Vulnerabilities > Exposure of Resource to Wrong Sphere
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-11-19 | CVE-2021-42254 | Exposure of Resource to Wrong Sphere vulnerability in Beyondtrust Privilege Management for Windows BeyondTrust Privilege Management prior to version 21.6 creates a Temporary File in a Directory with Insecure Permissions. | 7.8 |
| 2021-11-16 | CVE-2021-26327 | Exposure of Resource to Wrong Sphere vulnerability in AMD products Insufficient validation of guest context in the SNP Firmware could lead to a potential loss of guest confidentiality. | 5.5 |
| 2021-11-16 | CVE-2021-26312 | Exposure of Resource to Wrong Sphere vulnerability in AMD products Failure to flush the Translation Lookaside Buffer (TLB) of the I/O memory management unit (IOMMU) may lead an IO device to write to memory it should not be able to access, resulting in a potential loss of integrity. | 5.5 |
| 2021-11-10 | CVE-2020-12488 | Exposure of Resource to Wrong Sphere vulnerability in Vivo Jovi Smart Scene 6.2.2.5 The attacker can access the sensitive information stored within the jovi Smart Scene module by entering carefully constructed commands without requesting permission. | 5.5 |
| 2021-10-28 | CVE-2021-22044 | Exposure of Resource to Wrong Sphere vulnerability in VMWare Spring Cloud Openfeign In Spring Cloud OpenFeign 3.0.0 to 3.0.4, 2.2.0.RELEASE to 2.2.9.RELEASE, and older unsupported versions, applications using type-level `@RequestMapping`annotations over Feign client interfaces, can be involuntarily exposing endpoints corresponding to `@RequestMapping`-annotated interface methods. | 7.5 |
| 2021-10-28 | CVE-2021-22047 | Exposure of Resource to Wrong Sphere vulnerability in VMWare Spring Data Rest In Spring Data REST versions 3.4.0 - 3.4.13, 3.5.0 - 3.5.5, and older unsupported versions, HTTP resources implemented by custom controllers using a configured base API path and a controller type-level request mapping are additionally exposed under URIs that can potentially be exposed for unauthorized access depending on the Spring Security configuration. | 5.3 |
| 2021-10-28 | CVE-2021-22454 | Exposure of Resource to Wrong Sphere vulnerability in Huawei Harmonyos 2.0 A component of the HarmonyOS has a External Control of System or Configuration Setting vulnerability. | 5.5 |
| 2021-10-28 | CVE-2021-22468 | Exposure of Resource to Wrong Sphere vulnerability in Huawei Harmonyos 2.0 A component of the HarmonyOS has a Exposure of Sensitive Information to an Unauthorized Actor vulnerability. | 3.3 |
| 2021-10-27 | CVE-2021-34761 | Exposure of Resource to Wrong Sphere vulnerability in Cisco products A vulnerability in Cisco Firepower Threat Defense (FTD) Software could allow an authenticated, local attacker to overwrite or append arbitrary data to system files using root-level privileges. | 6.0 |
| 2021-10-22 | CVE-2021-42536 | Exposure of Resource to Wrong Sphere vulnerability in Emerson products The affected product is vulnerable to a disclosure of peer username and password by allowing all users access to read global variables. | 6.5 |