Vulnerabilities > Exposure of Resource to Wrong Sphere
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-06-13 | CVE-2024-22333 | Exposure of Resource to Wrong Sphere vulnerability in IBM Maximo Application Suite and Maximo Asset Management IBM Maximo Asset Management 7.6.1.3 and IBM Maximo Application Suite 8.10 and 8.11 allows web pages to be stored locally which can be read by another user on the system. | 3.3 |
| 2024-02-27 | CVE-2021-46921 | Exposure of Resource to Wrong Sphere vulnerability in Linux Kernel In the Linux kernel, the following vulnerability has been resolved: locking/qrwlock: Fix ordering in queued_write_lock_slowpath() While this code is executed with the wait_lock held, a reader can acquire the lock without holding wait_lock. | 5.5 |
| 2024-02-27 | CVE-2021-46923 | Exposure of Resource to Wrong Sphere vulnerability in Linux Kernel In the Linux kernel, the following vulnerability has been resolved: fs/mount_setattr: always cleanup mount_kattr Make sure that finish_mount_kattr() is called after mount_kattr was succesfully built in both the success and failure case to prevent leaking any references we took when we built it. | 5.5 |
| 2024-02-27 | CVE-2021-46935 | Exposure of Resource to Wrong Sphere vulnerability in Linux Kernel In the Linux kernel, the following vulnerability has been resolved: binder: fix async_free_space accounting for empty parcels In 4.13, commit 74310e06be4d ("android: binder: Move buffer out of area shared with user space") fixed a kernel structure visibility issue. | 5.5 |
| 2024-02-27 | CVE-2021-46937 | Exposure of Resource to Wrong Sphere vulnerability in Linux Kernel In the Linux kernel, the following vulnerability has been resolved: mm/damon/dbgfs: fix 'struct pid' leaks in 'dbgfs_target_ids_write()' DAMON debugfs interface increases the reference counts of 'struct pid's for targets from the 'target_ids' file write callback ('dbgfs_target_ids_write()'), but decreases the counts only in DAMON monitoring termination callback ('dbgfs_before_terminate()'). Therefore, when 'target_ids' file is repeatedly written without DAMON monitoring start/termination, the reference count is not decreased and therefore memory for the 'struct pid' cannot be freed. | 5.5 |
| 2024-02-27 | CVE-2021-46917 | Exposure of Resource to Wrong Sphere vulnerability in Linux Kernel In the Linux kernel, the following vulnerability has been resolved: dmaengine: idxd: fix wq cleanup of WQCFG registers A pre-release silicon erratum workaround where wq reset does not clear WQCFG registers was leaked into upstream code. | 5.5 |
| 2024-02-26 | CVE-2021-46906 | Exposure of Resource to Wrong Sphere vulnerability in Linux Kernel In the Linux kernel, the following vulnerability has been resolved: HID: usbhid: fix info leak in hid_submit_ctrl In hid_submit_ctrl(), the way of calculating the report length doesn't take into account that report->size can be zero. | 5.5 |
| 2024-02-05 | CVE-2023-7014 | Exposure of Resource to Wrong Sphere vulnerability in Amitzy Molongui Authorship The Author Box, Guest Author and Co-Authors for Your Posts – Molongui plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 4.7.4 via the 'ma_debu' parameter. | 7.5 |
| 2024-02-02 | CVE-2023-50328 | Exposure of Resource to Wrong Sphere vulnerability in IBM Powersc 1.3/2.0/2.1 IBM PowerSC 1.3, 2.0, and 2.1 may allow a remote attacker to view session identifiers passed via URL query strings. | 5.3 |
| 2024-01-31 | CVE-2024-21626 | Exposure of Resource to Wrong Sphere vulnerability in multiple products runc is a CLI tool for spawning and running containers on Linux according to the OCI specification. | 8.6 |