Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-668

CWE-668

Exposure of Resource to Wrong Sphere

Parent: CWE-664 - Improper Control of a Resource Through its Lifetime

The product exposes a resource to the wrong control sphere, providing unintended actors with inappropriate access to the resource.

719 vulnerabilities with CWE-668

CVE-2023-29355 MEDIUM

Windows Server 2012, 2016, 2019, 2022 - Information Disclosure in DHCP Server Service

CVE-2023-34250 MEDIUM

Discourse < 3.0.4 - Unauthorized Sensitive Information Exposure via New Topics Dismissal Endpoint

CVE-2023-34114 HIGH

Zoom < 5.14.10 - Authenticated Information Disclosure via Network Access

CVE-2023-29403 HIGH

GO < 1.19.10 - Exposure to Wrong Actor

CVE-2023-33510 HIGH

Jeecg P3 Biz Chat <1.0.5 - Info Disclosure

CVE-2023-32550 CRITICAL

Landscape < 19.10.5 - Sensitive Information Exposure via Server-Status Page

CVE-2023-33518 MEDIUM

emoncms v11 and later - Information Disclosure via Crafted Web Request

CVE-2023-29538 MEDIUM

Firefox < 112.0 - Directory Path Exposure via WebExtension URI Handling

CVE-2023-25750 MEDIUM

Firefox < 111.0 - Path Traversal via ServiceWorker Offline Cache

CVE-2023-2062 MEDIUM

Mitsubishielectric Fx5-enet/ip Firmware - Exposure to Wrong Actor

CVE-2023-28344 HIGH

Faronics Insight 10.0.19045 - Unauthenticated Screenshot Spoofing and Information Disclosure

CVE-2023-2703 HIGH

Finex Media Competition Management System < 23.07 - Exposure of Private Personal Information

CVE-2023-33293 MEDIUM

KaiOS 3.0-3.1 - Unauthenticated Application Enumeration and Manifest Exposure via Local Web Server

CVE-2023-31103 HIGH

Apache InLong <1.6.0 - Privilege Escalation

CVE-2023-31206 HIGH

Apache InLong <1.7.0 - Privilege Escalation

CVE-2023-2025 MEDIUM

OpenBlue Enterprise Manager Data Collector < 3.2.5.75 - Unauthorized Sensitive Information Exposure

CVE-2023-23448 MEDIUM

SICK FTMg AIR FLOW SENSOR - Info Disclosure

CVE-2023-29820 MEDIUM

Webroot SecureAnywhere Endpoint Protection CE <23.1 v.9.0.33.39 - I...

CVE-2023-27564 HIGH

n8n < 0.216.1 - Information Disclosure

CVE-2023-2069 MEDIUM

GitLab 10.0-12.9.7, 12.10-12.10.6, 13.0 - Authenticated CI/CD Variable Exposure via Project Import

CVE-2023-0485 MEDIUM

GitLab 13.11-15.8.4, 15.9-15.9.3, 15.10 - Unauthorized Project Update Access via Fork Diff

CVE-2023-22307 MEDIUM

Tribe29 Checkmk Appliance <1.6.4 - Info Disclosure

CVE-2023-27976 HIGH

EcoStruxure Control Expert >=15.1 - Remote Code Execution via Malicious Web Endpoint Link

CVE-2023-29208 HIGH

XWiki < 13.10.11 - Unauthorized Deleted Document Access

CVE-2023-29203 LOW

XWiki 13.9-13.10.8 - Unauthorized Exposure of Private User Information via uorgsuggest.vm

Previous Page 9 of 29 Next

Details

Vulnerabilities 719

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy