A validation issue was addressed with improved logic. Rated low severity (CVSS 3.3), this vulnerability is no authentication required, low attack complexity. No vendor patch available.
A permissions issue was addressed with improved validation. Rated low severity (CVSS 3.3), this vulnerability is no authentication required, low attack complexity. No vendor patch available.
A permissions issue was addressed with improved validation. Rated low severity (CVSS 3.3), this vulnerability is no authentication required, low attack complexity. No vendor patch available.
Server Side Request Forgery (SSRF) vulnerability exists in owncloud/user_ldap < 0.15.4 in the settings of the user_ldap app. Rated low severity (CVSS 2.7), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.
Magento versions 2.4.2 (and earlier), 2.4.1-p1 (and earlier) and 2.3.6-p1 (and earlier) are vulnerable to an Information Disclosure vulnerability when uploading a modified png file to a product. Rated low severity (CVSS 2.7), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.
An issue existed with authenticating the action triggered by an NFC tag. Rated low severity (CVSS 2.4), this vulnerability is no authentication required, low attack complexity. No vendor patch available.
Description: A person with physical access may be able to access contacts. Rated low severity (CVSS 2.4), this vulnerability is no authentication required, low attack complexity. No vendor patch available.