Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-669

CWE-669

Incorrect Resource Transfer Between Spheres

Parent: CWE-664 - Improper Control of a Resource Through its Lifetime

The product does not properly transfer a resource/behavior to another sphere, or improperly imports a resource/behavior from another sphere, in a manner that provides unintended control over that resource.

96 vulnerabilities with CWE-669

CVE-2025-67895 CRITICAL

Apache Airflow Providers Edge3 < 2.0.0 - Remote Code Execution via Edge3 Worker RPC

CVE-2025-62775 HIGH

Mercku M6a <2.1.0 - Privilege Escalation

CVE-2025-62646 MEDIUM

Restaurant Brands International RBI - Info Disclosure

CVE-2025-62292 MEDIUM

SonarQube < 25.6, < 2025.3, < 2025.1.3 LTA - Authenticated Information Disclosure

CVE-2025-56675 LOW

EKEN video doorbell T6 - Info Disclosure

CVE-2025-59692 LOW

PureVPN client < September 2025 - Info Disclosure

CVE-2025-59691 LOW

PureVPN Linux Client - Info Disclosure

CVE-2025-59453 LOW

Click Studios Passwordstate <9.9.9972 - Auth Bypass

CVE-2025-59378 MEDIUM

GNU Guix <1618ca7 - Privilege Escalation

CVE-2025-59363 HIGH

One Identity OneLogin <2025.3.0 - Info Disclosure

CVE-2025-34158 HIGH

Plex Media Server <1.42.1 - Info Disclosure

CVE-2025-54956 LOW

r-lib/gh < 1.5.0 - Authorization Header Exposure via HTTP Response

CVE-2025-54352 LOW

WordPress 3.5-6.8.2 - Unauthenticated Private Post Title Exposure via Pingback XML-RPC Requests

CVE-2025-54310 MEDIUM

qBittorrent <5.1.2 - Info Disclosure

CVE-2025-41645 HIGH

Portal Demo Account - Info Disclosure

CVE-2025-46553 MEDIUM

@misskey-dev/summaly <5.2.1 - Info Disclosure

CVE-2025-26698 LOW

RevoWorks SCVX/RevoWorks Browser - Info Disclosure

CVE-2024-31573 MEDIUM

XMLUnit for Java <2.10.0 - Code Injection

CVE-2024-42158 MEDIUM

Linux Kernel 4.11-6.9.9 - Information Exposure via Improper Memory Clearing

CVE-2024-38519 HIGH

yt-dlp/youtube-dl < - Path Traversal

CVE-2024-37891 MEDIUM

urllib3 < 1.26.19 - Proxy-Authorization Header Leak on Cross-Origin Redirects

CVE-2024-29018 MEDIUM

Moby < 23.0.11 and >=26.0.0-rc1 <26.0.0-rc3 - DNS Request Forwarding to External Nameservers via Internal Network Bypass

CVE-2023-41894 MEDIUM

Home Assistant < 2023.9.0 - Unauthenticated Webhook Access via SniTun Proxy

CVE-2023-44104 HIGH

HarmonyOS - Unauthorized Broadcast Permission Access in Bluetooth Module

CVE-2023-44100 HIGH

HarmonyOS - Broadcast Permission Control Bypass in Bluetooth Module

Previous Page 2 of 4 Next

Details

Vulnerabilities 96

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy