Vulnerabilities > Low

DATE CVE VULNERABILITY TITLE RISK
2022-06-27 CVE-2022-2106 Path Traversal vulnerability in Smartics 2.3.4.0
Elcomplus SmartICS v2.3.4.0 does not validate the filenames sufficiently, which enables authenticated administrator-level users to perform path traversal attacks and specify arbitrary files.
network
low complexity
smartics CWE-22
2.7
2.7
2022-06-25 CVE-2022-31017 Unspecified vulnerability in Zulip
Zulip is an open-source team collaboration tool.
network
high complexity
zulip
2.6
2.6
2022-06-24 CVE-2021-20551 Exposure of Resource to Wrong Sphere vulnerability in IBM Jazz Team Server
IBM Jazz Team Server 6.0.6, 6.0.6.1, 7.0, 7.0.1, and 7.0.2 allows web pages to be stored locally which can be read by another user on the system.
local
low complexity
ibm CWE-668
3.3
3.3
2022-06-18 CVE-2022-33981 Use After Free vulnerability in multiple products
drivers/block/floppy.c in the Linux kernel before 5.17.6 is vulnerable to a denial of service, because of a concurrency use-after-free flaw after deallocating raw_cmd in the raw_cmd_ioctl function.
local
low complexity
linux debian CWE-416
3.3
3.3
2022-06-15 CVE-2022-31071 Unspecified vulnerability in Octopoller Project Octopoller 0.2.0
Octopoller is a micro gem for polling and retrying.
local
low complexity
octopoller-project
3.3
3.3
2022-06-15 CVE-2022-31072 Unspecified vulnerability in Octokit Project Octokit 4.23.0/4.24.0
Octokit is a Ruby toolkit for the GitHub API.
local
low complexity
octokit-project
3.3
3.3
2022-06-14 CVE-2022-29615 Unspecified vulnerability in SAP Netweaver Developer Studio 7.50
SAP NetWeaver Developer Studio (NWDS) - version 7.50, is based on Eclipse, which contains the logging framework log4j in version 1.x.
local
low complexity
sap
3.4
3.4
2022-06-14 CVE-2022-29482 Improper Certificate Validation vulnerability in Dena Mobaoku-Auction & Flea Market
'Mobaoku-Auction&Flea Market' App for iOS versions prior to 5.5.16 improperly verifies server certificates, which may allow an attacker to eavesdrop on an encrypted communication via a man-in-the-middle attack.
network
high complexity
dena CWE-295
3.7
3.7
2022-06-13 CVE-2022-2061 Out-of-bounds Write vulnerability in Chafa Project Chafa
Heap-based Buffer Overflow in GitHub repository hpjansson/chafa prior to 1.12.0.
local
low complexity
chafa-project CWE-787
3.3
3.3
2022-06-10 CVE-2022-22426 Unspecified vulnerability in IBM Spectrum Copy Data Management
IBM Spectrum Copy Data Management Admin 2.2.0.0 through 2.2.15.0 could allow a local attacker to bypass authentication restrictions, caused by the lack of proper session management.
local
low complexity
ibm
3.3
3.3