Vulnerabilities > Exposure of Resource to Wrong Sphere
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-01-12 | CVE-2023-6955 | Exposure of Resource to Wrong Sphere vulnerability in Gitlab An improper access control vulnerability exists in GitLab Remote Development affecting all versions prior to 16.5.6, 16.6 prior to 16.6.4 and 16.7 prior to 16.7.2. | 5.3 |
| 2024-01-12 | CVE-2024-21597 | Exposure of Resource to Wrong Sphere vulnerability in Juniper Junos An Exposure of Resource to Wrong Sphere vulnerability in the Packet Forwarding Engine (PFE) of Juniper Networks Junos OS on MX Series allows an unauthenticated, network-based attacker to bypass the intended access restrictions. In an Abstracted Fabric (AF) scenario if routing-instances (RI) are configured, specific valid traffic destined to the device can bypass the configured lo0 firewall filters as it's received in the wrong RI context. This issue affects Juniper Networks Junos OS on MX Series: * All versions earlier than 20.4R3-S9; * 21.2 versions earlier than 21.2R3-S3; * 21.4 versions earlier than 21.4R3-S5; * 22.1 versions earlier than 22.1R3; * 22.2 versions earlier than 22.2R3; * 22.3 versions earlier than 22.3R2. | 7.5 |
| 2024-01-12 | CVE-2024-0443 | Exposure of Resource to Wrong Sphere vulnerability in multiple products A flaw was found in the blkgs destruction path in block/blk-cgroup.c in the Linux kernel, leading to a cgroup blkio memory leakage problem. | 5.5 |
| 2024-01-09 | CVE-2024-20692 | Exposure of Resource to Wrong Sphere vulnerability in Microsoft products Microsoft Local Security Authority Subsystem Service Information Disclosure Vulnerability | 5.7 |
| 2024-01-09 | CVE-2024-20694 | Exposure of Resource to Wrong Sphere vulnerability in Microsoft products Windows CoreMessaging Information Disclosure Vulnerability | 5.5 |
| 2024-01-04 | CVE-2024-22049 | Exposure of Resource to Wrong Sphere vulnerability in John Nunemaker Httparty httparty before 0.21.0 is vulnerable to an assumed-immutable web parameter vulnerability. | 5.3 |
| 2023-12-21 | CVE-2023-48291 | Exposure of Resource to Wrong Sphere vulnerability in Apache Airflow Apache Airflow, in versions prior to 2.8.0, contains a security vulnerability that allows an authenticated user with limited access to some DAGs, to craft a request that could give the user write access to various DAG resources for DAGs that the user had no access to, thus, enabling the user to clear DAGs they shouldn't. This is a missing fix for CVE-2023-42792 in Apache Airflow 2.7.2 Users of Apache Airflow are strongly advised to upgrade to version 2.8.0 or newer to mitigate the risk associated with this vulnerability. | 4.3 |
| 2023-12-14 | CVE-2023-49342 | Exposure of Resource to Wrong Sphere vulnerability in Ubuntubudgie Budgie Extras Temporary data passed between application components by Budgie Extras Clockworks applet could potentially be viewed or manipulated. | 7.8 |
| 2023-12-14 | CVE-2023-49344 | Exposure of Resource to Wrong Sphere vulnerability in Ubuntubudgie Budgie Extras Temporary data passed between application components by Budgie Extras Window Shuffler applet could potentially be viewed or manipulated. | 7.8 |
| 2023-12-14 | CVE-2023-49345 | Exposure of Resource to Wrong Sphere vulnerability in Ubuntubudgie Budgie Extras Temporary data passed between application components by Budgie Extras Takeabreak applet could potentially be viewed or manipulated. | 7.8 |