Vulnerabilities > Exposure of Resource to Wrong Sphere
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-06-09 | CVE-2021-33669 | Exposure of Resource to Wrong Sphere vulnerability in SAP Mobile SDK Certificate Provider 3.0.7 Under certain conditions, SAP Mobile SDK Certificate Provider allows a local unprivileged attacker to exploit an insecure temporary file storage. | 7.8 |
| 2021-06-08 | CVE-2021-22549 | Exposure of Resource to Wrong Sphere vulnerability in Google Asylo An attacker can modify the address to point to trusted memory to overwrite arbitrary trusted memory. | 7.8 |
| 2021-06-08 | CVE-2021-22550 | Exposure of Resource to Wrong Sphere vulnerability in Google Asylo An attacker can modify the pointers in enclave memory to overwrite arbitrary memory addresses within the secure enclave. | 7.8 |
| 2021-05-27 | CVE-2021-22118 | Exposure of Resource to Wrong Sphere vulnerability in multiple products In Spring Framework, versions 5.2.x prior to 5.2.15 and versions 5.3.x prior to 5.3.7, a WebFlux application is vulnerable to a privilege escalation: by (re)creating the temporary storage directory, a locally authenticated malicious user can read or modify files that have been uploaded to the WebFlux application, or overwrite arbitrary files with multipart request data. | 7.8 |
| 2021-05-27 | CVE-2008-2544 | Exposure of Resource to Wrong Sphere vulnerability in Linux Kernel Mounting /proc filesystem via chroot command silently mounts it in read-write mode. | 5.5 |
| 2021-05-27 | CVE-2021-31154 | Exposure of Resource to Wrong Sphere vulnerability in Pleaseedit Project Pleaseedit pleaseedit in please before 0.4 uses predictable temporary filenames in /tmp and the target directory. | 7.8 |
| 2021-05-26 | CVE-2018-16494 | Exposure of Resource to Wrong Sphere vulnerability in Versa-Networks Versa Operating System 20.2.0/21.1.0 In VOS and overly permissive "umask" may allow for authorized users of the server to gain unauthorized access through insecure file permissions that can result in an arbitrary read, write, or execution of newly created files and directories. | 8.8 |
| 2021-05-11 | CVE-2021-26309 | Exposure of Resource to Wrong Sphere vulnerability in Jetbrains Teamcity Information disclosure in the TeamCity plugin for IntelliJ before 2020.2.2.85899 was possible because a local temporary file had Insecure Permissions. | 3.3 |
| 2021-05-10 | CVE-2021-21430 | Exposure of Resource to Wrong Sphere vulnerability in Openapi-Generator Openapi Generator OpenAPI Generator allows generation of API client libraries (SDK generation), server stubs, documentation and configuration automatically given an OpenAPI Spec. | 5.5 |
| 2021-05-10 | CVE-2021-21428 | Exposure of Resource to Wrong Sphere vulnerability in Openapi-Generator Openapi Generator Openapi generator is a java tool which allows generation of API client libraries (SDK generation), server stubs, documentation and configuration automatically given an OpenAPI Spec. | 7.0 |