Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-668

CWE-668

Exposure of Resource to Wrong Sphere

Parent: CWE-664 - Improper Control of a Resource Through its Lifetime

The product exposes a resource to the wrong control sphere, providing unintended actors with inappropriate access to the resource.

719 vulnerabilities with CWE-668

CVE-2022-46257 MEDIUM

GitHub Enterprise Server - Info Disclosure

CVE-2022-44310 HIGH

ecdh < 0.2.0 - Exposure of Resource to Wrong Sphere via Invalid Public Key

CVE-2022-39952 CRITICAL

Fortinet FortiNAC keyUpload.jsp arbitrary file write

CVE-2022-34387 MEDIUM

Dell SupportAssist < 3.11.4 (Home) / < 3.2.0 (Business) - Privilege Escalation via Insecure Temporary File

CVE-2022-34364 MEDIUM

BSAFE SSL-J <6.5, 7.0 - Info Disclosure

CVE-2022-4903 MEDIUM

CodenameOne < 7.0.71 - Use of Implicit Intent for Sensitive Communication

CVE-2022-34452 LOW

Dell PowerPath Management Appliance 3.0-3.3 - Authenticated Sensitive Information Disclosure via Log Files

CVE-2022-46756 HIGH

Dell VxRail < 7.0.410 - Container Escape and OS Command Execution

CVE-2022-22732 LOW

EcoStruxure Power Commission < 2.22 - Exposure of Resource to Wrong Sphere via Fetch Request

CVE-2022-26329 LOW

NetIQ Identity Manager <4.8.5 - Info Disclosure

CVE-2022-45438 MEDIUM

Apache Superset <=1.5.2 and 2.0.0 - Unauthenticated Exposure of Dashboard Metadata via REST API

CVE-2022-24913 MEDIUM

java-merge-sort < 1.1.0 - Insecure Temporary File via StdTempFileProvider

CVE-2022-45935 MEDIUM

Apache James < 3.7.2 - Unprotected User Data Exposure via Temporary Files

CVE-2022-0337 MEDIUM

Google Chrome <97.0.4692.71 - Info Disclosure

CVE-2022-48198 CRITICAL

ntpd_driver < 1.3.0 and 2.x < 2.2.0 - Unauthenticated Exposure of Resource to Wrong Sphere via time_ref_topic Parameter

CVE-2022-4817 LOW

centic9 jgit-cookbook - Insecure Temp File

CVE-2022-45895 MEDIUM

Planet eStream < 6.72.10.07 - Sensitive Information Exposure via ON Cookie and WhoAmI Endpoint

CVE-2022-38474 MEDIUM

Firefox < 104.0 for Android - Unauthenticated Audio Recording Without Notification

CVE-2022-31596 MEDIUM

SAP BusinessObjects <430 - Info Disclosure

CVE-2022-38599 MEDIUM

Teleport v3.2.2 v3.5.6-rc6 v3.6.3-b2 - Information Leak via /user/get-role-list

CVE-2022-32221 CRITICAL

curl - Exposure of Sensitive Information via Reused Handle Logic

CVE-2022-41971 MEDIUM

Nextcloud Talk 12.0.0-12.2.7 - Unauthorized Video Stream Access After Removal

CVE-2022-43901 MEDIUM

IBM WebSphere Automation <1.4.3 - Info Disclosure

CVE-2022-1911 MEDIUM

M-Files Server <22.6.11534.1, <22.6.11505.0 - Info Disclosure

CVE-2022-21126 HIGH

htsjdk < 3.0.1 - Insecure Temporary Directory Creation in IOUtil.createTempDir()

Previous Page 12 of 29 Next

Details

Vulnerabilities 719

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy