Vulnerabilities > Exposure of Resource to Wrong Sphere

DATE CVE VULNERABILITY TITLE RISK
2022-06-24 CVE-2022-32530 Exposure of Resource to Wrong Sphere vulnerability in Schneider-Electric GEO Scada Mobile 2020
A CWE-668 Exposure of Resource to Wrong Sphere vulnerability exists that could cause users to be misled, hiding alarms, showing the wrong server connection option or the wrong control request when a mobile device has been compromised by a malicious application.
6.8
2022-06-16 CVE-2020-25459 Exposure of Resource to Wrong Sphere vulnerability in Webank Federated AI Technology Enabler
An issue was discovered in function sync_tree in hetero_decision_tree_guest.py in WeBank FATE (Federated AI Technology Enabler) 0.1 through 1.4.2 allows attackers to read sensitive information during the training process of machine learning joint modeling.
network
low complexity
webank CWE-668
5.0
2022-06-15 CVE-2022-28226 Exposure of Resource to Wrong Sphere vulnerability in Yandex Browser
Local privilege vulnerability in Yandex Browser for Windows prior to 22.3.3.801 allows a local, low privileged, attacker to execute arbitary code with the SYSTEM privileges through manipulating temporary files in directory with insecure permissions during Yandex Browser update process.
local
low complexity
yandex CWE-668
7.8
2022-06-14 CVE-2022-31845 Exposure of Resource to Wrong Sphere vulnerability in Wavlink Wn535G3 Firmware M35G3R.V5030.180927
A vulnerability in live_check.shtml of WAVLINK WN535 G3 M35G3R.V5030.180927 allows attackers to obtain sensitive router information via execution of the exec cmd function.
network
low complexity
wavlink CWE-668
5.0
2022-06-14 CVE-2022-31846 Exposure of Resource to Wrong Sphere vulnerability in Wavlink Wn535G3 Firmware M35G3R.V5030.180927
A vulnerability in live_mfg.shtml of WAVLINK WN535 G3 M35G3R.V5030.180927 allows attackers to obtain sensitive router information via execution of the exec cmd function.
network
low complexity
wavlink CWE-668
5.0
2022-06-13 CVE-2022-29247 Exposure of Resource to Wrong Sphere vulnerability in Electronjs Electron
Electron is a framework for writing cross-platform desktop applications using JavaScript (JS), HTML, and CSS.
6.8
2022-06-09 CVE-2022-31649 Exposure of Resource to Wrong Sphere vulnerability in Owncloud
ownCloud owncloud/core before 10.10.0 Improperly Removes Sensitive Information Before Storage or Transfer.
network
low complexity
owncloud CWE-668
7.5
2022-06-08 CVE-2021-36710 Exposure of Resource to Wrong Sphere vulnerability in Toaruos 1.99.2
ToaruOS 1.99.2 is affected by incorrect access control via the kernel.
local
low complexity
toaruos CWE-668
8.8
2022-06-07 CVE-2022-30728 Exposure of Resource to Wrong Sphere vulnerability in Google Android 11.0/12.0
Information exposure vulnerability in ScanPool prior to SMR Jun-2022 Release 1 allows local attackers to get MAC address information.
local
low complexity
google CWE-668
2.1
2022-06-07 CVE-2022-30732 Exposure of Resource to Wrong Sphere vulnerability in Samsung Account
Exposure of Sensitive Information vulnerability in Samsung Account prior to version 13.2.00.6 allows attacker to access sensitive information via onActivityResult.
network
low complexity
samsung CWE-668
5.0