Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-668

CWE-668

Exposure of Resource to Wrong Sphere

Parent: CWE-664 - Improper Control of a Resource Through its Lifetime

The product exposes a resource to the wrong control sphere, providing unintended actors with inappropriate access to the resource.

719 vulnerabilities with CWE-668

CVE-2021-41989 HIGH

Qlik QlikView < 12.60.20100.0 - Temporary File Creation in Directory with Insecure Permissions

CVE-2021-41988 HIGH

Qlik NPrinting Designer < 21.14.3.0 - Temporary File Creation in Directory with Insecure Permissions

CVE-2021-26343 MEDIUM

AMD EPYC 7003 Firmware < milanpi_1.0.0.3 - Information Disclosure via ASP BIOS and DRTM Commands

CVE-2021-3859 HIGH

Undertow - Denial of Service

CVE-2021-0734 MEDIUM

Android 13 - Unauthenticated Local Information Disclosure via Installed App Detection Side Channel

CVE-2021-46687 MEDIUM

JFrog Artifactory <7.31.10,6.23.38 - Info Disclosure

CVE-2021-20551 LOW

IBM Jazz Team Server - Info Disclosure

CVE-2021-36710 HIGH

ToaruOS 1.99.2 - Privilege Escalation via MMU and GDT Manipulation

CVE-2021-43066 HIGH

FortiClientWindows < 6.4.7 - Privilege Escalation via MSI Installer

CVE-2021-42255 HIGH

AppGuard Enterprise < 6.7.100.1 - Privilege Escalation via Insecure Temporary File Permissions

CVE-2021-39777 MEDIUM

Android 12L - Unauthenticated Local Information Disclosure via Telephony App Installation Check

CVE-2021-22572 MEDIUM

File.createTempFile - Info Disclosure

CVE-2021-4180 MEDIUM

openstack-tripleo-heat-templates < 11.6.1 - Sensitive Information Exposure via www_authenticate_uri

CVE-2021-27424 MEDIUM

GE Multilin UR Firmware < 8.10 - Unauthorized Information Exposure via MODBUS Register

CVE-2021-28488 MEDIUM

Ericsson Network Manager < 21.2 - Incorrect Access Control in AMOS Authorization Group

CVE-2021-42714 HIGH

Splashtop < 3.5.0.0 - Exposure of Resource to Wrong Sphere via Temporary File in Directory with Insecure Permissions

CVE-2021-42713 HIGH

Splashtop < 3.4.8.4 - Exposure of Resource to Wrong Sphere via Temporary File Creation

CVE-2021-42712 HIGH

Splashtop Streamer < 3.5.0.0 - Temporary File Creation in Directory with Insecure Permissions

CVE-2021-45420 CRITICAL

Emerson Dixell XWEB-500 Firmware - Unauthenticated Arbitrary File Write via logo_extra_upload.cgi

CVE-2021-45402 MEDIUM

Linux Kernel < 5.16 - Information Disclosure via BPF Verifier Bounds Check

CVE-2021-33096 MEDIUM

Intel 82599EN/ES/EB Firmware < 5.13.4 - Authenticated Denial of Service via Network on Chip Resource Isolation

CVE-2021-46354 HIGH

Thinfinity VirtualUI <3.0 - Info Disclosure

CVE-2021-42641 HIGH

PrinterLogic Web Stack <= 19.1.1.13 SP9 - Unauthenticated Insecure Direct Object Reference

CVE-2021-42640 CRITICAL

PrinterLogic Web Stack <= 19.1.1.13 SP9 - Unauthenticated Insecure Direct Object Reference

CVE-2021-24868 MEDIUM

Document Embedder <1.7.9 - Info Disclosure

Previous Page 17 of 29 Next

Details

Vulnerabilities 719

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy