Vulnerabilities > Exposure of Resource to Wrong Sphere
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-02-01 | CVE-2021-24868 | Exposure of Resource to Wrong Sphere vulnerability in Bplugins Document Embedder The Document Embedder WordPress plugin before 1.7.9 contains a AJAX action endpoint, which could allow any authenticated user, such as subscriber to enumerate the title of arbitrary private and draft posts. | 4.3 |
| 2022-01-25 | CVE-2022-0334 | Exposure of Resource to Wrong Sphere vulnerability in Moodle A flaw was found in Moodle in versions 3.11 to 3.11.4, 3.10 to 3.10.8, 3.9 to 3.9.11 and earlier unsupported versions. | 4.3 |
| 2022-01-19 | CVE-2022-22154 | Exposure of Resource to Wrong Sphere vulnerability in Juniper Junos In a Junos Fusion scenario an External Control of Critical State Data vulnerability in the Satellite Device (SD) control state machine of Juniper Networks Junos OS allows an attacker who is able to make physical changes to the cabling of the device to cause a denial of service (DoS). | 6.8 |
| 2022-01-15 | CVE-2021-44049 | Exposure of Resource to Wrong Sphere vulnerability in Cyberark Endpoint Privilege Manager CyberArk Endpoint Privilege Manager (EPM) through 11.5.3.328 before 2021-12-20 allows a local user to gain elevated privileges via a Trojan horse Procmon64.exe in the user's Temp directory. | 7.8 |
| 2022-01-14 | CVE-2021-39628 | Exposure of Resource to Wrong Sphere vulnerability in Google Android 10.0/11.0 In StatusBar.java, there is a possible disclosure of notification content on the lockscreen due to a logic error in the code. | 3.3 |
| 2022-01-12 | CVE-2022-23118 | Exposure of Resource to Wrong Sphere vulnerability in Jenkins Debian Package Builder Jenkins Debian Package Builder Plugin 1.6.11 and earlier implements functionality that allows agents to invoke command-line `git` at an attacker-specified path on the controller, allowing attackers able to control agent processes to invoke arbitrary OS commands on the controller. | 8.8 |
| 2022-01-10 | CVE-2021-42749 | Exposure of Resource to Wrong Sphere vulnerability in Fastlinemedia Beaver Themer In Beaver Themer, attackers can bypass conditional logic controls (for hiding content) when viewing the post archives. | 5.3 |
| 2022-01-03 | CVE-2021-37112 | Exposure of Resource to Wrong Sphere vulnerability in Huawei Harmonyos Hisuite module has a External Control of System or Configuration Setting vulnerability.Successful exploitation of this vulnerability may lead to Firmware leak. | 5.3 |
| 2022-01-03 | CVE-2021-39971 | Exposure of Resource to Wrong Sphere vulnerability in Huawei Harmonyos Password vault has a External Control of System or Configuration Setting vulnerability.Successful exploitation of this vulnerability could compromise confidentiality. | 7.5 |
| 2022-01-03 | CVE-2021-1918 | Exposure of Resource to Wrong Sphere vulnerability in Qualcomm products Improper handling of resource allocation in virtual machines can lead to information exposure in Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile | 6.5 |