Vulnerabilities > Low
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-05-12 | CVE-2022-0005 | Cleartext Transmission of Sensitive Information vulnerability in Intel products Sensitive information accessible by physical probing of JTAG interface for some Intel(R) Processors with SGX may allow an unprivileged user to potentially enable information disclosure via physical access. | 2.4 |
| 2022-05-11 | CVE-2022-28252 | Out-of-bounds Read vulnerability in Adobe products Acrobat Reader DC version 22.001.2011x (and earlier), 20.005.3033x (and earlier) and 17.012.3022x (and earlier) are affected by an out-of-bounds read vulnerability when parsing a crafted file, which could result in a read past the end of an allocated memory structure. | 3.3 |
| 2022-05-11 | CVE-2021-26342 | Unspecified vulnerability in AMD products In SEV guest VMs, the CPU may fail to flush the Translation Lookaside Buffer (TLB) following a particular sequence of operations that includes creation of a new virtual machine control block (VMCB). | 3.3 |
| 2022-05-11 | CVE-2022-1426 | Improper Authentication vulnerability in Gitlab An issue has been discovered in GitLab affecting all versions starting from 12.6 before 14.8.6, all versions starting from 14.9 before 14.9.4, all versions starting from 14.10 before 14.10.1. | 3.7 |
| 2022-05-09 | CVE-2022-28162 | Cleartext Storage of Sensitive Information vulnerability in Broadcom Sannav 2.1.0/2.1.1/2.1.1.8 Brocade SANnav before version SANnav 2.2.0 logs the REST API Authentication token in plain text. | 3.3 |
| 2022-05-06 | CVE-2021-27751 | Insufficient Session Expiration vulnerability in Hcltechsw HCL Commerce HCL Commerce is affected by an Insufficient Session Expiration vulnerability. | 3.3 |
| 2022-05-03 | CVE-2022-28784 | Path Traversal vulnerability in Google Android 10.0/11.0/12.0 Path traversal vulnerability in Galaxy Themes prior to SMR May-2022 Release 1 allows attackers to list file names in arbitrary directory as system user. | 3.3 |
| 2022-05-03 | CVE-2022-28790 | Improper Authentication vulnerability in Samsung Link to Windows Service Improper authentication in Link to Windows Service prior to version 2.3.04.1 allows attacker to lock the device. | 3.3 |
| 2022-05-01 | CVE-2022-21149 | Cross-site Scripting vulnerability in S-Cart The package s-cart/s-cart before 6.9; the package s-cart/core before 6.9 are vulnerable to Cross-site Scripting (XSS) which can lead to cookie stealing of any victim that visits the affected URL so the attacker can gain unauthorized access to that user's account through the stolen cookie. | 3.5 |
| 2022-04-29 | CVE-2022-1249 | NULL Pointer Dereference vulnerability in Pesign Project Pesign A NULL pointer dereference flaw was found in pesign's cms_set_pw_data() function of the cms_common.c file. | 3.3 |