A vulnerability was found in mariazevedo88 travels-java-api up to 5.0.1 and classified as problematic. Rated low severity (CVSS 2.3), this vulnerability is remotely exploitable. Public exploit code available and no vendor patch available.
Exposure of sensitive information in System UI prior to SMR Nov-2024 Release 1 allow local attackers to make malicious apps appear as legitimate. Rated low severity (CVSS 3.3), this vulnerability is low attack complexity. No vendor patch available.
symfony/validator is a module for the Symphony PHP framework which provides tools to validate values. Rated low severity (CVSS 3.1), this vulnerability is remotely exploitable. No vendor patch available.
symfony/security-bundle is a module for the Symphony PHP framework which provides a tight integration of the Security component into the Symfony full-stack framework. Rated low severity (CVSS 3.1), this vulnerability is remotely exploitable. No vendor patch available.
Improper authorization in Settings prior to SMR Nov-2024 Release 1 allows physical attackers to access stored WiFi password in Maintenance Mode. Rated low severity (CVSS 2.4), this vulnerability is no authentication required, low attack complexity. No vendor patch available.
Twig is a template language for PHP. Rated low severity (CVSS 2.2), this vulnerability is remotely exploitable. No vendor patch available.
Twig is a template language for PHP. Rated low severity (CVSS 2.2), this vulnerability is remotely exploitable. No vendor patch available.