Vulnerabilities > Exposure of Resource to Wrong Sphere
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-12-23 | CVE-2019-8702 | Exposure of Resource to Wrong Sphere vulnerability in Apple mac OS X This issue was addressed with a new entitlement. | 5.5 |
| 2021-12-22 | CVE-2021-21878 | Exposure of Resource to Wrong Sphere vulnerability in Lantronix Premierwave 2050 Firmware 8.9.0.0 A local file inclusion vulnerability exists in the Web Manager Applications and FsBrowse functionality of Lantronix PremierWave 2050 8.9.0.0R4. | 4.9 |
| 2021-12-16 | CVE-2020-35215 | Exposure of Resource to Wrong Sphere vulnerability in Atomix 3.1.5 An issue in Atomix v3.1.5 allows attackers to access sensitive information when a malicious Atomix node queries distributed variable primitives which contain the entire primitive lists that ONOS nodes use to share important states. | 6.5 |
| 2021-12-15 | CVE-2021-43216 | Exposure of Resource to Wrong Sphere vulnerability in Microsoft products Microsoft Local Security Authority (LSA) Server Information Disclosure Vulnerability | 6.5 |
| 2021-12-15 | CVE-2021-43893 | Exposure of Resource to Wrong Sphere vulnerability in Microsoft products Windows Encrypting File System (EFS) Elevation of Privilege Vulnerability | 7.5 |
| 2021-12-14 | CVE-2021-41065 | Exposure of Resource to Wrong Sphere vulnerability in Bopsoft Listary An issue was discovered in Listary through 6. | 7.3 |
| 2021-12-13 | CVE-2021-39915 | Exposure of Resource to Wrong Sphere vulnerability in Gitlab Improper access control in the GraphQL API in GitLab CE/EE affecting all versions starting from 13.0 before 14.3.6, all versions starting from 14.4 before 14.4.4, all versions starting from 14.5 before 14.5.2, allows an attacker to see the names of project access tokens on arbitrary projects | 5.3 |
| 2021-12-09 | CVE-2021-22568 | Exposure of Resource to Wrong Sphere vulnerability in Dart Software Development KIT When using the dart pub publish command to publish a package to a third-party package server, the request would be authenticated with an oauth2 access_token that is valid for publishing on pub.dev. | 8.8 |
| 2021-12-09 | CVE-2021-38931 | Exposure of Resource to Wrong Sphere vulnerability in multiple products IBM Db2 for Linux, UNIX and Windows (includes DB2 Connect Server) 11.1, and 11.5 is vulnerable to an information disclosure as a result of a connected user having indirect read access to a table where they are not authorized to select from. | 6.5 |
| 2021-12-08 | CVE-2021-38505 | Exposure of Resource to Wrong Sphere vulnerability in Mozilla Firefox Microsoft introduced a new feature in Windows 10 known as Cloud Clipboard which, if enabled, will record data copied to the clipboard to the cloud, and make it available on other computers in certain scenarios. | 6.5 |