ipl/web is a set of common web components for php projects. Rated low severity (CVSS 3.9), this vulnerability is remotely exploitable. No vendor patch available.
The com.cascadialabs.who (aka Who - Caller ID, Spam Block) application 15.0 for Android places sensitive information in the system log. Rated low severity (CVSS 3.3), this vulnerability is low attack complexity. No vendor patch available.
Biscuit is an authorization token with decentralized verification, offline attenuation and strong security policy enforcement based on a logic language. Rated low severity (CVSS 3.0), this vulnerability is remotely exploitable. No vendor patch available.