MinIO is a High Performance Object Storage released under GNU Affero General Public License v3.0. Rated low severity (CVSS 2.7), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available.
NextAuth.js is a complete open source authentication solution for Next.js applications. Rated low severity (CVSS 3.3), this vulnerability is low attack complexity. No vendor patch available.
IBM Datapower Gateway 10.0.2.0 through 10.0.4.0, 10.0.1.0 through 10.0.1.5, and 2018.4.1.0 through 2018.4.1.18 could allow unauthorized viewing of logs and files due to insufficient authorization. Rated low severity (CVSS 3.3), this vulnerability is low attack complexity. This Incorrect Authorization vulnerability could allow attackers to bypass authorization checks to access restricted resources.
Flask-AppBuilder is an application development framework built on top of Flask python framework. Rated low severity (CVSS 2.7), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.