Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-668

CWE-668

Exposure of Resource to Wrong Sphere

Parent: CWE-664 - Improper Control of a Resource Through its Lifetime

The product exposes a resource to the wrong control sphere, providing unintended actors with inappropriate access to the resource.

719 vulnerabilities with CWE-668

CVE-2022-41954 LOW

mpxj < 10.14.1 - Insecure Temporary File Permissions on Unix-like Systems

CVE-2022-38813 HIGH

PHPGurukul Blood Donor Mgmt <1.0 - Info Disclosure

CVE-2022-41946 MEDIUM

PostgreSQL JDBC Driver 42.2.0-42.2.27 - Insecure Temporary File Creation via InputStream Handling

CVE-2022-3952 LOW

ManyDesigns Portofino < 5.3.3 - Insecure Temporary File Permissions in WarFileLauncher.java

CVE-2022-41874 LOW

Tauri <1.0.7-1.1.2 - Info Disclosure

CVE-2022-3866 MEDIUM

HashiCorp Nomad <1.4.2 - Info Disclosure

CVE-2022-2882 MEDIUM

GitLab CE/EE <15.2.5, <15.3.4, <15.4.1 - Info Disclosure

CVE-2022-39349 MEDIUM

Tasks.org < 12.7.1 - Unintended Proxy via ShareLinkActivity File Path Handling

CVE-2022-39309 MEDIUM

GoCD < 21.1.0 - Authenticated Sensitive Data Exposure via Symmetric Key Leak

CVE-2022-39015 MEDIUM

BOE AdminTools/BOE SDK - Info Disclosure

CVE-2022-26121 LOW

FortiAnalyzer FortiManager GUI <7.0.4 - Info Disclosure

CVE-2022-39871 MEDIUM

Samsung SmartThings < 1.7.89.0 - Improper Access Control in cloudNotificationManager.java

CVE-2022-39870 MEDIUM

Samsung SmartThings < 1.7.89.0 - Improper Access Control via PUSH_MESSAGE_RECEIVED Broadcast

CVE-2022-39869 MEDIUM

Samsung SmartThings < 1.7.89.0 - Improper Access Control via REMOVE_PERSISTENT_BANNER Broadcast

CVE-2022-23950 HIGH

Keylime <6.3.0 - Privilege Escalation

CVE-2022-40234 MEDIUM

IBM Spectrum Protect Plus < 10.1.12 - Private Key Exposure in TLS Certificate Upload

CVE-2022-34867 HIGH

WP Libre Form 2 2.0.0-2.0.8 - Unauthenticated Sensitive Information Disclosure

CVE-2022-2403 MEDIUM

OpenShift >=4.9 - Authenticated Credentials Leak via oauth-serving-cert ConfigMap

CVE-2022-1902 HIGH

Red Hat Advanced Cluster Security - Privilege Escalation

CVE-2022-0852 MEDIUM

convert2rhel < 0.26 - Unauthorized Password Exposure via Command Line

CVE-2022-29850 HIGH

Lexmark Multiple Models Firmware Persistence Across Reboots via Compromised Device

CVE-2022-2610 MEDIUM

Google Chrome <104.0.5112.79 - Info Disclosure

CVE-2022-35936 HIGH

Ethermint <0.17.2 - Info Disclosure

CVE-2022-1875 MEDIUM

Google Chrome <102.0.5005.61 - Info Disclosure

CVE-2022-1873 MEDIUM

Google Chrome <102.0.5005.61 - Info Disclosure

Previous Page 13 of 29 Next

Details

Vulnerabilities 719

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy