Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-668

CWE-668

Exposure of Resource to Wrong Sphere

Parent: CWE-664 - Improper Control of a Resource Through its Lifetime

The product exposes a resource to the wrong control sphere, providing unintended actors with inappropriate access to the resource.

719 vulnerabilities with CWE-668

CVE-2023-26041 LOW

Nextcloud Talk <15.0.3 - Info Disclosure

CVE-2023-23501 MEDIUM

macOS < 13.2 - Kernel Memory Exposure via Improper Memory Handling

CVE-2023-27265 LOW

Mattermost 5.12.0-7.6.9 - Authenticated Email Address Exposure via Regenerate Invite Id API

CVE-2023-0481 LOW

Quarkus < 2.16.1 - Insecure Temporary File Permissions in FileBodyHandler

CVE-2023-26081 HIGH

Epiphany < 43.1 - Password Exfiltration via Autofill in Sandboxed Contexts

CVE-2023-25192 MEDIUM

AMI MegaRAC SP-X - User Enumeration via Redfish

CVE-2023-21714 MEDIUM

Microsoft 365 Apps and Office Long Term Servicing Channel - Information Disclosure via Out-of-bounds Read

CVE-2023-21687 MEDIUM

Microsoft Windows HTTP.sys - Information Disclosure

CVE-2023-24523 HIGH

SAP Host Agent <7.22 - Privilege Escalation

CVE-2023-21447 MEDIUM

Samsung Cloud < 5.3.0.32 - Improper Access Control via Implicit Intent

CVE-2023-21445 MEDIUM

Samsung Android MyFiles < 12.2.09/13.1.03.501/14.1.00.422 - Unauthenticated Arbitrary File Write via Implicit Intent

CVE-2023-21438 LOW

Samsung Android - Improper Access Control in HomeScreen

CVE-2023-21611 HIGH

Adobe Acrobat Reader <22.003.20282 - Privilege Escalation

CVE-2023-22497 MEDIUM

netdata < 1.37.0 - Improper Authentication via MACHINE_GUID as API Key

CVE-2023-21536 MEDIUM

Event Tracing for Windows - Info Disclosure

CVE-2022-49509 HIGH

Linux Kernel 5.9-5.15.45, 5.16.0-5.17.13, 5.18.0-5.18.2 - Use-After-Free in max9286 I2C Driver

CVE-2022-48757 HIGH

Linux Kernel - Information Disclosure via /proc/net/ptype

CVE-2022-20917 MEDIUM

Cisco Jabber < 12.6.6, < 12.8.8, < 14.1.4 - Authenticated XMPP Message Manipulation via Nested Message Handling

CVE-2022-46901 HIGH

Vocera Report Server & Voice Server <5.8 - Info Disclosure

CVE-2022-43684 CRITICAL

ServiceNow Quebec Rome San Diego Tokyo Utah - Authenticated Exposure of Sensitive Information via ACL Bypass

CVE-2022-40525 HIGH

Qualcomm CSR8811 and IPQ/QCA/QCN Firmware - Information Disclosure via Side Channel Analysis

CVE-2022-40523 HIGH

Qualcomm 9205 LTE Modem Firmware - Information Disclosure via Indirect Branch Misprediction

CVE-2022-40210 MEDIUM

Intel Data Center Manager < 5.0.1 - Authenticated Privilege Escalation via Session Data Exposure

CVE-2022-38087 MEDIUM

Intel(R) Processors - Info Disclosure

CVE-2022-47338 HIGH

Android - Denial of Service in Telecom Service

Previous Page 11 of 29 Next

Details

Vulnerabilities 719

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy