Vulnerabilities > Exposure of Resource to Wrong Sphere
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-10-05 | CVE-2020-21503 | Exposure of Resource to Wrong Sphere vulnerability in Waimai Super CMS Project Waimai Super CMS 20150505 waimai Super Cms 20150505 has a logic flaw allowing attackers to modify a price, before form submission, by observing data in a packet capture. | 7.5 |
| 2021-09-23 | CVE-2021-22009 | Exposure of Resource to Wrong Sphere vulnerability in VMWare Cloud Foundation and Vcenter Server The vCenter Server contains multiple denial-of-service vulnerabilities in VAPI (vCenter API) service. | 7.5 |
| 2021-09-23 | CVE-2021-34723 | Exposure of Resource to Wrong Sphere vulnerability in Cisco IOS XE 17.3.1A A vulnerability in a specific CLI command that is run on Cisco IOS XE SD-WAN Software could allow an authenticated, local attacker to overwrite arbitrary files in the configuration database of an affected device. | 6.7 |
| 2021-09-16 | CVE-2020-14130 | Exposure of Resource to Wrong Sphere vulnerability in MI Xiaomi Some js interfaces in the Xiaomi community were exposed, causing sensitive functions to be maliciously called on Xiaomi community app Affected Version <3.0.210809 | 5.3 |
| 2021-09-15 | CVE-2020-19155 | Exposure of Resource to Wrong Sphere vulnerability in Jflyfox Jfinal CMS Improper Access Control in Jfinal CMS v4.7.1 and earlier allows remote attackers to obtain sensitive information and/or execute arbitrary code via the 'FileManager.rename()' function in the component 'modules/filemanager/FileManagerController.java'. | 8.8 |
| 2021-09-14 | CVE-2021-23034 | Exposure of Resource to Wrong Sphere vulnerability in F5 products On BIG-IP version 16.x before 16.1.0 and 15.1.x before 15.1.3.1, when a DNS profile using a DNS cache resolver is configured on a virtual server, undisclosed requests can cause the Traffic Management Microkernel (TMM) process to terminate. | 7.5 |
| 2021-09-08 | CVE-2021-28568 | Exposure of Resource to Wrong Sphere vulnerability in Adobe Genuine Service 7.1 Adobe Genuine Services version 7.1 (and earlier) is affected by an Insecure file permission vulnerability during installation process. | 6.5 |
| 2021-09-01 | CVE-2021-36002 | Exposure of Resource to Wrong Sphere vulnerability in Adobe Captivate Adobe Captivate version 11.5.5 (and earlier) is affected by an Creation of Temporary File In Directory With Incorrect Permissions vulnerability that could result in privilege escalation in the context of the current user. | 7.3 |
| 2021-08-25 | CVE-2020-18972 | Exposure of Resource to Wrong Sphere vulnerability in Podofo Project Podofo 0.9.6 Exposure of Sensitive Information to an Unauthorized Actor in PoDoFo v0.9.6 allows attackers to obtain sensitive information via 'IsNextToken' in the component 'src/base/PdfToenizer.cpp'. | 5.5 |
| 2021-08-24 | CVE-2021-30921 | Exposure of Resource to Wrong Sphere vulnerability in Apple Iphone OS A logic issue was addressed with improved state management. | 5.5 |