A vulnerability classified as problematic was found in WebAssembly wabt 1.0.36. Rated low severity (CVSS 2.3), this vulnerability is remotely exploitable, no authentication required. Public exploit code available and no vendor patch available.
Execution time for an unsuccessful login differs when using a non-existing username compared to using an existing one. Rated low severity (CVSS 2.3), this vulnerability is no authentication required. No vendor patch available.
Zabbix API user.get returns all users that share common group with the calling user. Rated low severity (CVSS 2.1), this vulnerability is low attack complexity. No vendor patch available.
Out-of-bounds array write in Xpdf 4.05 and earlier, triggered by an invalid VerticesPerRow value in a PDF shading dictionary. Rated low severity (CVSS 2.1), this vulnerability is no authentication required. No vendor patch available.
Next.js is a React framework for building full-stack web applications. Rated low severity (CVSS 1.7), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.
Arduino IDE 2.x is an IDE based on the Theia IDE framework and built with Electron. Rated low severity (CVSS 1.0), this vulnerability is no authentication required, low attack complexity. No vendor patch available.