Vulnerabilities > Exposure of Resource to Wrong Sphere

DATE CVE VULNERABILITY TITLE RISK
2022-11-11 CVE-2022-3952 Exposure of Resource to Wrong Sphere vulnerability in Manydesigns Portofino 5.3.2
A vulnerability has been found in ManyDesigns Portofino 5.3.2 and classified as problematic.
local
low complexity
manydesigns CWE-668
7.1
2022-11-10 CVE-2022-3866 Exposure of Resource to Wrong Sphere vulnerability in Hashicorp Nomad 1.4.0/1.4.1
HashiCorp Nomad and Nomad Enterprise 1.4.0 up to 1.4.1 workload identity token can list non-sensitive metadata for paths under nomad/ that belong to other jobs in the same namespace.
network
low complexity
hashicorp CWE-668
4.3
2022-11-09 CVE-2022-39886 Exposure of Resource to Wrong Sphere vulnerability in Google Android 10.0/11.0/12.0
Improper access control vulnerability in IpcRxServiceModeBigDataInfo in RIL prior to SMR Nov-2022 Release 1 allows local attacker to access Device information.
local
low complexity
google CWE-668
3.3
2022-11-09 CVE-2022-44549 Exposure of Resource to Wrong Sphere vulnerability in Huawei Emui and Harmonyos
The LBS module has a vulnerability in geofencing API access.
network
low complexity
huawei CWE-668
7.5
2022-11-03 CVE-2022-22442 Exposure of Resource to Wrong Sphere vulnerability in IBM products
"IBM InfoSphere Information Server 11.7 could allow an authenticated user to access information restricted to users with elevated privileges due to improper access controls.
network
low complexity
ibm CWE-668
6.5
2022-11-03 CVE-2022-42442 Exposure of Resource to Wrong Sphere vulnerability in IBM Robotic Process Automation for Cloud PAK
"IBM Robotic Process Automation for Cloud Pak 21.0.1, 21.0.2, 21.0.3, 21.0.4, and 21.0.5 is vulnerable to exposure of the first tenant owner e-mail address to users with access to the container platform.
local
low complexity
ibm CWE-668
3.3
2022-11-02 CVE-2021-45446 Exposure of Resource to Wrong Sphere vulnerability in Hitachi Vantara Pentaho 8.3.0.0/8.3.0.9
A vulnerability in Hitachi Vantara Pentaho Business Analytics Server versions before 9.2.0.2 and 8.3.0.25 does not cascade the hidden property to the children of the Home folder.
network
low complexity
hitachi CWE-668
7.5
2022-10-28 CVE-2022-2882 Exposure of Resource to Wrong Sphere vulnerability in Gitlab
An issue has been discovered in GitLab CE/EE affecting all versions starting from 12.6 before 15.2.5, all versions starting from 15.3 before 15.3.4, all versions starting from 15.4 before 15.4.1.
network
low complexity
gitlab CWE-668
4.3
2022-10-28 CVE-2022-3018 Exposure of Resource to Wrong Sphere vulnerability in Gitlab
An information disclosure vulnerability in GitLab CE/EE affecting all versions starting from 9.3 before 15.2.5, all versions starting from 15.3 before 15.3.4, all versions starting from 15.4 before 15.4.1 allows a project maintainer to access the DataDog integration API key from webhook logs.
network
low complexity
gitlab CWE-668
4.9
2022-10-25 CVE-2022-27912 Exposure of Resource to Wrong Sphere vulnerability in Joomla Joomla! 4.0.0
An issue was discovered in Joomla! 4.0.0 through 4.2.3.
network
low complexity
joomla CWE-668
5.3