Vulnerabilities > Low
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-12-06 | CVE-2022-42769 | Out-of-bounds Read vulnerability in Google Android 10.0/11.0/12.0 In wlan driver, there is a possible missing bounds check, This could lead to local denial of service in wlan services. | 3.3 |
| 2022-12-06 | CVE-2022-34881 | Information Exposure Through an Error Message vulnerability in Hitachi Jp1/Automatic Operation Generation of Error Message Containing Sensitive Information vulnerability in Hitachi JP1/Automatic Operation allows local users to gain sensitive information. This issue affects JP1/Automatic Operation: from 10-00 through 10-54-03, from 11-00 before 11-51-09, from 12-00 before 12-60-01. | 3.3 |
| 2022-12-02 | CVE-2022-4270 | Improper Privilege Management vulnerability in M-Files Server 22.2.11051.0/22.3.11237.3 Incorrect privilege assignment issue in M-Files Web in M-Files Web versions before 22.5.11436.1 could have changed permissions accidentally. | 2.6 |
| 2022-12-01 | CVE-2022-41969 | Weak Password Requirements vulnerability in Nextcloud Server Nextcloud Server is an open source personal cloud server. | 2.7 |
| 2022-12-01 | CVE-2022-3710 | SQL Injection vulnerability in Sophos XG Firewall Firmware 17.0/17.5/18.0 A post-auth read-only SQL injection vulnerability allows API clients to read non-sensitive configuration database contents in the API controller of Sophos Firewall releases older than version 19.5 GA. | 2.7 |
| 2022-11-30 | CVE-2022-46156 | Unspecified vulnerability in Grafana Synthetic Monitoring Agent The Synthetic Monitoring Agent for Grafana's Synthetic Monitoring application provides probe functionality and executes network checks for monitoring remote targets. | 3.3 |
| 2022-11-30 | CVE-2022-45842 | Unspecified vulnerability in Wpulike WP Ulike Unauth. | 3.7 |
| 2022-11-25 | CVE-2022-41954 | Unspecified vulnerability in Mpxj MPXJ is an open source library to read and write project plans from a variety of file formats and databases. | 3.3 |
| 2022-11-25 | CVE-2022-38377 | Unspecified vulnerability in Fortinet Fortianalyzer and Fortimanager An improper access control vulnerability [CWE-284] in FortiManager 7.2.0, 7.0.0 through 7.0.3, 6.4.0 through 6.4.7, 6.2.0 through 6.2.9, 6.0.0 through 6.0.11 and FortiAnalyzer 7.2.0, 7.0.0 through 7.0.3, 6.4.0 through 6.4.8, 6.2.0 through 6.2.10, 6.0.0 through 6.0.12 may allow a remote and authenticated admin user assigned to a specific ADOM to access other ADOMs information such as device information and dashboard information. | 2.7 |
| 2022-11-23 | CVE-2020-23587 | Cross-Site Request Forgery (CSRF) vulnerability in Optilinknetwork Op-Xt71000N Firmware 3.3.1191028 A vulnerability found in the OPTILINK OP-XT71000N Hardware Version: V2.2 , Firmware Version: OP_V3.3.1-191028 allows an unauthenticated, remote attacker to conduct a cross-site request forgery (CSRF) attack to men in the middle attack by adding New Routes in RoutingConfiguration on " /routing.asp ". | 3.1 |