Vulnerabilities > Exposure of Resource to Wrong Sphere

DATE CVE VULNERABILITY TITLE RISK
2021-11-16 CVE-2021-26312 Exposure of Resource to Wrong Sphere vulnerability in AMD products
Failure to flush the Translation Lookaside Buffer (TLB) of the I/O memory management unit (IOMMU) may lead an IO device to write to memory it should not be able to access, resulting in a potential loss of integrity.
local
low complexity
amd CWE-668
5.5
2021-11-10 CVE-2020-12488 Exposure of Resource to Wrong Sphere vulnerability in Vivo Jovi Smart Scene 6.2.2.5
The attacker can access the sensitive information stored within the jovi Smart Scene module by entering carefully constructed commands without requesting permission.
local
low complexity
vivo CWE-668
5.5
2021-10-28 CVE-2021-22044 Exposure of Resource to Wrong Sphere vulnerability in VMWare Spring Cloud Openfeign
In Spring Cloud OpenFeign 3.0.0 to 3.0.4, 2.2.0.RELEASE to 2.2.9.RELEASE, and older unsupported versions, applications using type-level `@RequestMapping`annotations over Feign client interfaces, can be involuntarily exposing endpoints corresponding to `@RequestMapping`-annotated interface methods.
network
low complexity
vmware CWE-668
7.5
2021-10-28 CVE-2021-22047 Exposure of Resource to Wrong Sphere vulnerability in VMWare Spring Data Rest
In Spring Data REST versions 3.4.0 - 3.4.13, 3.5.0 - 3.5.5, and older unsupported versions, HTTP resources implemented by custom controllers using a configured base API path and a controller type-level request mapping are additionally exposed under URIs that can potentially be exposed for unauthorized access depending on the Spring Security configuration.
network
low complexity
vmware CWE-668
5.3
2021-10-28 CVE-2021-22454 Exposure of Resource to Wrong Sphere vulnerability in Huawei Harmonyos 2.0
A component of the HarmonyOS has a External Control of System or Configuration Setting vulnerability.
local
low complexity
huawei CWE-668
5.5
2021-10-28 CVE-2021-22468 Exposure of Resource to Wrong Sphere vulnerability in Huawei Harmonyos 2.0
A component of the HarmonyOS has a Exposure of Sensitive Information to an Unauthorized Actor vulnerability.
local
low complexity
huawei CWE-668
3.3
2021-10-27 CVE-2021-34761 Exposure of Resource to Wrong Sphere vulnerability in Cisco products
A vulnerability in Cisco Firepower Threat Defense (FTD) Software could allow an authenticated, local attacker to overwrite or append arbitrary data to system files using root-level privileges.
local
low complexity
cisco CWE-668
6.0
2021-10-22 CVE-2021-42536 Exposure of Resource to Wrong Sphere vulnerability in Emerson products
The affected product is vulnerable to a disclosure of peer username and password by allowing all users access to read global variables.
network
low complexity
emerson CWE-668
6.5
2021-10-12 CVE-2021-40497 Exposure of Resource to Wrong Sphere vulnerability in SAP Businessobjects Analysis 420/430
SAP BusinessObjects Analysis (edition for OLAP) - versions 420, 430, allows an attacker to exploit certain application endpoints to read sensitive data.
network
low complexity
sap CWE-668
5.3
2021-10-12 CVE-2020-28145 Exposure of Resource to Wrong Sphere vulnerability in Wuzhicms 4.0.1
Arbitrary file deletion vulnerability was discovered in wuzhicms v 4.0.1 via coreframe\app\attachment\admin\index.php, which allows attackers to access sensitive information.
network
low complexity
wuzhicms CWE-668
7.5