Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-668

CWE-668

Exposure of Resource to Wrong Sphere

Parent: CWE-664 - Improper Control of a Resource Through its Lifetime

The product exposes a resource to the wrong control sphere, providing unintended actors with inappropriate access to the resource.

721 vulnerabilities with CWE-668

CVE-2017-12342 MEDIUM

Cisco Nexus Series Switches - Info Disclosure

CVE-2017-8185 HIGH

Huawei ME906s-158 < ME906S_Installer_13.1805.10.3 - Privilege Escalation via Malicious Configuration File Execution

CVE-2017-8171 MEDIUM

Huawei P10 Plus Firmware < Vicky-AL00AC00B172D - Factory Reset Protection Bypass via Talkback Mode

CVE-2017-8161 MEDIUM

Huawei EVA-L09 - Factory Reset Protection Bypass via Swype Login

CVE-2017-16660 HIGH

Cacti 1.1.27 - Authenticated Remote Code Execution via Log Path Misconfiguration

CVE-2017-15592 HIGH

Xen < 4.9.0 - Denial of Service or Privilege Escalation via Self-Linear Shadow Mapping Mishandling

CVE-2017-12249 CRITICAL

Cisco Meeting Server - Privilege Escalation

CVE-2017-6872 MEDIUM

Siemens OZW672/OZW772 - Info Disclosure

CVE-2017-11382 HIGH

Trend Micro Deep Discovery Email Inspector 2.5.1 - Denial of Service via Arbitrary File Deletion

CVE-2017-0215 MEDIUM

Microsoft Windows 10 1607/Server 2016 Device Guard Security Feature Bypass via PowerShell

CVE-2017-7490 MEDIUM

Moodle 2.x and 3.x - Unauthenticated Arbitrary Blog Search via Missing Capability Check

CVE-2017-8418 LOW

RuboCop < 0.48.1 - Unsafe Temporary File Handling

CVE-2017-5648 CRITICAL

Apache Tomcat < 9.0.0.M18 - Exposure to Wrong Actor

CVE-2017-6100 HIGH

TCPDF < 6.1.1 - Exposure of Resource to Wrong Sphere via FTP Upload

CVE-2017-5634 MEDIUM

Norwegian Air Kiosk - Unauthenticated Privilege Escalation via Print Dialog Manipulation

CVE-2016-11010 MEDIUM

WP-Invoice < 4.1.1 - Unauthenticated Exposure of Resource to Wrong Sphere via wpi_twocheckout Payer Metadata

CVE-2016-11009 MEDIUM

WP-Invoice < 4.1.1 - Unauthenticated Payer Metadata Update

CVE-2016-11008 MEDIUM

WP-Invoice < 4.1.1 - Unauthenticated Payer Metadata Update

CVE-2016-11007 MEDIUM

WP-Invoice < 4.1.1 - Unauthenticated Invoice Data Exposure via wpi_user_id Parameter

CVE-2016-11006 MEDIUM

WP-Invoice < 4.1.1 - Unauthenticated Settings Change via admin_init

CVE-2016-10840 HIGH

cPanel 11.48.0.5-11.48.5.2 - Remote Code Execution via Locale Duplication

CVE-2016-5334 MEDIUM

VMware Identity Manager 2.0-2.7.0 and vRealize Automation 7.0-7.1.9 - Unauthenticated Sensitive File Exposure

CVE-2016-5787 MEDIUM

General Electric GE Digital Proficy HMI/SCADA - CIMPLICITY <8.2 SIM...

CVE-2015-10004 HIGH

Token Validation - Timing Side-Channel

CVE-2015-9550 HIGH

TOTOLINK A850R-V1 and F1-V2 - Unauthenticated Exposure of Web Management Interface via WAN Packet

Previous Page 28 of 29 Next

Details

Vulnerabilities 721

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy