Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-669

CWE-669

Incorrect Resource Transfer Between Spheres

Parent: CWE-664 - Improper Control of a Resource Through its Lifetime

The product does not properly transfer a resource/behavior to another sphere, or improperly imports a resource/behavior from another sphere, in a manner that provides unintended control over that resource.

96 vulnerabilities with CWE-669

CVE-2023-31115 HIGH

Samsung Exynos Modem - Info Disclosure

CVE-2023-31114 CRITICAL

Samsung Exynos Modem - Info Disclosure

CVE-2023-22950 MEDIUM

TigerGraph Enterprise Free Edition 3.x - Info Disclosure

CVE-2022-46173 HIGH

Elrond-GO <1.3.50 - Info Disclosure

CVE-2022-4446 CRITICAL

corebos < 8.0 - Remote File Inclusion

CVE-2022-39225 MEDIUM

Parse Server <4.10.15 or >5.0.0-<5.2.6 - Privilege Escalation

CVE-2022-31233 MEDIUM

Unisphere for PowerMax <9.2.3.15 - Privilege Escalation

CVE-2022-35916 MEDIUM

OpenZeppelin Contracts <4.7.2 - Info Disclosure

CVE-2022-30236 HIGH

Wiser Smart < V4.5 - Cross-Site Request Forgery

CVE-2022-20658 CRITICAL

Cisco Unified CCMP/CCDM - Privilege Escalation

CVE-2021-45891 HIGH

Softwarebuero Zauner ARC 4.2.0.4 - Privilege Escalation

CVE-2021-22806 HIGH

spaceLYnk <2.6.1, Wiser for KNX <2.6.1, fellerLYnk <2.6.1 - Info Di...

CVE-2021-25973 MEDIUM

Publify 9.0.0-9.2.4 - Improper Access Control via Guest Role Self-Registration

CVE-2021-24602 HIGH

HM Multiple Roles < 1.3 - Unauthenticated Privilege Escalation via Profile Page

CVE-2021-34574 MEDIUM

mbconnect24 and mymbconnect24 < 2.11.2 - Authenticated Password Policy Bypass via Request Interception

CVE-2021-30120 CRITICAL

Kaseya VSA < 9.5.6 - Two-Factor Authentication Bypass via Client-Side Enforcement

CVE-2021-29960 MEDIUM

Firefox < 89.0 - Unauthenticated Sensitive Data Exposure via Print Filename Cache

CVE-2021-22900 HIGH KEV

Pulse Connect Secure <9.1R11.4 - Code Injection

CVE-2021-21531 HIGH

Dell Unisphere for PowerMax <9.2.1.6 - Auth Bypass

CVE-2021-20411 HIGH

IBM Security Verify Information Queue <1.0.8 - Privilege Escalation

CVE-2020-27268 MEDIUM

SOOIL Developments Co., Ltd Diabecare RS - Auth Bypass

CVE-2020-25917 HIGH

Stratodesk NoTouch Center < 4.4.68 - Privilege Escalation via User Creation Endpoint

CVE-2020-24683 CRITICAL

S+ Operations <2.1 SP1 - Auth Bypass

CVE-2020-26177 MEDIUM

tangro Business Workflow <1.18.1 - Info Disclosure

CVE-2020-5800 CRITICAL

Eat Spray Love - Unauthenticated Incorrect Resource Transfer Between Spheres

Previous Page 3 of 4 Next

Details

Vulnerabilities 96

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy