Vulnerabilities > Exposure of Resource to Wrong Sphere
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-11-07 | CVE-2023-42546 | Exposure of Resource to Wrong Sphere vulnerability in Samsung Account Use of implicit intent for sensitive communication vulnerability in startAgreeToDisclaimerActivity in Samsung Account prior to version 14.5.00.7 allows attackers to access arbitrary file with Samsung Account privilege. | 6.5 |
| 2023-11-07 | CVE-2023-42547 | Exposure of Resource to Wrong Sphere vulnerability in Samsung Account Use of implicit intent for sensitive communication vulnerability in startEmailValidationActivity in Samsung Account prior to version 14.5.00.7 allows attackers to access arbitrary file with Samsung Account privilege. | 6.5 |
| 2023-11-07 | CVE-2023-42549 | Exposure of Resource to Wrong Sphere vulnerability in Samsung Account Use of implicit intent for sensitive communication vulnerability in startNameValidationActivity in Samsung Account prior to version 14.5.00.7 allows attackers to access arbitrary file with Samsung Account privilege. | 6.5 |
| 2023-11-07 | CVE-2023-42551 | Exposure of Resource to Wrong Sphere vulnerability in Samsung Account Use of implicit intent for sensitive communication vulnerability in startTncActivity in Samsung Account prior to version 14.5.00.7 allows attackers to access arbitrary file with Samsung Account privilege. | 6.5 |
| 2023-11-06 | CVE-2023-4910 | Exposure of Resource to Wrong Sphere vulnerability in Redhat 3Scale API Management 2.0 A flaw was found In 3Scale Admin Portal. | 5.5 |
| 2023-11-02 | CVE-2023-4217 | Exposure of Resource to Wrong Sphere vulnerability in Moxa Eds-G503 Firmware A vulnerability has been identified in PT-G503 Series versions prior to v5.2, where the session cookies attribute is not set properly in the affected application. | 5.3 |
| 2023-11-01 | CVE-2023-3972 | Exposure of Resource to Wrong Sphere vulnerability in Redhat products A vulnerability was found in insights-client. | 7.8 |
| 2023-10-31 | CVE-2023-38994 | Exposure of Resource to Wrong Sphere vulnerability in Univention Corporate Server 5.0 The 'check_univention_joinstatus' prometheus monitoring script (and other scripts) in UCS 5.0-5 revealed the LDAP plaintext password of the machine account in the process list allowing attackers with local ssh access to gain higher privileges and perform followup attacks. | 7.8 |
| 2023-10-25 | CVE-2023-37911 | Exposure of Resource to Wrong Sphere vulnerability in Xwiki XWiki Platform is a generic wiki platform offering runtime services for applications built on top of it. | 6.5 |
| 2023-10-18 | CVE-2023-45911 | Exposure of Resource to Wrong Sphere vulnerability in Wipotec Comscale 4.3.29.21344/4.4.12.723 An issue in WIPOTEC GmbH ComScale v4.3.29.21344 and v4.4.12.723 allows unauthenticated attackers to login as any user without a password. | 9.8 |