Vulnerabilities > Exposure of Resource to Wrong Sphere
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-10-31 | CVE-2023-38994 | Exposure of Resource to Wrong Sphere vulnerability in Univention Corporate Server 5.0 The 'check_univention_joinstatus' prometheus monitoring script (and other scripts) in UCS 5.0-5 revealed the LDAP plaintext password of the machine account in the process list allowing attackers with local ssh access to gain higher privileges and perform followup attacks. | 7.8 |
| 2023-10-25 | CVE-2023-37911 | Exposure of Resource to Wrong Sphere vulnerability in Xwiki XWiki Platform is a generic wiki platform offering runtime services for applications built on top of it. | 6.5 |
| 2023-10-18 | CVE-2023-45145 | Exposure of Resource to Wrong Sphere vulnerability in multiple products Redis is an in-memory database that persists on disk. | 3.6 |
| 2023-10-18 | CVE-2023-45911 | Exposure of Resource to Wrong Sphere vulnerability in Wipotec Comscale 4.3.29.21344/4.4.12.723 An issue in WIPOTEC GmbH ComScale v4.3.29.21344 and v4.4.12.723 allows unauthenticated attackers to login as any user without a password. | 9.8 |
| 2023-10-17 | CVE-2023-45357 | Exposure of Resource to Wrong Sphere vulnerability in Archerirm Archer Archer Platform 6.x before 6.13 P2 HF2 (6.13.0.2.2) contains a sensitive information disclosure vulnerability. | 6.5 |
| 2023-10-16 | CVE-2023-44394 | Exposure of Resource to Wrong Sphere vulnerability in Mantisbt MantisBT is an open source bug tracker. | 4.3 |
| 2023-10-16 | CVE-2023-35013 | Exposure of Resource to Wrong Sphere vulnerability in IBM Security Verify Governance 10.0/10.0.1 IBM Security Verify Governance 10.0, Identity Manager could allow a local privileged user to obtain sensitive information from source code. | 4.4 |
| 2023-10-14 | CVE-2023-42792 | Exposure of Resource to Wrong Sphere vulnerability in Apache Airflow Apache Airflow, in versions prior to 2.7.2, contains a security vulnerability that allows an authenticated user with limited access to some DAGs, to craft a request that could give the user write access to various DAG resources for DAGs that the user had no access to, thus, enabling the user to clear DAGs they shouldn't. Users of Apache Airflow are strongly advised to upgrade to version 2.7.2 or newer to mitigate the risk associated with this vulnerability. | 6.5 |
| 2023-10-12 | CVE-2023-32275 | Exposure of Resource to Wrong Sphere vulnerability in Softether VPN 4.419782/5.01.9674 An information disclosure vulnerability exists in the CtEnumCa() functionality of SoftEther VPN 4.41-9782-beta and 5.01.9674. | 4.4 |
| 2023-10-11 | CVE-2023-44101 | Exposure of Resource to Wrong Sphere vulnerability in Huawei Harmonyos The Bluetooth module has a vulnerability in permission control for broadcast notifications.Successful exploitation of this vulnerability may affect confidentiality. | 7.5 |