Vulnerabilities > Exposure of Resource to Wrong Sphere
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-02-16 | CVE-2022-39952 | Exposure of Resource to Wrong Sphere vulnerability in Fortinet Fortinac A external control of file name or path in Fortinet FortiNAC versions 9.4.0, 9.2.0 through 9.2.5, 9.1.0 through 9.1.7, 8.8.0 through 8.8.11, 8.7.0 through 8.7.6, 8.6.0 through 8.6.5, 8.5.0 through 8.5.4, 8.3.7 may allow an unauthenticated attacker to execute unauthorized code or commands via specifically crafted HTTP request. | 9.8 |
| 2023-02-15 | CVE-2023-25192 | Exposure of Resource to Wrong Sphere vulnerability in AMI Megarac Sp-X 12/13 AMI MegaRAC SPX devices allow User Enumeration through Redfish. | 5.3 |
| 2023-02-14 | CVE-2023-21687 | Exposure of Resource to Wrong Sphere vulnerability in Microsoft products HTTP.sys Information Disclosure Vulnerability | 5.5 |
| 2023-02-14 | CVE-2023-21714 | Exposure of Resource to Wrong Sphere vulnerability in Microsoft 365 Apps and Office Long Term Servicing Channel Microsoft Office Information Disclosure Vulnerability | 5.5 |
| 2023-02-14 | CVE-2023-24523 | Exposure of Resource to Wrong Sphere vulnerability in SAP Host Agent 7.21/7.22 An attacker authenticated as a non-admin user with local access to a server port assigned to the SAP Host Agent (Start Service) - versions 7.21, 7.22, can submit a crafted ConfigureOutsideDiscovery request with an operating system command which will be executed with administrator privileges. The OS command can read or modify any user or system data and can make the system unavailable. | 8.8 |
| 2023-02-11 | CVE-2022-34387 | Exposure of Resource to Wrong Sphere vulnerability in Dell products Dell SupportAssist for Home PCs (version 3.11.4 and prior) and SupportAssist for Business PCs (version 3.2.0 and prior) contain a privilege escalation vulnerability. | 7.8 |
| 2023-02-10 | CVE-2022-34364 | Exposure of Resource to Wrong Sphere vulnerability in Dell Bsafe Ssl-J Dell BSAFE SSL-J, versions before 6.5 and version 7.0 contain a debug message revealing unnecessary information vulnerability. | 4.4 |
| 2023-02-10 | CVE-2022-4903 | Exposure of Resource to Wrong Sphere vulnerability in Codenameone Codename ONE 7.0.70 A vulnerability was found in CodenameOne 7.0.70. | 8.1 |
| 2023-02-10 | CVE-2022-34452 | Exposure of Resource to Wrong Sphere vulnerability in Dell Powerpath Management Appliance PowerPath Management Appliance with versions 3.3, 3.2*, 3.1 & 3.0* contains sensitive information disclosure vulnerability. | 2.7 |
| 2023-02-09 | CVE-2023-21438 | Exposure of Resource to Wrong Sphere vulnerability in Samsung Android 11.0/12.0 Improper logic in HomeScreen prior to SMR Feb-2023 Release 1 allows physical attacker to access App preview protected by Secure Folder. | 2.4 |