Vulnerabilities > Low
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-09-09 | CVE-2022-36877 | Information Exposure Through Log Files vulnerability in Samsung Members Exposure of Sensitive Information in FaqSymptomCardViewModel in Samsung Members prior to versions 4.3.00.11 in Global and 14.0.02.4 in China allows local attackers to access device identification via log. | 3.3 |
| 2022-09-09 | CVE-2022-36878 | Information Exposure vulnerability in Samsung Find MY Mobile Exposure of Sensitive Information in Find My Mobile prior to version 7.2.25.14 allows local attacker to access IMEI via log. | 3.3 |
| 2022-09-09 | CVE-2022-38701 | Out-of-bounds Write vulnerability in multiple products OpenHarmony-v3.1.2 and prior versions have a heap overflow vulnerability. | 3.3 |
| 2022-09-08 | CVE-2022-22314 | Unspecified vulnerability in IBM Planning Analytics Workspace 2.0 IBM Planning Analytics Local 2.0 allows web pages to be stored locally which can be read by another user on the system. | 3.3 |
| 2022-09-06 | CVE-2022-1697 | Unquoted Search Path or Element vulnerability in Okta Active Directory Agent Okta Active Directory Agent versions 3.8.0 through 3.11.0 installed the Okta AD Agent Update Service using an unquoted path. | 3.9 |
| 2022-09-06 | CVE-2022-29053 | Unspecified vulnerability in Fortinet Fortios A missing cryptographic steps vulnerability [CWE-325] in the functions that encrypt the keytab files in FortiOS version 7.2.0, 7.0.0 through 7.0.5 and below 7.0.0 may allow an attacker in possession of the encrypted file to decipher it. | 3.3 |
| 2022-09-06 | CVE-2022-2945 | Path Traversal vulnerability in Connekthq Ajax Load More The WordPress Infinite Scroll – Ajax Load More plugin for WordPress is vulnerable to Directory Traversal in versions up to, and including, 5.5.3 via the 'type' parameter found in the alm_get_layout() function. | 2.7 |
| 2022-09-06 | CVE-2022-35931 | Inadequate Encryption Strength vulnerability in Nextcloud Password Policy Nextcloud Password Policy is an app that enables a Nextcloud server admin to define certain rules for passwords. | 2.7 |
| 2022-09-01 | CVE-2022-2256 | Cross-site Scripting vulnerability in Redhat Single Sign-On 7.0 A Stored Cross-site scripting (XSS) vulnerability was found in keycloak as shipped in Red Hat Single Sign-On 7. | 3.8 |
| 2022-08-29 | CVE-2022-2556 | Unspecified vulnerability in Mailchimp for Woocommerce The Mailchimp for WooCommerce WordPress plugin before 2.7.2 has an AJAX action that allows high privilege users to perform a POST request on behalf of the server to the internal network/LAN, the body of the request is also appended to the response so it can be used to scan private network for example | 2.7 |