Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-668

CWE-668

Exposure of Resource to Wrong Sphere

Parent: CWE-664 - Improper Control of a Resource Through its Lifetime

The product exposes a resource to the wrong control sphere, providing unintended actors with inappropriate access to the resource.

719 vulnerabilities with CWE-668

CVE-2021-20999 CRITICAL

Weidmüller u-controls/IoT-Gateways <1.12.1 - DoS

CVE-2021-26309 LOW

TeamCity < 2020.2.2.85899 - Information Disclosure via Insecure Temporary File Permissions

CVE-2021-21430 MEDIUM

OpenAPI Generator < 5.1.1 - Insecure Temporary File Creation via File.createTempFile

CVE-2021-21428 CRITICAL

openapi-generator < 5.1.0 - Insecure Temporary File Permissions

CVE-2021-1438 MEDIUM

Cisco Wide Area Application Services < 6.4.5a - Authenticated Arbitrary File Read via CLI Command Injection

CVE-2021-31410 HIGH

Vaadin Designer <4.6.3 - Info Disclosure

CVE-2021-31407 HIGH

com.vaadin:flow-server <2.4.7, Vaadin <14.4.9 - RCE

CVE-2021-28168 MEDIUM

Eclipse Jersey 2.28-2.33 & 3.0.0-3.0.1 - Info Disclosure

CVE-2021-22539 HIGH

VScode-bazel <0.4.1 - Code Injection

CVE-2021-25314 HIGH

SUSE Linux Enterprise High Availability <15-SP2 - Privilege Escalation

CVE-2021-25364 MEDIUM

Secure Folder <SMR APR-2021 Release 1 - Info Disclosure

CVE-2021-25357 MEDIUM

Create Movie <SMR APR-2021 Release 1 - Info Disclosure

CVE-2021-25352 MEDIUM

Bixby Voice <3.0.52.14 - Privilege Escalation

CVE-2021-1423 MEDIUM

Cisco Aironet Access Point Software - Authenticated Arbitrary File Write via CLI Command

CVE-2021-21334 MEDIUM

containerd <1.3.10 and 1.4.0-<1.4.4 - Unintended Environment Variable Exposure via CRI Implementation

CVE-2021-23958 MEDIUM

Firefox < 85.0 - Unintended Information Leak via Screen Sharing State Transfer

CVE-2021-27236 CRITICAL

Mutare Voice 3.0.0-3.3.7 - Unauthenticated Local File Inclusion and Remote Code Execution via getfile.asp

CVE-2021-21290 MEDIUM

Netty <4.1.59.Final - Info Disclosure

CVE-2020-22647 CRITICAL

DepositGame 1.0 - Info Disclosure

CVE-2020-27601 LOW

BigBlueButton <2.2.7 - Info Disclosure

CVE-2020-25459 HIGH

WeBank FATE 0.1-1.4.2 - Sensitive Information Exposure via sync_tree Function

CVE-2020-36532 MEDIUM

Klapp App - Unauthenticated Exposure of Sensitive Information via Authorization Component

CVE-2020-4989 MEDIUM

IBM Rational Team Concert - Exposure to Wrong Actor

CVE-2020-13670 HIGH

Drupal Core 8.8.0-8.8.9, 8.9.0-8.9.5, 9.0.0-9.0.5 - Unauthenticated Information Disclosure in File Module

CVE-2020-20948 HIGH

jeecg v3.8 - Arbitrary File Download via LocalPath Variable

Previous Page 21 of 29 Next

Details

Vulnerabilities 719

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy