Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-668

CWE-668

Exposure of Resource to Wrong Sphere

Parent: CWE-664 - Improper Control of a Resource Through its Lifetime

The product exposes a resource to the wrong control sphere, providing unintended actors with inappropriate access to the resource.

719 vulnerabilities with CWE-668

CVE-2021-43560 MEDIUM

Moodle <3.11.3-3.9.10 - Info Disclosure

CVE-2021-36319 LOW

Dell Networking OS10 <10.5.1.x - Info Disclosure

CVE-2021-42254 HIGH

BeyondTrust Privilege Management for Windows < 21.6 - Temporary File Creation in Directory with Insecure Permissions

CVE-2021-26327 MEDIUM

AMD EPYC 7003 Firmware < milanpi-sp3_1.0.0.4 - Loss of Guest Confidentiality via Insufficient Guest Context Validation

CVE-2021-26312 MEDIUM

AMD EPYC 7001 Series Firmware - Improper TLB Flush in IOMMU

CVE-2021-22047 MEDIUM

Spring Data REST 3.4.0-3.4.13 and 3.5.0-3.5.5 - Exposure of Sensitive Information via Unauthorized URI Access

CVE-2021-22044 HIGH

Spring Cloud OpenFeign 2.2.0-2.2.9 and 3.0.0-3.0.4 - Unintended Endpoint Exposure via Type-Level RequestMapping

CVE-2021-22468 LOW

HarmonyOS - Kernel Address Leakage via Exposure of Sensitive Information

CVE-2021-22454 MEDIUM

HarmonyOS - External Control of System or Configuration Setting

CVE-2021-34761 MEDIUM

Cisco Firepower Threat Defense - Privilege Escalation

CVE-2021-42536 HIGH

Emerson Wireless 1410/1410D/1420 Gateway < 4.7.94 - Unauthenticated Credential Exposure

CVE-2021-41140 MEDIUM

Discourse-reactions <0.2 - Info Disclosure

CVE-2021-39184 MEDIUM

Electron < 11.5.0, 12.1.0, 13.3.0 - Unauthorized File Content Exposure via Thumbnail API

CVE-2021-40497 MEDIUM

SAP BusinessObjects Analysis <430 - Info Disclosure

CVE-2021-40496 MEDIUM

SAP NetWeaver ABAP - Authenticated Data Exposure via ICM Authentication Function

CVE-2021-41094 MEDIUM

Wire 3.68-3.69 - Unauthenticated Encryption at Rest Bypass via Passcode Disabling

CVE-2021-22869 CRITICAL

GitHub Enterprise Server - Privilege Escalation

CVE-2021-41088 HIGH

Elvish < 0.14.0 - Origin Validation Error in Web UI Backend

CVE-2021-22009 HIGH

VMware Cloud Foundation 3.0-4.0 and vCenter Server - Denial of Service via VAPI Service Memory Exhaustion

CVE-2021-34723 MEDIUM

Cisco IOS XE SD-WAN - Authenticated Arbitrary File Write via CLI Command

CVE-2021-40639 HIGH

Jfinal CMS 5.1.0 - Incorrect Authorization via /classes/conf/db.properties

CVE-2021-23034 HIGH

BIG-IP <16.1.0, 15.1.x <15.1.3.1 - DoS

CVE-2021-39212 MEDIUM

ImageMagick 6.9.12-0-6.9.12-22 - Race Condition in Policy Enforcement

CVE-2021-28568 MEDIUM

Adobe Genuine Service < 7.1 - Authenticated Privilege Escalation via Insecure File Permissions

CVE-2021-36002 MEDIUM

Adobe Captivate <11.5.5 - Privilege Escalation

Previous Page 19 of 29 Next

Details

Vulnerabilities 719

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy