Vulnerabilities > Exposure of Resource to Wrong Sphere

DATE CVE VULNERABILITY TITLE RISK
2023-06-23 CVE-2023-32394 Exposure of Resource to Wrong Sphere vulnerability in Apple products
The issue was addressed with improved checks.
low complexity
apple CWE-668
2.4
2023-06-23 CVE-2023-34467 Exposure of Resource to Wrong Sphere vulnerability in Xwiki
XWiki Platform is a generic wiki platform.
network
low complexity
xwiki CWE-668
7.5
2023-06-23 CVE-2023-35151 Exposure of Resource to Wrong Sphere vulnerability in Xwiki
XWiki Platform is a generic wiki platform.
network
low complexity
xwiki CWE-668
7.5
2023-06-14 CVE-2023-2820 Exposure of Resource to Wrong Sphere vulnerability in Proofpoint Threat Response Auto Pull
An information disclosure vulnerability in the faye endpoint in Proofpoint Threat Response / Threat Response Auto-Pull (PTR/TRAP) could be used by an attacker on an adjacent network to obtain credentials to integrated services via a man-in-the-middle position or cryptanalysis of the session traffic.
high complexity
proofpoint CWE-668
6.8
2023-06-13 CVE-2023-34250 Exposure of Resource to Wrong Sphere vulnerability in Discourse
Discourse is an open source discussion platform.
network
low complexity
discourse CWE-668
5.3
2023-06-13 CVE-2022-43684 Exposure of Resource to Wrong Sphere vulnerability in Servicenow
ServiceNow has released patches and an upgrade that address an Access Control List (ACL) bypass issue in ServiceNow Core functionality. Additional Details This issue is present in the following supported ServiceNow releases: * Quebec prior to Patch 10 Hot Fix 8b * Rome prior to Patch 10 Hot Fix 1 * San Diego prior to Patch 7 * Tokyo prior to Tokyo Patch 1; and * Utah prior to Utah General Availability If this ACL bypass issue were to be successfully exploited, it potentially could allow an authenticated user to obtain sensitive information from tables missing authorization controls.
network
low complexity
servicenow CWE-668
6.5
2023-06-13 CVE-2023-34114 Exposure of Resource to Wrong Sphere vulnerability in Zoom
Exposure of resource to wrong sphere in Zoom for Windows and Zoom for MacOS clients before 5.14.10 may allow an authenticated user to potentially enable information disclosure via network access.
network
low complexity
zoom CWE-668
6.5
2023-06-08 CVE-2023-29403 Exposure of Resource to Wrong Sphere vulnerability in multiple products
On Unix platforms, the Go runtime does not behave differently when a binary is run with the setuid/setgid bits.
local
low complexity
golang fedoraproject CWE-668
7.8
2023-06-07 CVE-2023-33510 Exposure of Resource to Wrong Sphere vulnerability in Jeecg P3 BIZ Chat Project Jeecg P3 BIZ Chat 1.0.5
Jeecg P3 Biz Chat 1.0.5 allows remote attackers to read arbitrary files through specific parameters.
network
low complexity
jeecg-p3-biz-chat-project CWE-668
7.5
2023-06-06 CVE-2023-32550 Exposure of Resource to Wrong Sphere vulnerability in Canonical Landscape
Landscape's server-status page exposed sensitive system information.
network
low complexity
canonical CWE-668
8.2