The Vagrant VMWare Utility Windows installer targeted a custom location with a non-protected path that could be modified by an unprivileged user, introducing potential for unauthorized file system. Rated low severity (CVSS 3.3), this vulnerability is low attack complexity. No vendor patch available.
Organization admins can delete pending invites created in an organization they are not part of. Rated low severity (CVSS 2.7), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.
Profile files from TRO600 series radios are extracted in plain-text and encrypted file formats. Rated low severity (CVSS 2.7), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.