An Ubuntu-specific modification to AccountsService in versions before 0.6.55-0ubuntu13.2, among other earlier versions, improperly dropped the ruid, allowing untrusted users to send signals to. Rated low severity (CVSS 3.3), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.
toucbase.ai before version 2.0 leaks information by not stripping exif data from images. Rated low severity (CVSS 3.5), this vulnerability is remotely exploitable, low attack complexity. This Exposure of Sensitive Information vulnerability could allow attackers to access sensitive data that should not be disclosed.
Microsoft Word Security Feature Bypass Vulnerability. Rated low severity (CVSS 3.3), this vulnerability is no authentication required, low attack complexity.
In some Lenovo Desktop models, the Configuration Change Detection BIOS setting failed to detect SATA configuration changes. Rated low severity (CVSS 2.4), this vulnerability is no authentication required, low attack complexity. No vendor patch available.