Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-668

CWE-668

Exposure of Resource to Wrong Sphere

Parent: CWE-664 - Improper Control of a Resource Through its Lifetime

The product exposes a resource to the wrong control sphere, providing unintended actors with inappropriate access to the resource.

719 vulnerabilities with CWE-668

CVE-2023-25954 MEDIUM

KYOCERA Mobile Print < 3.2.0.230119 - Unauthenticated Arbitrary File Download via Intent Handling

CVE-2023-25409 HIGH

Aten PE8108 2.4.232 - Incorrect Access Control

CVE-2023-26588 HIGH

Buffalo network devices <1.10-0.03 - Info Disclosure

CVE-2023-26458 MEDIUM

SAP Landscape Management <3.0 - Info Disclosure

CVE-2023-29192 LOW

SilverwareGames.io <1.2.19 - Info Disclosure

CVE-2023-1777 MEDIUM

Mattermost < 7.1.6 and 7.8.0 - Unauthorized Message Content Exposure via createPost API

CVE-2023-1775 MEDIUM

Mattermost Server < 7.1.6 - Unauthorized Sensitive Information Exposure via Websocket Event Broadcast

CVE-2023-28336 MEDIUM

Moodle 3.9.0-3.9.19 and 4.1.0-4.1.1 - Exposure of Sensitive Information via Grade Report History

CVE-2023-1402 MEDIUM

Moodle - Information Disclosure via Course Participation Report

CVE-2023-28433 HIGH

Minio <RELEASE.2023-03-20T20-16-18Z - Privilege Escalation

CVE-2023-1562 LOW

Mattermost < 7.5.0 - Exposure of Sensitive Information via Focalboard API

CVE-2023-24906 MEDIUM

Microsoft PostScript and PCL6 Class Printer Driver - Info Disclosure

CVE-2023-24870 MEDIUM

Microsoft PostScript and PCL6 Class Printer Driver - Info Disclosure

CVE-2023-24866 MEDIUM

Microsoft PostScript and PCL6 Class Printer Driver - Info Disclosure

CVE-2023-24863 MEDIUM

Microsoft PostScript and PCL6 Class Printer Driver - Info Disclosure

CVE-2023-23409 MEDIUM

Windows 10 1507-22H2 and Windows 11 21H2-22H2 - Information Disclosure in Client Server Run-Time Subsystem

CVE-2023-23394 MEDIUM

Windows 10 1507-22H2 and Windows 11 21H2-22H2 - Information Disclosure via CSRSS Untrusted Pointer Dereference

CVE-2023-25802 HIGH

roxy-wi < 6.3.6.0 - Path Traversal via Directory Traversal Sequences

CVE-2023-22892 HIGH

SmartBear Zephyr Enterprise <= 7.15.0 - Unauthenticated Arbitrary File Read

CVE-2023-20061 MEDIUM

Cisco Unified Intelligence Center - SSRF

CVE-2023-25536 MEDIUM

Dell PowerScale OneFS 9.4.0.0-9.4.0.10 - Authenticated Exposure of Sensitive Information in Certificate Management

CVE-2023-25544 HIGH

Dell NetWorker < 19.6 - Apache Tomcat Version Disclosure

CVE-2023-24567 HIGH

Dell NetWorker <19.5 - Info Disclosure

CVE-2023-22777 MEDIUM

ArubaOS 8.6.0.0-8.6.0.18 and SD-WAN 8.7.0.0-2.3.0.0-8.7.0.0-2.3.0.7 - Authenticated Arbitrary File Read

CVE-2023-22775 MEDIUM

Aruba SD-WAN 8.7.0.0-2.3.0.0-8.7.0.0-2.3.0.7 and ArubaOS 8.6.0.0-8.6.0.18 - Authenticated Information Disclosure via CLI

Previous Page 10 of 29 Next

Details

Vulnerabilities 719

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy