Vulnerabilities > Low
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-05-30 | CVE-2023-2117 | Unspecified vulnerability in 10Web Image Optimizer The Image Optimizer by 10web WordPress plugin before 1.0.27 does not sanitize the dir parameter when handling the get_subdirs ajax action, allowing a high privileged users such as admins to inspect names of files and directories outside of the sites root. | 2.7 |
| 2023-05-29 | CVE-2021-37845 | Unspecified vulnerability in Citadel Webcit An issue was discovered in Citadel through webcit-932. | 3.7 |
| 2023-05-26 | CVE-2023-28322 | An information disclosure vulnerability exists in curl <v8.1.0 when doing HTTP(S) transfers, libcurl might erroneously use the read callback (`CURLOPT_READFUNCTION`) to ask for data to send, even when the `CURLOPT_POSTFIELDS` option has been set, if the same handle previously wasused to issue a `PUT` request which used that callback. | 3.7 |
| 2023-05-26 | CVE-2023-31225 | Unspecified vulnerability in Huawei Emui The Gallery app has the risk of hijacking attacks. | 3.3 |
| 2023-05-25 | CVE-2023-31124 | Use of Insufficiently Random Values vulnerability in multiple products c-ares is an asynchronous resolver library. | 3.7 |
| 2023-05-19 | CVE-2023-28623 | Missing Authorization vulnerability in Zulip Zulip is an open-source team collaboration tool with unique topic-based threading. | 3.7 |
| 2023-05-19 | CVE-2023-32677 | Missing Authorization vulnerability in Zulip Zulip is an open-source team collaboration tool with unique topic-based threading. | 3.1 |
| 2023-05-18 | CVE-2023-28369 | Unspecified vulnerability in Brother Iprint&Scan 6.11.2 Brother iPrint&Scan V6.11.2 and earlier contains an improper access control vulnerability. | 3.3 |
| 2023-05-18 | CVE-2023-20106 | Unspecified vulnerability in Cisco Identity Services Engine 3.1/3.2 Multiple vulnerabilities in Cisco Identity Services Engine (ISE) could allow an authenticated attacker to delete or read arbitrary files on the underlying operating system. | 3.8 |
| 2023-05-17 | CVE-2022-42336 | Unspecified vulnerability in XEN 4.17 Mishandling of guest SSBD selection on AMD hardware The current logic to set SSBD on AMD Family 17h and Hygon Family 18h processors requires that the setting of SSBD is coordinated at a core level, as the setting is shared between threads. | 3.3 |