Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-668

CWE-668

Exposure of Resource to Wrong Sphere

Parent: CWE-664 - Improper Control of a Resource Through its Lifetime

The product exposes a resource to the wrong control sphere, providing unintended actors with inappropriate access to the resource.

719 vulnerabilities with CWE-668

CVE-2022-25041 MEDIUM

OpenEMR 6.0.0 - Incorrect Access Control

CVE-2022-21718 LOW

Electron < 13.6.6 - Unauthenticated Bluetooth Device Access via Web Bluetooth API

CVE-2022-25481 HIGH

ThinkPHP Framework 5.0.24 - Unauthenticated Information Exposure via PATHINFO Misconfiguration

CVE-2022-24074 CRITICAL

Whale < 3.12.129.18 - Exposure of Resource to Wrong Sphere via Whale Bridge SendMessage

CVE-2022-24742 MEDIUM

Sylius <1.9.10, <1.10.11, <1.11.2 - Info Disclosure

CVE-2022-0815 MEDIUM

McAfee WebAdvisor < 8.1.0.1895 - Improper Access Control

CVE-2022-26355 MEDIUM

Citrix Federated Authentication Service 7.17-10.6 - Unprotected Private Key Exposure via PowerShell TPM Configuration

CVE-2022-24747 MEDIUM

Shopware <6.4.8.2 - Info Disclosure

CVE-2022-24986 HIGH

KDE KCron < 21.12.2 - Unauthorized Command Execution via Temporary File Reuse

CVE-2022-23835 HIGH

Visual Voice Mail <2022-02-24 - Info Disclosure

CVE-2022-25643 CRITICAL

seatd 0.6.0-0.6.3 - Privilege Escalation via User-Supplied Socket Pathname

CVE-2022-25236 CRITICAL

libexpat < 2.4.5 - Namespace URI Injection via Namespace-Separator Character

CVE-2022-24975 HIGH

Git < 2.35.1 - Unintended Data Exposure via Mirror Clone Documentation Gap

CVE-2022-0334 MEDIUM

Moodle <3.11.4-3.10.8-3.9.11 - Info Disclosure

CVE-2022-22154 MEDIUM

Juniper Junos 16.1R1-18.4R3, 19.1-19.1R3, 19.2-19.2R3 - Denial of Service via Satellite Device Cabling Manipulation

CVE-2022-23118 HIGH

Jenkins Debian Package Builder Plugin < 1.6.11 - OS Command Execution via Agent-Controlled Git Path

CVE-2022-21964 MEDIUM

Remote Desktop Licensing Diagnoser - Info Disclosure

CVE-2021-47401 MEDIUM

Linux Kernel 3.5-4.4.286 - Unprotected Kernel Memory Exposure via TTY Driver Name

CVE-2021-46937 MEDIUM

Linux Kernel 5.15-5.15.12 - Memory Leak in DAMON Debugfs Target IDs Write

CVE-2021-46935 MEDIUM

Linux Kernel 4.14.0-4.14.261 - Exposure of Resource to Wrong Sphere via Binder Async Free Space Accounting

CVE-2021-46923 MEDIUM

Linux Kernel 5.12-5.15.12 - Resource Exposure via mount_setattr Reference Leak

CVE-2021-46921 MEDIUM

Linux Kernel 4.15-4.19.188 - Exposure of Resource to Wrong Sphere via Queued Write Lock Slowpath

CVE-2021-46917 MEDIUM

Linux Kernel 5.8-5.12 DMA Engine WQCFG Register Handling Resource Exposure

CVE-2021-46906 MEDIUM

Linux Kernel < 4.4.274 - Information Disclosure in HID usbhid hid_submit_ctrl

CVE-2021-30153 MEDIUM

MediaWiki <1.35.2 - Info Disclosure

Previous Page 16 of 29 Next

Details

Vulnerabilities 719

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy