Vulnerabilities > Exposure of Resource to Wrong Sphere
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-10-07 | CVE-2022-39871 | Exposure of Resource to Wrong Sphere vulnerability in Samsung Smartthings 1.7.73.22/1.7.85.12/1.7.85.25 Improper access control vulnerability cloudNotificationManager.java in SmartThings prior to version 1.7.89.0 allows attackers to access sensitive information via implicit broadcasts. | 7.5 |
| 2022-09-29 | CVE-2020-27601 | Exposure of Resource to Wrong Sphere vulnerability in Bigbluebutton In BigBlueButton before 2.2.7, lockSettingsProps.disablePrivateChat does not apply to already opened chats. | 3.5 |
| 2022-09-21 | CVE-2022-23950 | Exposure of Resource to Wrong Sphere vulnerability in Keylime In Keylime before 6.3.0, Revocation Notifier uses a fixed /tmp path for UNIX domain socket which can allow unprivileged users a method to prohibit keylime operations. | 7.5 |
| 2022-09-19 | CVE-2022-40234 | Exposure of Resource to Wrong Sphere vulnerability in IBM Spectrum Protect Plus Versions of IBM Spectrum Protect Plus prior to 10.1.12 (excluding 10.1.12) include the private key information for a certificate inside the generated .crt file when uploading a TLS certificate to IBM Spectrum Protect Plus. | 5.9 |
| 2022-09-06 | CVE-2022-34867 | Exposure of Resource to Wrong Sphere vulnerability in WP Libre Form Project WP Libre Form Unauthenticated Sensitive Information Disclosure vulnerability in WP Libre Form 2 plugin <= 2.0.8 at WordPress allows attackers to list and delete submissions. | 6.5 |
| 2022-08-26 | CVE-2022-29850 | Exposure of Resource to Wrong Sphere vulnerability in Lexmark products Various Lexmark products through 2022-04-27 allow an attacker who has already compromised an affected Lexmark device to maintain persistence across reboots. | 8.1 |
| 2022-08-12 | CVE-2022-2610 | Exposure of Resource to Wrong Sphere vulnerability in multiple products Insufficient policy enforcement in Background Fetch in Google Chrome prior to 104.0.5112.79 allowed a remote attacker to leak cross-origin data via a crafted HTML page. | 6.5 |
| 2022-08-11 | CVE-2021-0734 | Exposure of Resource to Wrong Sphere vulnerability in Google Android 13.0.0 In Settings, there is a possible way to determine whether an app is installed without query permissions, due to side channel information disclosure. | 5.5 |
| 2022-08-05 | CVE-2022-35936 | Exposure of Resource to Wrong Sphere vulnerability in multiple products Ethermint is an Ethereum library. | 5.3 |
| 2022-07-27 | CVE-2022-1873 | Exposure of Resource to Wrong Sphere vulnerability in Google Chrome Insufficient policy enforcement in COOP in Google Chrome prior to 102.0.5005.61 allowed a remote attacker to leak cross-origin data via a crafted HTML page. | 6.5 |