Vulnerabilities > Exposure of Resource to Wrong Sphere
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-11-11 | CVE-2022-3952 | Exposure of Resource to Wrong Sphere vulnerability in Manydesigns Portofino 5.3.2 A vulnerability has been found in ManyDesigns Portofino 5.3.2 and classified as problematic. | 7.1 |
| 2022-11-10 | CVE-2022-3866 | Exposure of Resource to Wrong Sphere vulnerability in Hashicorp Nomad 1.4.0/1.4.1 HashiCorp Nomad and Nomad Enterprise 1.4.0 up to 1.4.1 workload identity token can list non-sensitive metadata for paths under nomad/ that belong to other jobs in the same namespace. | 4.3 |
| 2022-10-28 | CVE-2022-2882 | Exposure of Resource to Wrong Sphere vulnerability in Gitlab An issue has been discovered in GitLab CE/EE affecting all versions starting from 12.6 before 15.2.5, all versions starting from 15.3 before 15.3.4, all versions starting from 15.4 before 15.4.1. | 4.3 |
| 2022-10-25 | CVE-2022-39349 | Exposure of Resource to Wrong Sphere vulnerability in Tasks The Tasks.org Android app is an open-source app for to-do lists and reminders. | 5.5 |
| 2022-10-19 | CVE-2013-4253 | Exposure of Resource to Wrong Sphere vulnerability in Redhat Openshift 1.0 The deployment script in the unsupported "OpenShift Extras" set of add-on scripts, in Red Hat Openshift 1, installs a default public key in the root user's authorized_keys file. | 7.5 |
| 2022-10-14 | CVE-2022-39309 | Exposure of Resource to Wrong Sphere vulnerability in Thoughtworks Gocd GoCD is a continuous delivery server. | 6.5 |
| 2022-10-11 | CVE-2022-39015 | Exposure of Resource to Wrong Sphere vulnerability in SAP Business Objects Business Intelligence Platform 420/430 Under certain conditions, BOE AdminTools/ BOE SDK allows an attacker to access information which would otherwise be restricted. | 6.5 |
| 2022-10-10 | CVE-2022-26121 | Exposure of Resource to Wrong Sphere vulnerability in Fortinet Fortianalyzer and Fortimanager An exposure of resource to wrong sphere vulnerability [CWE-668] in FortiAnalyzer and FortiManager GUI 7.0.0 through 7.0.3, 6.4.0 through 6.4.8, 6.2.0 through 6.2.9, 6.0.0 through 6.0.11, 5.6.0 through 5.6.11 may allow an unauthenticated and remote attacker to access report template images via referencing the name in the URL path. | 5.3 |
| 2022-10-07 | CVE-2022-39869 | Exposure of Resource to Wrong Sphere vulnerability in Samsung Smartthings 1.7.73.22/1.7.85.12/1.7.85.25 Improper access control vulnerability in cloudNotificationManager.java SmartThings prior to version 1.7.89.0 allows attackers to access sensitive information via REMOVE_PERSISTENT_BANNER broadcast. | 7.5 |
| 2022-10-07 | CVE-2022-39870 | Exposure of Resource to Wrong Sphere vulnerability in Samsung Smartthings 1.7.73.22/1.7.85.12/1.7.85.25 Improper access control vulnerability in cloudNotificationManager.java SmartThings prior to version 1.7.89.0 allows attackers to access sensitive information via PUSH_MESSAGE_RECEIVED broadcast. | 7.5 |