Vulnerabilities > Exposure of Resource to Wrong Sphere
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-03-10 | CVE-2022-0815 | Exposure of Resource to Wrong Sphere vulnerability in Mcafee Webadvisor 4.1.1.48 Improper access control vulnerability in McAfee WebAdvisor Chrome and Edge browser extensions up to 8.1.0.1895 allows a remote attacker to gain access to McAfee WebAdvisor settings and other details about the user’s system. | 7.3 |
| 2022-03-10 | CVE-2022-26355 | Exposure of Resource to Wrong Sphere vulnerability in Citrix Federated Authentication Service 10.6/7.17 Citrix Federated Authentication Service (FAS) 7.17 - 10.6 causes deployments that have been configured to store a registration authority certificate's private key in a Trusted Platform Module (TPM) to incorrectly store that key in the Microsoft Software Key Storage Provider (MSKSP). | 4.4 |
| 2022-03-10 | CVE-2021-28488 | Exposure of Resource to Wrong Sphere vulnerability in Ericsson Network Manager Ericsson Network Manager (ENM) before 21.2 has incorrect access-control behavior (that only affects the level of access available to persons who were already granted a highly privileged role). | 6.5 |
| 2022-03-09 | CVE-2022-24747 | Exposure of Resource to Wrong Sphere vulnerability in Shopware Shopware is an open commerce platform based on the Symfony php Framework and the Vue javascript framework. | 5.3 |
| 2022-02-26 | CVE-2022-24986 | Exposure of Resource to Wrong Sphere vulnerability in KDE Kcron KDE KCron through 21.12.2 uses a temporary file in /tmp when saving, but reuses the filename during an editing session. | 7.8 |
| 2022-02-25 | CVE-2022-23835 | Exposure of Resource to Wrong Sphere vulnerability in Visual Voice Mail Project Visual Voice Mail The Visual Voice Mail (VVM) application through 2022-02-24 for Android allows persistent access if an attacker temporarily controls an application that has the READ_SMS permission, and reads an IMAP credentialing message that is (by design) not displayed to the victim within the AOSP SMS/MMS messaging application. | 8.1 |
| 2022-02-24 | CVE-2022-25643 | Exposure of Resource to Wrong Sphere vulnerability in Seatd Project Seatd seatd-launch in seatd 0.6.x before 0.6.4 allows removing files with escalated privileges when installed setuid root. | 9.8 |
| 2022-02-16 | CVE-2022-25236 | Exposure of Resource to Wrong Sphere vulnerability in multiple products xmlparse.c in Expat (aka libexpat) before 2.4.5 allows attackers to insert namespace-separator characters into namespace URIs. | 9.8 |
| 2022-02-15 | CVE-2021-42713 | Exposure of Resource to Wrong Sphere vulnerability in Splashtop 3.4.6.1 Splashtop Remote Client (Personal Edition) through 3.4.6.1 creates a Temporary File in a Directory with Insecure Permissions. | 7.8 |
| 2022-02-15 | CVE-2021-42714 | Exposure of Resource to Wrong Sphere vulnerability in Splashtop 3.4.8.3 Splashtop Remote Client (Business Edition) through 3.4.8.3 creates a Temporary File in a Directory with Insecure Permissions. | 7.8 |