Vulnerabilities > Exposure of Resource to Wrong Sphere
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-12-25 | CVE-2022-45895 | Exposure of Resource to Wrong Sphere vulnerability in Planetestream Planet Estream Planet eStream before 6.72.10.07 discloses sensitive information, related to the ON cookie (findable in HTML source code for Default.aspx in some situations) and the WhoAmI endpoint (e.g., path disclosure). | 6.5 |
| 2022-12-22 | CVE-2022-38474 | Exposure of Resource to Wrong Sphere vulnerability in Mozilla Firefox A website that had permission to access the microphone could record audio without the audio notification being shown. | 4.3 |
| 2022-12-08 | CVE-2022-38599 | Exposure of Resource to Wrong Sphere vulnerability in Goteleport Teleport 3.2.2/3.5.6/3.6.3 Teleport v3.2.2, Teleport v3.5.6-rc6, and Teleport v3.6.3-b2 was discovered to contain an information leak via the /user/get-role-list web interface. | 6.5 |
| 2022-12-05 | CVE-2022-32221 | Exposure of Resource to Wrong Sphere vulnerability in multiple products When doing HTTP(S) transfers, libcurl might erroneously use the read callback (`CURLOPT_READFUNCTION`) to ask for data to send, even when the `CURLOPT_POSTFIELDS` option has been set, if the same handle previously was used to issue a `PUT` request which used that callback. | 9.8 |
| 2022-12-01 | CVE-2022-41971 | Exposure of Resource to Wrong Sphere vulnerability in Nextcloud Talk Nextcould Talk android is a video and audio conferencing app for Nextcloud. | 6.5 |
| 2022-12-01 | CVE-2022-43901 | Exposure of Resource to Wrong Sphere vulnerability in IBM Websphere Automation for IBM Cloud PAK for Watson Aiops 1.4.2 IBM WebSphere Automation for IBM Cloud Pak for Watson AIOps 1.4.3 could disclose sensitive information. | 5.5 |
| 2022-11-30 | CVE-2022-1911 | Exposure of Resource to Wrong Sphere vulnerability in M-Files Server 22.2.11051.0/22.3.11237.3 Error in parser function in M-Files Server versions before 22.6.11534.1 and before 22.6.11505.0 allowed unauthenticated access to some information of the underlying operating system. | 5.3 |
| 2022-11-29 | CVE-2022-21126 | Exposure of Resource to Wrong Sphere vulnerability in Samtools Htsjdk The package com.github.samtools:htsjdk before 3.0.1 are vulnerable to Creation of Temporary File in Directory with Insecure Permissions due to the createTempDir() function in util/IOUtil.java not checking for the existence of the temporary directory before attempting to create it. | 7.8 |
| 2022-11-25 | CVE-2022-38813 | Exposure of Resource to Wrong Sphere vulnerability in PHPgurukul Blood Donor Management System Project PHPgurukul Blood Donor Management System 1.0 PHPGurukul Blood Donor Management System 1.0 does not properly restrict access to admin/dashboard.php, which allows attackers to access all data of users, delete the users, add and manage Blood Group, and Submit Report. | 8.1 |
| 2022-11-23 | CVE-2022-41946 | Exposure of Resource to Wrong Sphere vulnerability in multiple products pgjdbc is an open source postgresql JDBC Driver. | 5.5 |