Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-668

CWE-668

Exposure of Resource to Wrong Sphere

Parent: CWE-664 - Improper Control of a Resource Through its Lifetime

The product exposes a resource to the wrong control sphere, providing unintended actors with inappropriate access to the resource.

721 vulnerabilities with CWE-668

CVE-2019-10805 HIGH

valib.js < 2.0.0 - Internal Property Tampering via hasOwnProperty Override

CVE-2019-10790 HIGH

taffydb <= 2.7.3 - Unauthenticated Data Access via Index Forgery

CVE-2019-4633 MEDIUM

IBM Security Secret Server <10.7 - Info Disclosure

CVE-2019-10781 CRITICAL

schema-inspector < 1.6.9 - Validation Bypass via Malicious JavaScript Object

CVE-2019-3682 HIGH

SUSE CaaS Platform 3.0 - Exposure of Resource to Wrong Sphere via Insecure Docker API

CVE-2019-20149 HIGH

kind-of 6.0.0-6.0.2 - Exposure of Resource to Wrong Sphere via ctorName Overwrite

CVE-2019-8779 CRITICAL

iPadOS < 13.1.1 - Unauthenticated Exposure of Resource to Wrong Sphere

CVE-2019-13927 MEDIUM

Siemens Desigo PX Automation Controllers - Denial of Service via Crafted HTTP Message

CVE-2019-15689 MEDIUM

Kaspersky Secure Connection/Internet Security/Total Security/Security Cloud - Unauthenticated Arbitrary Code Execution

CVE-2019-19015 CRITICAL

TitanHQ WebTitan <5.18 - Code Injection

CVE-2019-16387 HIGH

PEGA Platform 8.3.0 - Privilege Escalation

CVE-2019-16241 MEDIUM

TCL Alcatel Cingular Flip 2 B9HUAH1 - Auth Bypass

CVE-2019-16541 CRITICAL

Jenkins JIRA Plugin <3.0.10 - Privilege Escalation

CVE-2019-15350 HIGH

TECNO H622 Camon - Unauthenticated Privilege Escalation via com.lovelyfont.defcontainer FunctionService

CVE-2019-15349 HIGH

TECNO H612 Camon - Unauthenticated Privilege Escalation via com.lovelyfont.defcontainer FunctionService

CVE-2019-15346 HIGH

Tecno Camon iClick 2 Firmware - Unauthenticated Privilege Escalation via com.lovelyfont.defcontainer FunctionService

CVE-2019-15345 HIGH

Tecno Camon iClick Firmware - Unauthenticated Arbitrary Code Execution via com.lovelyfont.defcontainer FunctionService

CVE-2019-15341 HIGH

Tecno Camon iAir 2 Plus Firmware - Unauthenticated Privilege Escalation via com.lovelyfont.defcontainer FunctionService

CVE-2019-18954 MEDIUM

Pomelo < 2.2.7 - Critical State Data Manipulation via User Input

CVE-2019-4306 MEDIUM

IBM Security Guardium Big Data Intelligence - Info Disclosure

CVE-2019-13546 MEDIUM

IntelliSpace Perinatal K- - Privilege Escalation

CVE-2019-12660 MEDIUM

Cisco IOS XE >= 16.1.1 - Authenticated Memory Write via CLI Command Injection

CVE-2019-16518 MEDIUM

Vandy Vape Swell Kit Mod Firmware - Unintended Temperature Control via Bluetooth Low Energy Packets

CVE-2019-15138 HIGH

html-pdf < 3.0.1 - Arbitrary File Read via XMLHttpRequest

CVE-2019-10365 MEDIUM

Jenkins Google Kubernetes Engine Plugin <= 0.6.2 - Unauthorized Access Token Exposure via Temporary File

Previous Page 25 of 29 Next

Details

Vulnerabilities 721

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy