Vulnerabilities > Exposure of Resource to Wrong Sphere
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-09-21 | CVE-2022-23950 | Exposure of Resource to Wrong Sphere vulnerability in Keylime In Keylime before 6.3.0, Revocation Notifier uses a fixed /tmp path for UNIX domain socket which can allow unprivileged users a method to prohibit keylime operations. | 7.5 |
| 2022-09-19 | CVE-2022-40234 | Exposure of Resource to Wrong Sphere vulnerability in IBM Spectrum Protect Plus Versions of IBM Spectrum Protect Plus prior to 10.1.12 (excluding 10.1.12) include the private key information for a certificate inside the generated .crt file when uploading a TLS certificate to IBM Spectrum Protect Plus. | 5.9 |
| 2022-09-06 | CVE-2022-34867 | Exposure of Resource to Wrong Sphere vulnerability in WP Libre Form Project WP Libre Form Unauthenticated Sensitive Information Disclosure vulnerability in WP Libre Form 2 plugin <= 2.0.8 at WordPress allows attackers to list and delete submissions. | 6.5 |
| 2022-08-26 | CVE-2022-29850 | Exposure of Resource to Wrong Sphere vulnerability in Lexmark products Various Lexmark products through 2022-04-27 allow an attacker who has already compromised an affected Lexmark device to maintain persistence across reboots. | 8.1 |
| 2022-08-12 | CVE-2022-2610 | Exposure of Resource to Wrong Sphere vulnerability in multiple products Insufficient policy enforcement in Background Fetch in Google Chrome prior to 104.0.5112.79 allowed a remote attacker to leak cross-origin data via a crafted HTML page. | 6.5 |
| 2022-08-11 | CVE-2021-0734 | Exposure of Resource to Wrong Sphere vulnerability in Google Android 13.0.0 In Settings, there is a possible way to determine whether an app is installed without query permissions, due to side channel information disclosure. | 5.5 |
| 2022-07-27 | CVE-2022-1873 | Exposure of Resource to Wrong Sphere vulnerability in Google Chrome Insufficient policy enforcement in COOP in Google Chrome prior to 102.0.5005.61 allowed a remote attacker to leak cross-origin data via a crafted HTML page. | 6.5 |
| 2022-07-27 | CVE-2022-1875 | Exposure of Resource to Wrong Sphere vulnerability in Google Chrome Inappropriate implementation in PDF in Google Chrome prior to 102.0.5005.61 allowed a remote attacker to leak cross-origin data via a crafted HTML page. | 4.3 |
| 2022-07-26 | CVE-2022-1488 | Exposure of Resource to Wrong Sphere vulnerability in Google Chrome Inappropriate implementation in Extensions API in Google Chrome prior to 101.0.4951.41 allowed an attacker who convinced a user to install a malicious extension to leak cross-origin data via a crafted Chrome Extension. | 4.3 |
| 2022-07-26 | CVE-2022-1498 | Exposure of Resource to Wrong Sphere vulnerability in Google Chrome Inappropriate implementation in HTML Parser in Google Chrome prior to 101.0.4951.41 allowed a remote attacker to leak cross-origin data via a crafted HTML page. | 4.3 |