Vulnerabilities > Exposure of Resource to Wrong Sphere
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-01-30 | CVE-2020-7912 | Exposure of Resource to Wrong Sphere vulnerability in Jetbrains Youtrack In JetBrains YouTrack before 2019.2.59309, SMTP/Jabber settings could be accessed using backups. | 5.3 |
| 2020-01-28 | CVE-2019-4633 | Exposure of Resource to Wrong Sphere vulnerability in IBM Security Secret Server 10.6/10.7 IBM Security Secret Server 10.7 could allow an attacker to obtain sensitive information due to an overly permissive CORS policy. | 4.3 |
| 2020-01-22 | CVE-2019-10781 | Exposure of Resource to Wrong Sphere vulnerability in Schema-Inspector Project Schema-Inspector In schema-inspector before 1.6.9, a maliciously crafted JavaScript object can bypass the `sanitize()` and the `validate()` function used within schema-inspector. | 9.8 |
| 2020-01-17 | CVE-2019-3682 | Exposure of Resource to Wrong Sphere vulnerability in Suse Caas Platform 3.0 The docker-kubic package in SUSE CaaS Platform 3.0 before 17.09.1_ce-7.6.1 provided access to an insecure API locally on the Kubernetes master node. | 7.8 |
| 2019-12-30 | CVE-2019-20149 | Exposure of Resource to Wrong Sphere vulnerability in Kind-Of Project Kind-Of 6.0.2 ctorName in index.js in kind-of v6.0.2 allows external user input to overwrite certain internal attributes via a conflicting name, as demonstrated by 'constructor': {'name':'Symbol'}. | 7.5 |
| 2019-12-20 | CVE-2012-5639 | Exposure of Resource to Wrong Sphere vulnerability in multiple products LibreOffice and OpenOffice automatically open embedded content | 6.5 |
| 2019-12-18 | CVE-2019-8779 | Exposure of Resource to Wrong Sphere vulnerability in Apple Ipados and Iphone OS A logic issue applied the incorrect restrictions. | 10.0 |
| 2019-12-13 | CVE-2014-2387 | Exposure of Resource to Wrong Sphere vulnerability in multiple products Pen 0.18.0 has Insecure Temporary File Creation vulnerabilities | 4.4 |
| 2019-12-12 | CVE-2019-13927 | Exposure of Resource to Wrong Sphere vulnerability in Siemens products A vulnerability has been identified in Desigo PX automation controllers PXC00-E.D, PXC50-E.D, PXC100-E.D, PXC200-E.D with Desigo PX Web modules PXA40-W0, PXA40-W1, PXA40-W2 (All firmware versions < V6.00.320), Desigo PX automation controllers PXC00-U, PXC64-U, PXC128-U with Desigo PX Web modules PXA30-W0, PXA30-W1, PXA30-W2 (All firmware versions < V6.00.320), Desigo PX automation controllers PXC22.1-E.D, PXC36-E.D, PXC36.1-E.D with activated web server (All firmware versions < V6.00.320). | 5.3 |
| 2019-12-10 | CVE-2013-2183 | Exposure of Resource to Wrong Sphere vulnerability in Monkey-Project Monkey Monkey HTTP Daemon has local security bypass | 7.1 |