Winner (aka ToneWinner) desktop speakers through 2021-08-09 allow remote attackers to recover speech signals from the power-indicator LED via a telescope and an electro-optical sensor, aka a. Rated low severity (CVSS 3.7), this vulnerability is remotely exploitable, no authentication required. Public exploit code available and no vendor patch available.
In KDE Trojita 0.7, man-in-the-middle attackers can create new folders because untagged responses from an IMAP server are accepted before STARTTLS. Rated low severity (CVSS 3.7), this vulnerability is remotely exploitable, no authentication required. Public exploit code available and no vendor patch available.
Dell Wyse ThinOS, versions 9.0, 9.1, and 9.1 MR1, contain a Sensitive Information Disclosure Vulnerability. Rated low severity (CVSS 3.9), this vulnerability is low attack complexity.
Dell Wyse ThinOS, version 9.0, contains a Sensitive Information Disclosure Vulnerability. Rated low severity (CVSS 3.9), this vulnerability is low attack complexity.
A vulnerability has been identified in JT2Go (All versions < V13.2.0.2), Teamcenter Visualization (All versions < V13.2.0.2). Rated low severity (CVSS 3.3), this vulnerability is no authentication required, low attack complexity. No vendor patch available.