Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-668

CWE-668

Exposure of Resource to Wrong Sphere

Parent: CWE-664 - Improper Control of a Resource Through its Lifetime

The product exposes a resource to the wrong control sphere, providing unintended actors with inappropriate access to the resource.

719 vulnerabilities with CWE-668

CVE-2021-30921 MEDIUM

iOS <14.5, iPadOS <14.5 - Info Disclosure

CVE-2021-28633 MEDIUM

Adobe Creative Cloud Desktop Application < 2.4 - Arbitrary File Overwrite via Insecure Temporary File Creation

CVE-2021-29280 MEDIUM

TP-Link TL-WR840N Firmware - Buffer Overflow via ARP Poisoning

CVE-2021-38712 HIGH

OneNav 0.9.12 - Information Disclosure via Database File Exposure

CVE-2021-37704 MEDIUM

phpfastcache < 6.1.5 - Exposure of Sensitive Information via Unprotected Vendor Directory

CVE-2021-22385 HIGH

Huawei EMUI and Magic UI - Local Kernel Code Execution

CVE-2021-22420 HIGH

HarmonyOS - External Control of System or Configuration Setting

CVE-2021-32788 MEDIUM

Discourse < 2.7.7 - Unauthorized Post Creator Exposure via Whisper Post Handling

CVE-2021-32760 MEDIUM

containerd <1.4.8-1.5.4 - Privilege Escalation

CVE-2021-0588 MEDIUM

Android 8.1-9 - Unauthenticated SMS Disclosure via MceStateMachine

CVE-2021-25432 LOW

Samsung Members <2.4.85.11-3.9.10.11 - Info Disclosure

CVE-2021-20461 MEDIUM

IBM Cognos Analytics <11.1 - Privilege Escalation

CVE-2021-28623 MEDIUM

Adobe Premiere Elements < 5.3 - Unauthenticated Privilege Escalation via Insecure Temporary File Creation

CVE-2021-28597 MEDIUM

Adobe Photoshop Elements < 5.3 - Unauthenticated Insecure Temporary File Creation

CVE-2021-24001 MEDIUM

Firefox < 88.0 - Unauthorized Session History Manipulation via Compromised Content Process

CVE-2021-25652 MEDIUM

Avaya Aura Appliance Virtualization Platform 8.0.0.0-8.1.3.1 - Unauthorized Information Disclosure

CVE-2021-0542 MEDIUM

Android 11 - Unauthenticated Local Information Disclosure via BeamTransferManager

CVE-2021-21382 HIGH

restund < 0.4.15 - Unauthenticated Administrative Command Execution via TURN Relay

CVE-2021-22897 MEDIUM

curl 7.61.0-7.76.1 - Data Element Exposure via CURLOPT_SSL_CIPHER_LIST

CVE-2021-34539 HIGH

CubeCoders AMP < 2.1.1.8 - Authenticated Remote Code Execution via Java Version Setting

CVE-2021-33669 HIGH

SAP Mobile SDK Certificate Provider < 3.0.8 - Insecure Temporary File Storage

CVE-2021-22550 MEDIUM

Google Asylo <0.6.3 - Memory Corruption

CVE-2021-22549 MEDIUM

Google Asylo < 0.6.2 - Arbitrary Trusted Memory Overwrite via Out-of-range Pointer Offset

CVE-2021-22118 HIGH

Spring Framework 5.2.0-5.2.14 - Authenticated Privilege Escalation via WebFlux Temporary Storage Directory

CVE-2021-31154 HIGH

pleaseedit <0.4 - Privilege Escalation

Previous Page 20 of 29 Next

Details

Vulnerabilities 719

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy