Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-668

CWE-668

Exposure of Resource to Wrong Sphere

Parent: CWE-664 - Improper Control of a Resource Through its Lifetime

The product exposes a resource to the wrong control sphere, providing unintended actors with inappropriate access to the resource.

721 vulnerabilities with CWE-668

CVE-2019-11728 MEDIUM

Firefox < 68.0 - TCP Port Scanning via Alt-Svc Header

CVE-2019-3970 MEDIUM

Comodo Antivirus <= 12.0.0.6810 - Arbitrary File Write via Cavwp.exe Database Handling

CVE-2019-13379 HIGH

AVTECH Room Alert 3E Firmware < 2.2.5 - Unauthenticated Privilege Escalation via Default Credential Reset

CVE-2019-9186 CRITICAL

JetBrains IntelliJ IDEA 2018.1-2018.1.7 - Remote Code Execution via JMX Server

CVE-2019-3569 HIGH

HHVM < 3.30.5 and 4.0-4.8 - Unintended FastCGI Interface Binding

CVE-2019-12929 CRITICAL

QEMU < 4.0.0 - OS Command Injection via QMP guest_exec Command

CVE-2019-12928 CRITICAL

QEMU < 4.0.0 - OS Command Injection via QMP Migrate Command

CVE-2019-1848 CRITICAL

Cisco DNA Center < 1.3 - Unauthenticated Critical Internal Services Access

CVE-2019-12904 MEDIUM

Libgcrypt 1.8.4 - Information Exposure via Flush-and-Reload Side-Channel Attack

CVE-2019-12875 MEDIUM

Alpine Linux abuild < 3.4.0 - Unauthenticated Untrusted Package Addition via Keys Directory Option

CVE-2019-12274 HIGH

Rancher 1-2.2.3 - Privilege Escalation

CVE-2019-8934 LOW

QEMU <= 3.1.0 - Information Exposure via Shared /proc/device-tree Attributes

CVE-2019-8308 HIGH

flatpak < 1.0.7 and 1.1.x-1.2.x < 1.2.3 - Arbitrary File Modification via /proc Exposure

CVE-2018-25068 MEDIUM

devent globalpom-utils <4.5.0 - Insecure Temp File

CVE-2018-16494 HIGH

Versa Operating System < 16.1r2s11 - Insecure File Permissions via Umask Setting

CVE-2018-20947 MEDIUM

cPanel 61.9999.55-62.0.39 - Unauthenticated Arbitrary File Write via telnetcrt Script

CVE-2018-4048 HIGH

GOG Galaxy 1.2.48.36 - Local Privilege Escalation via Temp Directory File Overwrite

CVE-2018-7846 CRITICAL

Modicon M580, M340, Quantum and Premium Firmware - Unauthorized Access via Modbus Brute Force Attack

CVE-2018-20321 HIGH

Rancher <2.1.5 - Privilege Escalation

CVE-2018-18068 CRITICAL

Raspberry Pi 3 Model B+ Firmware - Unauthenticated Privilege Escalation via ARM Debugging Feature

CVE-2018-20237 MEDIUM

Atlassian Confluence <6.13.1 - Info Disclosure

CVE-2018-1840 MEDIUM

IBM WebSphere Application Server 8.5.0.0-8.5.5.13 - Privilege Escalation via Federated Repository Migration

CVE-2018-15591 HIGH

Ivanti Workspace Control < 10.3.10.0 - Application Whitelist Bypass via PowerGrid SEE

CVE-2018-8040 MEDIUM

Apache Traffic Server <6.2.2, <7.1.3 - Info Disclosure

CVE-2018-7073 MEDIUM

HPE Moonshot Provisioning Manager < 1.24 - Local Arbitrary File Modification

Previous Page 26 of 29 Next

Details

Vulnerabilities 721

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy