CWE-668

Exposure of Resource to Wrong Sphere

Parent: CWE-664 - Improper Control of a Resource Through its Lifetime

The product exposes a resource to the wrong control sphere, providing unintended actors with inappropriate access to the resource.

721 vulnerabilities with CWE-668
CVE-2018-7072 CRITICAL
HPE Moonshot Provisioning Manager < 1.24 - Remote Security Restriction Bypass
CVSS 9.8
CVE-2018-8861 HIGH
Philips Brilliance CT <2.6.2 - Privilege Escalation
CVSS 8.7
CVE-2018-10361 HIGH
KTextEditor <5.45.0 - Privilege Escalation
CVSS 7.8
CVE-2018-7479 MEDIUM
YzmCMS 3.6 - Path Disclosure via Direct Request to Install Template
CVSS 5.3
CVE-2018-6910 HIGH
DedeCMS 5.7 - Full Path Disclosure via Direct Request
CVSS 7.5
CVE-2018-6880 MEDIUM
EmpireCMS 6.6-7.2 - Path Disclosure via class/connect.php Parameter
CVSS 5.3
CVE-2017-12576 HIGH
PLANEX CS-QR20 1.30 - Authenticated Remote Code Execution via Debug Management Page
CVSS 7.2
CVE-2017-0367 HIGH
MediaWiki < 1.27.2 - Unsafe Temporary Directory Usage in LocalisationCache
CVSS 8.8
CVE-2017-18129 CRITICAL
Qualcomm MDM9206, MDM9607, MSM8996, MSM8998, SD 845 - Resource Exposure via IPA Channel
CVSS 9.8
CVE-2017-18073 HIGH
Qualcomm MDM9206/9607/9650, SD 210/212/205/820/820A/835 Firmware - Unauthorized Memory Access
CVSS 7.5
CVE-2017-15393 HIGH
Google Chrome < 62.0.3202.62 - Insufficient Policy Enforcement in DevTools Remote Debugging
CVSS 8.8
CVE-2017-16610 CRITICAL
Netgain Enterprise Manager < 7.2.766 - Unauthenticated Path Traversal and Arbitrary File Write via upload_save_do.jsp
CVSS 9.8
CVE-2017-16606 HIGH
NetGain Systems Enterprise Manager <7.2.730 - RCE
CVSS 8.8
CVE-2017-16605 MEDIUM
NetGain Systems Enterprise Manager <7.2.730 build 1034 - RCE
CVSS 6.5
CVE-2017-16604 MEDIUM
NetGain Systems Enterprise Manager <7.2.730 build 1034 - RCE
CVSS 6.5
CVE-2017-16603 HIGH
NetGain Systems Enterprise Manager <7.2.730 - RCE
CVSS 8.8
CVE-2017-16601 MEDIUM
NetGain Systems Enterprise Manager <7.2.730 - RCE
CVSS 6.5
CVE-2017-16600 MEDIUM
NetGain Systems Enterprise Manager <7.2.730 build 1034 - RCE
CVSS 6.5
CVE-2017-16599 MEDIUM
NetGain Systems Enterprise Manager <7.2.730 build 1034 - RCE
CVSS 6.5
CVE-2017-16598 HIGH
NetGain Systems Enterprise Manager <7.2.730 build 1034 - RCE
CVSS 8.8
CVE-2017-16597 CRITICAL
NetGain Systems Enterprise Manager 7.2.730 build 1034 - RCE
CVSS 9.8
CVE-2017-16593 MEDIUM
NetGain Systems Enterprise Manager <7.2.730 build 1034 - RCE
CVSS 6.5
CVE-2017-17087 MEDIUM
Vim < 8.0.1263 - Unauthorized File Permission Exposure via .swp File Group Ownership
CVSS 5.5
CVE-2017-12363 MEDIUM
Cisco WebEx Meeting Server - Info Disclosure
CVSS 5.3
CVE-2017-12351 MEDIUM
Cisco NX-OS System Software - Privilege Escalation
CVSS 5.7
Details
Vulnerabilities 721
Links
MITRE CWE Entry Search this CWE With Exploits