Vulnerabilities > Low
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2023-06-16 | CVE-2023-25186 | Path Traversal vulnerability in Nokia Asika Airscale Firmware An issue was discovered on NOKIA Airscale ASIKA Single RAN devices before 21B. | 2.8 |
2023-06-16 | CVE-2023-3291 | Unspecified vulnerability in Gpac Heap-based Buffer Overflow in GitHub repository gpac/gpac prior to 2.2.2. | 3.3 |
2023-06-13 | CVE-2023-34115 | Classic Buffer Overflow vulnerability in Zoom Meeting SDK Buffer copy without checking size of input in Zoom Meeting SDK before 5.13.0 may allow an authenticated user to potentially enable a denial of service via local access. | 3.8 |
2023-06-13 | CVE-2023-20867 | A fully compromised ESXi host can force VMware Tools to fail to authenticate host-to-guest operations, impacting the confidentiality and integrity of the guest virtual machine. | 3.9 |
2023-06-13 | CVE-2022-42474 | Path Traversal vulnerability in Fortinet Fortiproxy and Fortiswitchmanager A relative path traversal vulnerability [CWE-23] in Fortinet FortiOS version 7.2.0 through 7.2.3, version 7.0.0 through 7.0.9 and before 6.4.12, FortiProxy version 7.2.0 through 7.2.1 and 7.0.0 through 7.0.7, FortiSwitchManager version 7.2.0 through 7.2.1 and before 7.0.1 allows an privileged attacker to delete arbitrary directories from the filesystem through crafted HTTP requests. | 2.7 |
2023-06-13 | CVE-2023-32114 | Unspecified vulnerability in SAP Netweaver SAP NetWeaver (Change and Transport System) - versions 702, 731, 740, 750, 751, 752, 753, 754, 755, 756, 757, allows an authenticated user with admin privileges to maliciously run a benchmark program repeatedly in intent to slowdown or make the server unavailable which may lead to a limited impact on Availability with No impact on Confidentiality and Integrity of the application. | 2.7 |
2023-06-09 | CVE-2023-1430 | Unspecified vulnerability in Wpmanageninja Fluentcrm The FluentCRM - Marketing Automation For WordPress plugin for WordPress is vulnerable to unauthorized modification of data in versions up to, and including, 2.7.40 due to the use of an MD5 hash without a salt to control subscriptions. | 3.7 |
2023-06-08 | CVE-2023-33847 | Unspecified vulnerability in IBM Cics TX and Txseries for Multiplatform IBM TXSeries for Multiplatforms 8.1, 8.2, 9.1, CICS TX Standard, 11.1, CICS TX Advanced 10.1, and 11.1 does not set the secure attribute on authorization tokens or session cookies. | 3.1 |
2023-06-07 | CVE-2023-24476 | Unspecified vulnerability in PTC Vuforia Studio An attacker with local access to the machine could record the traffic, which could allow them to resend requests without the server authenticating that the user or session are valid. | 3.3 |
2023-06-07 | CVE-2023-33849 | Missing Encryption of Sensitive Data vulnerability in IBM Cics TX and Txseries for Multiplatforms IBM TXSeries for Multiplatforms 8.1, 8.2, 9.1, CICS TX Standard, 11.1, CICS TX Advanced 10.1, and 11.1 could transmit sensitive information in query parameters that could be intercepted using man in the middle techniques. | 3.7 |