Search
Total
7 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2022-0005 | 1 Intel | 918 Celeron G5205u, Celeron G5205u Firmware, Celeron G5305u and 915 more | 2023-08-08 | 2.1 LOW | 2.4 LOW |
| Sensitive information accessible by physical probing of JTAG interface for some Intel(R) Processors with SGX may allow an unprivileged user to potentially enable information disclosure via physical access. | |||||
| CVE-2021-36382 | 1 Devolutions | 1 Devolutions Server | 2022-07-12 | 4.3 MEDIUM | 3.7 LOW |
| Devolutions Server before 2021.1.18, and LTS before 2020.3.20, allows attackers to intercept private keys via a man-in-the-middle attack against the connections/partial endpoint (which accepts cleartext). | |||||
| CVE-2021-37939 | 1 Elastic | 1 Kibana | 2021-11-23 | 4.0 MEDIUM | 2.7 LOW |
| It was discovered that Kibana’s JIRA connector & IBM Resilient connector could be used to return HTTP response data on internal hosts, which may be intentionally hidden from public view. Using this vulnerability, a malicious user with the ability to create connectors, could utilize these connectors to view limited HTTP response data on hosts accessible to the cluster. | |||||
| CVE-2019-10397 | 1 Jenkins | 1 Aqua Security Severless Scanner | 2021-10-28 | 2.6 LOW | 3.1 LOW |
| Jenkins Aqua Security Serverless Scanner Plugin 1.0.4 and earlier transmitted configured passwords in plain text as part of job configuration forms, potentially resulting in their exposure. | |||||
| CVE-2021-31815 | 1 Google | 1 Google\/apple Exposure Notifications | 2021-05-07 | 2.1 LOW | 3.3 LOW |
| GAEN (aka Google/Apple Exposure Notifications) through 2021-04-27 on Android allows attackers to obtain sensitive information, such as a user's location history, in-person social graph, and (sometimes) COVID-19 infection status, because Rolling Proximity Identifiers and MAC addresses are written to the Android system log, and many Android devices have applications (preinstalled by the hardware manufacturer or network operator) that read system log data and send it to third parties. NOTE: a news outlet (The Markup) states that they received a vendor response indicating that fix deployment "began several weeks ago and will be complete in the coming days." | |||||
| CVE-2020-27656 | 1 Synology | 1 Diskstation Manager | 2020-11-03 | 4.3 MEDIUM | 3.7 LOW |
| Cleartext transmission of sensitive information vulnerability in DDNS in Synology DiskStation Manager (DSM) before 6.2.3-25426-2 allows man-in-the-middle attackers to eavesdrop authentication information of DNSExit via unspecified vectors. | |||||
| CVE-2020-0884 | 1 Microsoft | 2 Visual Studio 2017, Visual Studio 2019 | 2020-03-17 | 4.3 MEDIUM | 3.7 LOW |
| A spoofing vulnerability exists in Microsoft Visual Studio as it includes a reply URL that is not secured by SSL, aka 'Microsoft Visual Studio Spoofing Vulnerability'. | |||||