Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-668

CWE-668

Exposure of Resource to Wrong Sphere

Parent: CWE-664 - Improper Control of a Resource Through its Lifetime

The product exposes a resource to the wrong control sphere, providing unintended actors with inappropriate access to the resource.

719 vulnerabilities with CWE-668

CVE-2024-51755 LOW

Twig <3.11.2, <3.14.1 - Info Disclosure

CVE-2024-51754 LOW

Twig <3.11.2, <3.14.1 - Info Disclosure

CVE-2024-43881 HIGH

Linux Kernel 6.3-6.6.43, 6.7-6.10.2, 6.11 - Information Disclosure via WiFi Fragment Reassembly DMA Direction

CVE-2024-22281 HIGH

Apache Helix Front (UI) - Info Disclosure

CVE-2024-42350 LOW

biscuit-auth/biscuit - Exposure of Resource to Wrong Sphere via Third-Party Block Request

CVE-2024-35199 HIGH

TorchServe 0.3.0-0.11.0 - Unprotected gRPC Interface Exposure

CVE-2024-40725 MEDIUM

Apache HTTP Server <2.4.61 - Info Disclosure

CVE-2024-39499 HIGH

Linux Kernel - Information Leak via Unsanitized Event Index in VMCI Event Delivery

CVE-2024-39553 MEDIUM

Juniper Junos OS Evolved < 23.2R2-EVO - DoS and Unauthorized Access via Sampling Service

CVE-2024-38368 CRITICAL

trunk.cocoapods.org < 2023-09-22 - Unauthorized Pod Ownership Claim via Orphaned Pods

CVE-2024-22333 LOW

IBM Maximo Asset Management <7.6.1.3 - Info Disclosure

CVE-2024-5313 MEDIUM

EVlink Home Firmware - Exposure of SSH Interface to Unauthorized Network Access

CVE-2024-36033 HIGH

Linux Kernel 6.7-6.8.9 - Information Disclosure via Bluetooth QCA Board ID Fetch

CVE-2024-36032 HIGH

Linux Kernel 5.12-6.8.9 Bluetooth Info Disclosure via Malformed Firmware

CVE-2024-21813 HIGH

Intel(R) DTT - Privilege Escalation

CVE-2024-35183 MEDIUM

wolfictl < 0.16.10 - GitHub Token Exposure to Untrusted Remote Servers

CVE-2024-32473 MEDIUM

Moby 26.0.0-26.0.1 - Unintended IPv6 Network Exposure via ipvlan/macvlan Interfaces

CVE-2024-21605 MEDIUM

Juniper Junos OS Unauthenticated DoS via STP Blocked Port Traffic

CVE-2024-29905 HIGH

DIRAC < 8.0.41 - Unauthorized Proxy Access via Temporary File Exposure

CVE-2024-3019 HIGH

PCP pmproxy >=4.3.4 - Remote Command Execution via Exposed Redis Backend

CVE-2024-24562 MEDIUM

vantage6-ui < 4.2.0 - Missing Security Headers

CVE-2024-25153 CRITICAL

FileCatalyst Workflow Web Portal - Path Traversal

CVE-2024-21626 HIGH

runc (docker) File Descriptor Leak Privilege Escalation

CVE-2024-21597 MEDIUM

Juniper Junos OS MX Series Firewall Filter Bypass via Fabric Routing Misclassification

CVE-2024-0443 MEDIUM

Linux kernel - Privilege Escalation

Previous Page 4 of 29 Next

Details

Vulnerabilities 719

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy