Vulnerabilities > Exposure of Resource to Wrong Sphere

DATE CVE VULNERABILITY TITLE RISK
2022-01-19 CVE-2021-44837 Exposure of Resource to Wrong Sphere vulnerability in Deltarm Delta RM 1.2
An issue was discovered in Delta RM 1.2.
network
low complexity
deltarm CWE-668
4.0
2022-01-18 CVE-2021-44838 Exposure of Resource to Wrong Sphere vulnerability in Deltarm Delta RM 1.2
An issue was discovered in Delta RM 1.2.
network
low complexity
deltarm CWE-668
5.0
2022-01-18 CVE-2021-39892 Exposure of Resource to Wrong Sphere vulnerability in Gitlab
In all versions of GitLab CE/EE since version 12.0, a lower privileged user can import users from projects that they don't have a maintainer role on and disclose email addresses of those users.
network
low complexity
gitlab CWE-668
4.0
2022-01-14 CVE-2021-1037 Exposure of Resource to Wrong Sphere vulnerability in Google Android
The broadcast that DevicePickerFragment sends when a new device is paired doesn't have any permission checks, so any app can register to listen for it.
network
low complexity
google CWE-668
5.0
2022-01-14 CVE-2021-39628 Exposure of Resource to Wrong Sphere vulnerability in Google Android 10.0/11.0
In StatusBar.java, there is a possible disclosure of notification content on the lockscreen due to a logic error in the code.
local
low complexity
google CWE-668
2.1
2022-01-14 CVE-2021-39633 Exposure of Resource to Wrong Sphere vulnerability in Google Android
In gre_handle_offloads of ip_gre.c, there is a possible page fault due to an invalid memory access.
local
low complexity
google CWE-668
2.1
2022-01-14 CVE-2021-42067 Exposure of Resource to Wrong Sphere vulnerability in SAP products
In SAP NetWeaver AS for ABAP and ABAP Platform - versions 701, 702, 711, 730, 731, 740, 750, 751, 752, 753, 754, 755, 756, 786, an attacker authenticated as a regular user can use the S/4 Hana dashboard to reveal systems and services which they would not normally be allowed to see.
network
low complexity
sap CWE-668
4.0
2022-01-13 CVE-2021-30314 Exposure of Resource to Wrong Sphere vulnerability in Qualcomm products
Lack of validation for third party application accessing the service can lead to information disclosure in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables
local
low complexity
qualcomm CWE-668
2.1
2022-01-12 CVE-2022-20620 Exposure of Resource to Wrong Sphere vulnerability in Jenkins SSH Agent
Missing permission checks in Jenkins SSH Agent Plugin 1.23 and earlier allows attackers with Overall/Read access to enumerate credentials IDs of credentials stored in Jenkins.
network
low complexity
jenkins CWE-668
4.0
2022-01-11 CVE-2022-21880 Exposure of Resource to Wrong Sphere vulnerability in Microsoft products
Windows GDI+ Information Disclosure Vulnerability.
network
low complexity
microsoft CWE-668
7.8