A vulnerability has been identified in Heliox Flex 180 kW EV Charging Station (All versions < F4.11.1), Heliox Mobile DC 40 kW EV Charging Station (All versions < L4.10.1). [CVSS 2.6 LOW]
An improper restriction of excessive authentication attempts vulnerability in Fortinet FortiAnalyzer 7.6.0 through 7.6.4, FortiAnalyzer 7.4 all versions, FortiAnalyzer 7.2 all versions, FortiAnalyzer 7.0 all versions, FortiAnalyzer 6.4 all versions, FortiAnalyzer Cloud 7.6.0 through 7.6.4, FortiAnalyzer Cloud 7.4 all versions, FortiAnalyzer Cloud 7.2 all versions, FortiAnalyzer Cloud 7.0 all versions, FortiAnalyzer Cloud 6.4 all versions, FortiManager 7.6.0 through 7.6.4, FortiManager 7.4 all...
Due to missing authorization check in SAP NetWeaver Application Server for ABAP, an authenticated attacker could execute specific ABAP function module and read the sensitive information from database catalog of the ABAP system. [CVSS 3.5 LOW]
HCL Sametime for Android is impacted by a sensitive information disclosure. Hostnames information is written in application logs and certain URL [CVSS 3.3 LOW]
In VPU, there is a possible use-after-free read due to a race condition. This could lead to local information disclosure with no additional execution privileges needed. [CVSS 2.9 LOW]
A NULL Pointer Dereference vulnerability [CWE-476] vulnerability in Fortinet FortiWeb 8.0.0 through 8.0.2, FortiWeb 7.6.0 through 7.6.6, FortiWeb 7.4 all versions, FortiWeb 7.2 all versions, FortiWeb 7.0 all versions may allow an authenticated attacker to crash the HTTP daemon via crafted HTTP requests. [CVSS 2.7 LOW]
Specially crafted ZIP archives can escape the intended extraction directory during Node.js download and extraction in Vaadin 14.2.0 versions up to 14.14.0 is affected by path traversal.
Android versions up to - contains a vulnerability that allows attackers to physical information disclosure with no additional execution privileges needed (CVSS 2.1).
RenderBlocking is a MediaWiki extension that allows interface administrators to specify render-blocking CSS and JavaScript. versions up to 0.1.1 is affected by cross-site scripting (xss).