Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-668

CWE-668

Exposure of Resource to Wrong Sphere

Parent: CWE-664 - Improper Control of a Resource Through its Lifetime

The product exposes a resource to the wrong control sphere, providing unintended actors with inappropriate access to the resource.

719 vulnerabilities with CWE-668

CVE-2023-36043 MEDIUM

Microsoft Open Management Infrastructure - Information Disclosure

CVE-2023-5545 LOW

moodle < 3.9.24 and >= 4.0.0 < 4.3.0-rc2 - Exposure of Sensitive Information via H5P Metadata Author Field

CVE-2023-5542 LOW

moodle < 4.3.0-rc2 - Improper Access Control in Group Membership Visibility

CVE-2023-42551 MEDIUM

Samsung Account < 14.5.00.7 - Unauthenticated Arbitrary File Access via Implicit Intent

CVE-2023-42549 MEDIUM

Samsung Account < 14.5.00.7 - Unauthenticated Arbitrary File Access via Implicit Intent

CVE-2023-42547 MEDIUM

Samsung Account < 14.5.00.7 - Unauthenticated Arbitrary File Access via Implicit Intent

CVE-2023-42546 MEDIUM

Samsung Account < 14.5.00.7 - Unauthenticated Arbitrary File Access via Implicit Intent

CVE-2023-4910 MEDIUM

3scale_api_management - Exposure of Sensitive Information via Browser Cache

CVE-2023-4217 LOW

PT-G503 Series <5.2 - Info Disclosure

CVE-2023-3972 HIGH

insights-client < 3.2.2 - Local Privilege Escalation via Insecure Temporary Directory Permissions

CVE-2023-2622 LOW

Hitachi Energy Modular Advanced Control for HVDC 7.10.0.0-7.17.x - Arbitrary File Read via InspectSetup RPC

CVE-2023-38994 HIGH

univention_corporate_server 5.0-5 - Exposure of LDAP Credentials in Process List

CVE-2023-37911 MEDIUM

XWiki 9.4-14.10.7 - Unauthorized Deleted Document Content Exposure via Diff Feature

CVE-2023-45145 LOW

Redis 2.6.0-6.2.13 - Unauthenticated Unauthorized Connection via Unix Socket Permission Race Condition

CVE-2023-45911 CRITICAL

WIPOTEC GmbH ComScale <4.4.12.723 - Auth Bypass

CVE-2023-45357 MEDIUM

Archer Platform 6.x < 6.13.0.2.2 - Authenticated Sensitive Information Disclosure via Popup Warning Message

CVE-2023-44394 MEDIUM

MantisBT < 2.25.8 - Unauthorized Private Project Name Exposure via Wiki Page ID Enumeration

CVE-2023-35013 LOW

IBM Security Verify Governance 10.0 - Info Disclosure

CVE-2023-42792 MEDIUM

Apache Airflow < 2.7.2 - Authenticated DAG Resource Access Control Bypass

CVE-2023-32275 MEDIUM

SoftEther VPN 4.41-9782-beta and 5.01.9674 - Information Disclosure via CtEnumCa()

CVE-2023-44102 MEDIUM

Huawei EMUI and HarmonyOS - Bluetooth Module Denial of Service

CVE-2023-44101 HIGH

HarmonyOS - Unauthorized Broadcast Notification Access via Bluetooth Module

CVE-2023-36596 HIGH

Product <Version> - Info Disclosure

CVE-2023-36429 MEDIUM

Microsoft Dynamics 365 (On-Premises) - Info Disclosure

CVE-2023-30802 MEDIUM

Sangfor NGAF 8.0.17 - Info Disclosure

Previous Page 6 of 29 Next

Details

Vulnerabilities 719

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy