Vulnerabilities > Low

DATE CVE VULNERABILITY TITLE RISK
2023-06-16 CVE-2023-25186 Path Traversal vulnerability in Nokia Asika Airscale Firmware
An issue was discovered on NOKIA Airscale ASIKA Single RAN devices before 21B.
local
low complexity
nokia CWE-22
2.8
2023-06-16 CVE-2023-3291 Unspecified vulnerability in Gpac
Heap-based Buffer Overflow in GitHub repository gpac/gpac prior to 2.2.2.
local
low complexity
gpac
3.3
2023-06-13 CVE-2023-34115 Classic Buffer Overflow vulnerability in Zoom Meeting SDK
Buffer copy without checking size of input in Zoom Meeting SDK before 5.13.0 may allow an authenticated user to potentially enable a denial of service via local access.
local
low complexity
zoom CWE-120
3.8
2023-06-13 CVE-2023-20867 A fully compromised ESXi host can force VMware Tools to fail to authenticate host-to-guest operations, impacting the confidentiality and integrity of the guest virtual machine.
local
high complexity
vmware debian fedoraproject
3.9
2023-06-13 CVE-2022-42474 Path Traversal vulnerability in Fortinet Fortiproxy and Fortiswitchmanager
A relative path traversal vulnerability [CWE-23] in Fortinet FortiOS version 7.2.0 through 7.2.3, version 7.0.0 through 7.0.9 and before 6.4.12, FortiProxy version 7.2.0 through 7.2.1 and 7.0.0 through 7.0.7, FortiSwitchManager version 7.2.0 through 7.2.1 and before 7.0.1 allows an privileged attacker to delete arbitrary directories from the filesystem through crafted HTTP requests.
network
low complexity
fortinet CWE-22
2.7
2023-06-13 CVE-2023-32114 Unspecified vulnerability in SAP Netweaver
SAP NetWeaver (Change and Transport System) - versions 702, 731, 740, 750, 751, 752, 753, 754, 755, 756, 757, allows an authenticated user with admin privileges to maliciously run a benchmark program repeatedly in intent to slowdown or make the server unavailable which may lead to a limited impact on Availability with No impact on Confidentiality and Integrity of the application.
network
low complexity
sap
2.7
2023-06-09 CVE-2023-1430 Unspecified vulnerability in Wpmanageninja Fluentcrm
The FluentCRM - Marketing Automation For WordPress plugin for WordPress is vulnerable to unauthorized modification of data in versions up to, and including, 2.7.40 due to the use of an MD5 hash without a salt to control subscriptions.
network
high complexity
wpmanageninja
3.7
2023-06-08 CVE-2023-33847 Unspecified vulnerability in IBM Cics TX and Txseries for Multiplatform
IBM TXSeries for Multiplatforms 8.1, 8.2, 9.1, CICS TX Standard, 11.1, CICS TX Advanced 10.1, and 11.1 does not set the secure attribute on authorization tokens or session cookies.
network
high complexity
ibm
3.1
2023-06-07 CVE-2023-24476 Unspecified vulnerability in PTC Vuforia Studio
An attacker with local access to the machine could record the traffic, which could allow them to resend requests without the server authenticating that the user or session are valid.
local
low complexity
ptc
3.3
2023-06-07 CVE-2023-33849 Missing Encryption of Sensitive Data vulnerability in IBM Cics TX and Txseries for Multiplatforms
IBM TXSeries for Multiplatforms 8.1, 8.2, 9.1, CICS TX Standard, 11.1, CICS TX Advanced 10.1, and 11.1 could transmit sensitive information in query parameters that could be intercepted using man in the middle techniques.
network
high complexity
ibm CWE-311
3.7