Search
14,631 CVEs · Low severity
CVEs (14,631, showing first 500)
Only the first 500 CVEs (by current sort) are shown when searching without a keyword. Add a search term above to narrow the results.
Showing 326–350 of 14,631 (capped at 500)
| CVE ID | Severity | Patch | CVSS ↑ | Published | Description |
|---|---|---|---|---|---|
| CVE-2025-58156 | LOW | Patched | 1.9 | 2025-08-29 | Centurion ERP is an ERP with a focus on ITSM and automation. In versions starting from 1.12.0 to before 1.21.0, an authenticated user can view all authentication token deta… |
| CVE-2025-21096 | LOW | 1.9 | 2025-08-12 | Improper buffer restrictions in the firmware for some Intel(R) TDX may allow a privileged user to potentially enable escalation of privilege via local access. | |
| CVE-2025-47729 | LOW | Patched | 1.9 | 2025-05-08 | The TeleMessage archiving backend through 2025-05-05 holds cleartext copies of messages from TM SGNL (aka Archive Signal) app users, which is different functionality than d… |
| CVE-2024-53855 | LOW | Patched | 1.9 | 2024-11-27 | Centurion ERP (Enterprise Rescource Planning) is a simple application developed to provide open source IT management with a large emphasis on the IT Service Management (ITS… |
| CVE-2023-31305 | LOW | 1.9 | 2024-08-13 | Generation of weak and predictable Initialization Vector (IV) in PMFW (Power Management Firmware) may allow an attacker with privileges to reuse IV values to reverse-engine… | |
| CVE-2023-20518 | LOW | 1.9 | 2024-08-13 | Incomplete cleanup in the ASP may expose the Master Encryption Key (MEK) to a privileged attacker with access to the BIOS menu or UEFI shell and a memory exfiltration vulne… | |
| CVE-2023-20512 | LOW | 1.9 | 2024-08-13 | A hardcoded AES key in PMFW may result in a privileged attacker gaining access to the key, potentially resulting in internal debug information leakage. | |
| CVE-2024-42155 | LOW | Patched | 1.9 | 2024-07-30 | In the Linux kernel, the following vulnerability has been resolved: s390/pkey: Wipe copies of protected- and secure-keys Although the clear-key of neither protected- nor … |
| CVE-2024-29963 | LOW | Patched | 1.9 | 2024-04-19 | Brocade SANnav OVA before v2.3.1, and v2.3.0a, contain hardcoded TLS keys used by Docker. Note: Brocade SANnav doesn't have access to remote Docker registries. |
| CVE-2023-20526 | LOW | Patched | 1.9 | 2023-11-14 | Insufficient input validation in the ASP Bootloader may enable a privileged attacker with physical access to expose the contents of ASP memory potentially leading to a loss… |
| CVE-2022-46298 | LOW | Patched | 1.9 | 2023-11-14 | Incomplete cleanup for some Intel Unison software may allow a privileged user to potentially enable denial of service via local access. |
| CVE-2022-46301 | LOW | Patched | 1.9 | 2023-11-14 | Improper Initialization for some Intel Unison software may allow a privileged user to potentially enable denial of service via local access. |
| CVE-2022-41659 | LOW | Patched | 1.9 | 2023-11-14 | Improper access control for some Intel Unison software may allow a privileged user to potentially enable denial of service via local access. |
| CVE-2021-26345 | LOW | Patched | 1.9 | 2023-11-14 | Failure to validate the value in APCB may allow a privileged attacker to tamper with the APCB token to force an out-of-bounds memory read potentially resulting in a denial … |
| CVE-2022-23830 | LOW | Patched | 1.9 | 2023-11-14 | SMM configuration may not be immutable, as intended, when SNP is enabled resulting in a potential limited loss of guest memory integrity. |
| CVE-2022-36330 | LOW | Patched | 1.9 | 2023-05-10 | A buffer overflow vulnerability was discovered on firmware version validation that could lead to an unauthenticated remote code execution in Western Digital My Cloud Home, … |
| CVE-2022-34377 | LOW | Patched | 1.9 | 2023-02-10 | Dell PowerEdge BIOS and Dell Precision BIOS contain an Improper SMM communication buffer verification vulnerability. A local malicious user with high Privileges may pote… |
| CVE-2022-4610 | LOW | Patched | 1.9 | 2022-12-19 | A vulnerability, which was classified as problematic, has been found in Click Studios Passwordstate and Passwordstate Browser Extension Chrome. Affected by this issue is so… |
| CVE-2022-29836 | LOW | Patched | 1.9 | 2022-11-09 | Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability was discovered via an HTTP API on Western Digital My Cloud Home; My Cloud Home … |
| CVE-2022-36852 | LOW | 1.9 | 2022-09-09 | Improper Authorization vulnerability in Video Editor prior to SMR Sep-2022 Release 1 allows local attacker to access internal application data. | |
| CVE-2022-36857 | LOW | Patched | 1.9 | 2022-09-09 | Improper Authorization vulnerability in Photo Editor prior to SMR Sep-2022 Release 1 allows physical attackers to read internal application data. |
| CVE-2022-30728 | LOW | 1.9 | 2022-06-07 | Information exposure vulnerability in ScanPool prior to SMR Jun-2022 Release 1 allows local attackers to get MAC address information. | |
| CVE-2022-30714 | LOW | 1.9 | 2022-06-07 | Information exposure vulnerability in SemIWCMonitor prior to SMR Jun-2022 Release 1 allows local attackers to get MAC address information. | |
| CVE-2022-25830 | LOW | Patched | 1.9 | 2022-03-10 | Information Exposure vulnerability in Galaxy Watch3 Plugin prior to version 2.2.09.22012751 allows attacker to access password information of connected WiFiAp in the log |
| CVE-2022-25829 | LOW | Patched | 1.9 | 2022-03-10 | Information Exposure vulnerability in Watch Active2 Plugin prior to version 2.2.08.22012751 allows attacker to access password information of connected WiFiAp in the log |