Search
14,626 CVEs · Low severity
CVEs (14,626, showing first 500)
Only the first 500 CVEs (by current sort) are shown when searching without a keyword. Add a search term above to narrow the results.
Showing 426–450 of 14,626 (capped at 500)
| CVE ID | Severity | Patch | CVSS ↓ | Published | Description |
|---|---|---|---|---|---|
| CVE-2022-21295 | LOW | Patched | 3.8 | 2022-01-19 | Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). The supported version that is affected is Prior to 6.1.32. Easily exploitable … |
| CVE-2022-21265 | LOW | Patched | 3.8 | 2022-01-19 | Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.27 and prior. Easily exploitable vuln… |
| CVE-2021-25527 | LOW | Patched | 3.8 | 2021-12-08 | Improper export of Android application components vulnerability in Samsung Pay (India only) prior to version 4.1.77 allows attacker to access Bill Pay and Recharge menu wit… |
| CVE-2021-39896 | LOW | Patched | 3.8 | 2021-10-04 | In all versions of GitLab CE/EE since version 8.0, when an admin uses the impersonate feature twice and stops impersonating, the admin may be logged in as the second user t… |
| CVE-2020-25082 | LOW | Patched | 3.8 | 2021-08-10 | An attacker with physical access to Nuvoton Trusted Platform Module (NPCT75x 7.2.x before 7.2.2.0) could extract an Elliptic Curve Cryptography (ECC) private key via a side… |
| CVE-2021-3595 | LOW | Patched | 3.8 | 2021-06-15 | An invalid pointer initialization issue was found in the SLiRP networking implementation of QEMU. The flaw exists in the tftp_input() function and could occur while process… |
| CVE-2021-3592 | LOW | Patched | 3.8 | 2021-06-15 | An invalid pointer initialization issue was found in the SLiRP networking implementation of QEMU. The flaw exists in the bootp_input() function and could occur while proces… |
| CVE-2021-3593 | LOW | Patched | 3.8 | 2021-06-15 | An invalid pointer initialization issue was found in the SLiRP networking implementation of QEMU. The flaw exists in the udp6_input() function and could occur while process… |
| CVE-2021-3594 | LOW | Patched | 3.8 | 2021-06-15 | An invalid pointer initialization issue was found in the SLiRP networking implementation of QEMU. The flaw exists in the udp_input() function and could occur while processi… |
| CVE-2021-32556 | LOW | Patched | 3.8 | 2021-06-12 | It was discovered that the get_modified_conffiles() function in backends/packaging-apt-dpkg.py allowed injecting modified package names in a manner that would confuse the d… |
| CVE-2021-3039 | LOW | Patched | 3.8 | 2021-06-10 | An information exposure through log file vulnerability exists in the Palo Alto Networks Prisma Cloud Compute Console where a secret used to authorize the role of the authen… |
| CVE-2020-10065 | LOW | Patched | 3.8 | 2021-05-25 | Missing Size Checks in Bluetooth HCI over SPI. Zephyr versions >= v1.14.2, >= v2.2.0 contain Improper Handling of Length Parameter Inconsistency (CWE-130). For more informa… |
| CVE-2021-24242 | LOW | Patched | 3.8 | 2021-04-22 | The Tutor LMS – eLearning and online course solution WordPress plugin before 1.8.8 is affected by a local file inclusion vulnerability through the maliciously constructed s… |
| CVE-2021-22497 | LOW | Patched | 3.8 | 2021-04-12 | Advanced Authentication versions prior to 6.3 SP4 have a potential broken authentication due to improper session management issue. |
| CVE-2021-21529 | LOW | Patched | 3.8 | 2021-04-02 | Dell System Update (DSU) 1.9 and earlier versions contain a denial of service vulnerability. A local authenticated malicious user with low privileges may potentially exploi… |
| CVE-2021-25775 | LOW | Patched | 3.8 | 2021-02-03 | In JetBrains TeamCity before 2020.2.1, the server admin could create and see access tokens for any other users. |
| CVE-2021-1998 | LOW | Patched | 3.8 | 2021-01-20 | Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.20 and prior. Easily exploitable vuln… |
| CVE-2020-4919 | LOW | Patched | 3.8 | 2021-01-04 | IBM Cloud Pak System 2.3 has insufficient logout controls which could allow an authenticated privileged user to impersonate another user on the system. IBM X-Force ID: 191395. |
| CVE-2020-11947 | LOW | 3.8 | 2020-12-31 | iscsi_aio_ioctl_cb in block/iscsi.c in QEMU 4.1.0 has a heap-based buffer over-read that may disclose unrelated information from process memory to an attacker. | |
| CVE-2020-16128 | LOW | 3.8 | 2020-12-09 | The aptdaemon DBus interface disclosed file existence disclosure by setting Terminal/DebconfSocket properties, aka GHSL-2020-192 and GHSL-2020-196. This affected versions p… | |
| CVE-2020-14736 | LOW | 3.8 | 2020-10-21 | Vulnerability in the Database Vault component of Oracle Database Server. Supported versions that are affected are 11.2.0.4, 12.1.0.2 and 12.2.0.1. Easily exploitable vulner… | |
| CVE-2020-13307 | LOW | Patched | 3.8 | 2020-09-15 | A vulnerability was discovered in GitLab versions before 13.1.10, 13.2.8 and 13.3.4. GitLab was not revoking current user sessions when 2 factor authentication was activate… |
| CVE-2020-13304 | LOW | Patched | 3.8 | 2020-09-14 | A vulnerability was discovered in GitLab versions before 13.1.10, 13.2.8 and 13.3.4. Same 2 factor Authentication secret code was generated which resulted an attacker to ma… |
| CVE-2020-13297 | LOW | Patched | 3.8 | 2020-09-14 | A vulnerability was discovered in GitLab versions before 13.1.10, 13.2.8 and 13.3.4. When 2 factor authentication was enabled for groups, a malicious user could bypass that… |
| CVE-2020-13302 | LOW | Patched | 3.8 | 2020-09-14 | A vulnerability was discovered in GitLab versions before 13.1.10, 13.2.8 and 13.3.4. Under certain conditions GitLab was not properly revoking user sessions and allowed a m… |