Vulnerabilities > Exposure of Resource to Wrong Sphere
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-12-27 | CVE-2020-20948 | Exposure of Resource to Wrong Sphere vulnerability in Jeecg 3.8 An arbitrary file download vulnerability in jeecg v3.8 allows attackers to access sensitive files via modification of the "localPath" variable. | 7.5 |
| 2021-12-27 | CVE-2021-45708 | Exposure of Resource to Wrong Sphere vulnerability in Abomonation Project Abomonation An issue was discovered in the abomonation crate through 2021-10-17 for Rust. | 7.5 |
| 2021-12-23 | CVE-2019-8702 | Exposure of Resource to Wrong Sphere vulnerability in Apple mac OS X This issue was addressed with a new entitlement. | 5.5 |
| 2021-12-22 | CVE-2021-21878 | Exposure of Resource to Wrong Sphere vulnerability in Lantronix Premierwave 2050 Firmware 8.9.0.0 A local file inclusion vulnerability exists in the Web Manager Applications and FsBrowse functionality of Lantronix PremierWave 2050 8.9.0.0R4. | 4.9 |
| 2021-12-16 | CVE-2020-35215 | Exposure of Resource to Wrong Sphere vulnerability in Atomix 3.1.5 An issue in Atomix v3.1.5 allows attackers to access sensitive information when a malicious Atomix node queries distributed variable primitives which contain the entire primitive lists that ONOS nodes use to share important states. | 6.5 |
| 2021-12-15 | CVE-2021-43216 | Exposure of Resource to Wrong Sphere vulnerability in Microsoft products Microsoft Local Security Authority (LSA) Server Information Disclosure Vulnerability | 6.5 |
| 2021-12-15 | CVE-2021-43893 | Exposure of Resource to Wrong Sphere vulnerability in Microsoft products Windows Encrypting File System (EFS) Elevation of Privilege Vulnerability | 7.5 |
| 2021-12-14 | CVE-2021-41065 | Exposure of Resource to Wrong Sphere vulnerability in Bopsoft Listary An issue was discovered in Listary through 6. | 7.3 |
| 2021-12-13 | CVE-2021-39915 | Exposure of Resource to Wrong Sphere vulnerability in Gitlab Improper access control in the GraphQL API in GitLab CE/EE affecting all versions starting from 13.0 before 14.3.6, all versions starting from 14.4 before 14.4.4, all versions starting from 14.5 before 14.5.2, allows an attacker to see the names of project access tokens on arbitrary projects | 5.3 |
| 2021-12-09 | CVE-2021-22568 | Exposure of Resource to Wrong Sphere vulnerability in Dart Software Development KIT When using the dart pub publish command to publish a package to a third-party package server, the request would be authenticated with an oauth2 access_token that is valid for publishing on pub.dev. | 8.8 |