In PHP versions 7.2.x below 7.2.33, 7.3.x below 7.3.21 and 7.4.x below 7.4.9, while processing PHAR files using phar extension, phar_parse_zipfile could be tricked into accessing freed memory, which. Rated low severity (CVSS 3.6). Public exploit code available.
The Raccoon attack exploits a flaw in the TLS specification which can lead to an attacker being able to compute the pre-master secret in connections which have used a Diffie-Hellman (DH) based. Rated low severity (CVSS 3.7), this vulnerability is remotely exploitable, no authentication required.
An information exposure through log file vulnerability where an administrator's password or other sensitive information may be logged in cleartext while using the CLI in Palo Alto Networks PAN-OS. Rated low severity (CVSS 3.3), this vulnerability is low attack complexity. No vendor patch available.
An information exposure through log file vulnerability where sensitive fields are recorded in the configuration log without masking on Palo Alto Networks PAN-OS software when the after-change-detail. Rated low severity (CVSS 3.3), this vulnerability is low attack complexity. No vendor patch available.