Vulnerabilities > Exposure of Resource to Wrong Sphere
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-03-23 | CVE-2022-25041 | Exposure of Resource to Wrong Sphere vulnerability in Open-Emr Openemr 6.0.0 OpenEMR v6.0.0 was discovered to contain an incorrect access control issue. | 4.3 |
| 2022-03-23 | CVE-2021-27424 | Exposure of Resource to Wrong Sphere vulnerability in GE products GE UR firmware versions prior to version 8.1x shares MODBUS memory map as part of the communications guide. | 5.3 |
| 2022-03-23 | CVE-2021-4180 | Exposure of Resource to Wrong Sphere vulnerability in multiple products An information exposure flaw in openstack-tripleo-heat-templates allows an external user to discover the internal IP or hostname. | 4.3 |
| 2022-03-21 | CVE-2022-25481 | Exposure of Resource to Wrong Sphere vulnerability in Thinkphp 5.0.24 ThinkPHP Framework v5.0.24 was discovered to be configured without the PATHINFO parameter. | 7.5 |
| 2022-03-17 | CVE-2022-24074 | Exposure of Resource to Wrong Sphere vulnerability in Navercorp Whale Whale Bridge, a default extension in Whale browser before 3.12.129.18, allowed to receive any SendMessage request from the content script itself that could lead to controlling Whale Bridge if the rendering process compromises. | 9.8 |
| 2022-03-15 | CVE-2020-4989 | Exposure of Resource to Wrong Sphere vulnerability in IBM Rational Team Concert IBM Engineering Workflow Management 7.0, 7.0.1, and 7.0.2 and IBM Rational Team Concert 6.0.6 and 6.0.0.1 could allow an authenticated user to obtain sensitive information about build definitions. | 4.3 |
| 2022-03-14 | CVE-2022-24742 | Exposure of Resource to Wrong Sphere vulnerability in Sylius Sylius is an open source eCommerce platform. | 5.5 |
| 2022-03-10 | CVE-2022-0815 | Exposure of Resource to Wrong Sphere vulnerability in Mcafee Webadvisor 4.1.1.48 Improper access control vulnerability in McAfee WebAdvisor Chrome and Edge browser extensions up to 8.1.0.1895 allows a remote attacker to gain access to McAfee WebAdvisor settings and other details about the user’s system. | 7.3 |
| 2022-03-10 | CVE-2022-26355 | Exposure of Resource to Wrong Sphere vulnerability in Citrix Federated Authentication Service 10.6/7.17 Citrix Federated Authentication Service (FAS) 7.17 - 10.6 causes deployments that have been configured to store a registration authority certificate's private key in a Trusted Platform Module (TPM) to incorrectly store that key in the Microsoft Software Key Storage Provider (MSKSP). | 4.4 |
| 2022-03-10 | CVE-2021-28488 | Exposure of Resource to Wrong Sphere vulnerability in Ericsson Network Manager Ericsson Network Manager (ENM) before 21.2 has incorrect access-control behavior (that only affects the level of access available to persons who were already granted a highly privileged role). | 6.5 |