The MongoDB Shell may be susceptible to control character injection where an attacker with control over the database cluster contents can inject control characters into the shell output. Rated low severity (CVSS 3.9), this vulnerability is remotely exploitable. No vendor patch available.
An improper access control issue in the VQL shell feature in Velociraptor Versions < 0.73.4 allowed authenticated users to execute the execve() plugin in deployments where this was explicitly. Rated low severity (CVSS 3.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.
IBM EntireX 11.1 could allow a local user to obtain sensitive information when a detailed technical error message is returned. Rated low severity (CVSS 3.3), this vulnerability is low attack complexity. No vendor patch available.
IBM EntireX 11.1 could allow a local user to obtain sensitive information when a detailed technical error message is returned. Rated low severity (CVSS 3.3), this vulnerability is low attack complexity. No vendor patch available.
IBM EntireX 11.1 could allow a local user to obtain sensitive information when a detailed technical error message is returned. Rated low severity (CVSS 3.3), this vulnerability is low attack complexity. No vendor patch available.
IBM EntireX 11.1 could allow a local user to obtain sensitive information when a detailed technical error message is returned. Rated low severity (CVSS 3.3), this vulnerability is low attack complexity. No vendor patch available.
IBM EntireX 11.1 could allow a local user to obtain sensitive information when a detailed technical error message is returned. Rated low severity (CVSS 3.3), this vulnerability is low attack complexity. No vendor patch available.
IBM EntireX 11.1 could allow a local user to obtain sensitive information when a detailed technical error message is returned. Rated low severity (CVSS 3.3), this vulnerability is low attack complexity. No vendor patch available.
IBM EntireX 11.1 could allow a local user to obtain sensitive information when a detailed technical error message is returned. Rated low severity (CVSS 3.3), this vulnerability is low attack complexity. No vendor patch available.
IBM EntireX 11.1 could allow a local user to unintentionally modify data timestamp integrity due to improper shared resource synchronization. Rated low severity (CVSS 3.3), this vulnerability is low attack complexity. No vendor patch available.