Vulnerabilities > Exposure of Resource to Wrong Sphere
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-03-16 | CVE-2020-10238 | Exposure of Resource to Wrong Sphere vulnerability in Joomla Joomla! An issue was discovered in Joomla! before 3.9.16. | 7.5 |
| 2020-03-11 | CVE-2019-5159 | Exposure of Resource to Wrong Sphere vulnerability in Wago E!Cockpit 1.6.0.7 An exploitable improper input validation vulnerability exists in the firmware update functionality of WAGO e!COCKPIT automation software v1.6.0.7. | 7.8 |
| 2020-03-11 | CVE-2020-1981 | Exposure of Resource to Wrong Sphere vulnerability in Paloaltonetworks Pan-Os A predictable temporary filename vulnerability in PAN-OS allows local privilege escalation. | 7.8 |
| 2020-02-28 | CVE-2019-10805 | Exposure of Resource to Wrong Sphere vulnerability in Sideralis Valib.Js 2.0.0 valib through 2.0.0 allows Internal Property Tampering. | 7.5 |
| 2020-02-17 | CVE-2019-10790 | Exposure of Resource to Wrong Sphere vulnerability in Taffydb Taffy 2.6.2 taffydb npm module, vulnerable in all versions up to and including 2.7.3, allows attackers to forge adding additional properties into user-input processed by taffy which can allow access to any data items in the DB. | 7.5 |
| 2020-02-04 | CVE-2020-8449 | Exposure of Resource to Wrong Sphere vulnerability in multiple products An issue was discovered in Squid before 4.10. | 7.5 |
| 2020-02-04 | CVE-2020-8121 | Exposure of Resource to Wrong Sphere vulnerability in Nextcloud Server A bug in Nextcloud Server 14.0.4 could expose more data in reshared link shares than intended by the sharer. | 8.1 |
| 2020-01-30 | CVE-2020-7912 | Exposure of Resource to Wrong Sphere vulnerability in Jetbrains Youtrack In JetBrains YouTrack before 2019.2.59309, SMTP/Jabber settings could be accessed using backups. | 5.3 |
| 2020-01-28 | CVE-2019-4633 | Exposure of Resource to Wrong Sphere vulnerability in IBM Security Secret Server 10.6/10.7 IBM Security Secret Server 10.7 could allow an attacker to obtain sensitive information due to an overly permissive CORS policy. | 4.3 |
| 2020-01-22 | CVE-2019-10781 | Exposure of Resource to Wrong Sphere vulnerability in Schema-Inspector Project Schema-Inspector In schema-inspector before 1.6.9, a maliciously crafted JavaScript object can bypass the `sanitize()` and the `validate()` function used within schema-inspector. | 9.8 |