-M1 | 3.3 |
| 2023-07-10 | CVE-2023-3209 | Unspecified vulnerability in Inspireui Mstore API The MStore API WordPress plugin before 3.9.7 does not secure most of its AJAX actions by implementing privilege checks, nonce checks, or a combination of both. | 3.5 |
| 2023-07-06 | CVE-2023-30640 | Unspecified vulnerability in Samsung Android 11.0/12.0/13.0 Improper access control vulnerability in PersonaManagerService prior to SMR Jul-2023 Release 1 allows local attackers to change confiugration. | 3.3 |
| 2023-07-06 | CVE-2023-30667 | Unspecified vulnerability in Samsung Android 13.0 Improper access control in Audio system service prior to SMR Jul-2023 Release 1 allows attacker to send broadcast with system privilege. | 3.3 |
| 2023-07-04 | CVE-2023-2010 | Race Condition vulnerability in Incsub Forminator The Forminator WordPress plugin before 1.24.1 does not use an atomic operation to check whether a user has already voted, and then update that information. | 3.1 |
| 2023-07-04 | CVE-2023-25523 | NULL Pointer Dereference vulnerability in Nvidia Cuda Toolkit NVIDIA CUDA toolkit for Linux and Windows contains a vulnerability in the nvdisasm binary file, where an attacker may cause a NULL pointer dereference by providing a user with a malformed ELF file. | 3.3 |
| 2023-06-30 | CVE-2023-3485 | Insecure Default Initialization of Resource vulnerability in Temporal Insecure defaults in open-source Temporal Server before version 1.20 on all platforms allows an attacker to craft a task token with access to a namespace other than the one specified in the request. | 3.6 |
| 2023-06-28 | CVE-2023-21512 | Incorrect Default Permissions vulnerability in Samsung Android 11.0/12.0/13.0 Improper Knox ID validation logic in notification framework prior to SMR Jun-2023 Release 1 allows local attackers to read work profile notifications without proper access permission. | 3.3 |