Vulnerabilities > Exposure of Resource to Wrong Sphere
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-05-06 | CVE-2021-1438 | Exposure of Resource to Wrong Sphere vulnerability in Cisco Wide Area Application Services A vulnerability in Cisco Wide Area Application Services (WAAS) Software could allow an authenticated, local attacker to gain access to sensitive information on an affected device. | 5.5 |
| 2021-04-23 | CVE-2021-31410 | Exposure of Resource to Wrong Sphere vulnerability in Vaadin Designer Overly relaxed configuration of frontend resources server in Vaadin Designer versions 4.3.0 through 4.6.3 allows remote attackers to access project sources via crafted HTTP request. | 7.5 |
| 2021-04-23 | CVE-2021-31407 | Exposure of Resource to Wrong Sphere vulnerability in Vaadin Flow Vulnerability in OSGi integration in com.vaadin:flow-server versions 1.2.0 through 2.4.7 (Vaadin 12.0.0 through 14.4.9), and 6.0.0 through 6.0.1 (Vaadin 19.0.0) allows attacker to access application classes and resources on the server via crafted HTTP request. | 7.5 |
| 2021-04-23 | CVE-2020-36319 | Exposure of Resource to Wrong Sphere vulnerability in Vaadin Flow and Vaadin Insecure configuration of default ObjectMapper in com.vaadin:flow-server versions 3.0.0 through 3.0.5 (Vaadin 15.0.0 through 15.0.4) may expose sensitive data if the application also uses e.g. | 6.5 |
| 2021-04-22 | CVE-2021-28168 | Exposure of Resource to Wrong Sphere vulnerability in multiple products Eclipse Jersey 2.28 to 2.33 and Eclipse Jersey 3.0.0 to 3.0.1 contains a local information disclosure vulnerability. | 5.5 |
| 2021-04-16 | CVE-2021-22539 | Exposure of Resource to Wrong Sphere vulnerability in Google Bazel An attacker can place a crafted JSON config file into the project folder pointing to a custom executable. | 7.8 |
| 2021-04-09 | CVE-2021-25364 | Exposure of Resource to Wrong Sphere vulnerability in Google Android 11.0 A pendingIntent hijacking vulnerability in Secure Folder prior to SMR APR-2021 Release 1 allows unprivileged applications to access contact information. | 3.3 |
| 2021-04-09 | CVE-2021-25357 | Exposure of Resource to Wrong Sphere vulnerability in Google Android 8.1/9.0 A pendingIntent hijacking vulnerability in Create Movie prior to SMR APR-2021 Release 1 in Android O(8.x) and P(9.0), 3.4.81.1 in Android Q(10,0), and 3.6.80.7 in Android R(11.0) allows unprivileged applications to access contact information. | 5.5 |
| 2021-03-25 | CVE-2020-10581 | Exposure of Resource to Wrong Sphere vulnerability in Invigo Automatic Device Management 5.0 Multiple session validity check issues in several administration functionalities of Invigo Automatic Device Management (ADM) through 5.0 allow remote attackers to read potentially sensitive data hosted by the application. | 7.5 |
| 2021-03-25 | CVE-2021-25352 | Exposure of Resource to Wrong Sphere vulnerability in Samsung Bixby Voice Using PendingIntent with implicit intent in Bixby Voice prior to version 3.0.52.14 allows attackers to execute privileged action by hijacking and modifying the intent. | 7.8 |