Vulnerabilities > Exposure of Resource to Wrong Sphere
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-12-09 | CVE-2021-38931 | Exposure of Resource to Wrong Sphere vulnerability in multiple products IBM Db2 for Linux, UNIX and Windows (includes DB2 Connect Server) 11.1, and 11.5 is vulnerable to an information disclosure as a result of a connected user having indirect read access to a table where they are not authorized to select from. | 6.5 |
| 2021-12-08 | CVE-2021-38505 | Exposure of Resource to Wrong Sphere vulnerability in Mozilla Firefox Microsoft introduced a new feature in Windows 10 known as Cloud Clipboard which, if enabled, will record data copied to the clipboard to the cloud, and make it available on other computers in certain scenarios. | 6.5 |
| 2021-12-08 | CVE-2021-25515 | Exposure of Resource to Wrong Sphere vulnerability in Google Android 10.0/11.0/9.0 An improper usage of implicit intent in SemRewardManager prior to SMR Dec-2021 Release 1 allows attackers to access BSSID. | 3.3 |
| 2021-12-07 | CVE-2021-29115 | Exposure of Resource to Wrong Sphere vulnerability in Esri Arcgis Enterprise 10.6.1 An information disclosure vulnerability in the ArcGIS Service Directory in Esri ArcGIS Enterprise versions 10.9.0 and below may allows a remote attacker to view hidden field names in feature layers. | 5.3 |
| 2021-12-06 | CVE-2021-36198 | Exposure of Resource to Wrong Sphere vulnerability in Johnsoncontrols Kantech Entrapass Successful exploitation of this vulnerability could allow an unauthorized user to access sensitive data. | 7.5 |
| 2021-12-02 | CVE-2021-23263 | Exposure of Resource to Wrong Sphere vulnerability in Craftercms Crafter CMS Unauthenticated remote attackers can read textual content via FreeMarker including files /scripts/*, /templates/* and some of the files in /.git/* (non-binary). | 7.5 |
| 2021-12-02 | CVE-2021-23264 | Exposure of Resource to Wrong Sphere vulnerability in Craftercms Crafter CMS Installations, where crafter-search is not protected, allow unauthenticated remote attackers to create, view, and delete search indexes. | 9.1 |
| 2021-11-23 | CVE-2021-38004 | Exposure of Resource to Wrong Sphere vulnerability in multiple products Insufficient policy enforcement in Autofill in Google Chrome prior to 95.0.4638.69 allowed a remote attacker to leak cross-origin data via a crafted HTML page. | 4.3 |
| 2021-11-22 | CVE-2021-43560 | Exposure of Resource to Wrong Sphere vulnerability in multiple products A flaw was found in Moodle in versions 3.11 to 3.11.3, 3.10 to 3.10.7, 3.9 to 3.9.10 and earlier unsupported versions. | 5.3 |
| 2021-11-20 | CVE-2021-36319 | Exposure of Resource to Wrong Sphere vulnerability in Dell Networking Os10 Dell Networking OS10 versions 10.4.3.x, 10.5.0.x and 10.5.1.x contain an information exposure vulnerability. | 3.3 |