Vulnerabilities > Exposure of Resource to Wrong Sphere
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-11-26 | CVE-2019-16387 | Exposure of Resource to Wrong Sphere vulnerability in Pega Platform 8.3 PEGA Platform 8.3.0 is vulnerable to a direct prweb/sso/random_token/!STANDARD?pyActivity=Data-Admin-DB-Name.DBSchema_ListDatabases request while using a low-privilege account. | 8.1 |
| 2019-11-26 | CVE-2019-16241 | Exposure of Resource to Wrong Sphere vulnerability in Alcatelmobile Cingular Flip 2 Firmware B9Huah1 On TCL Alcatel Cingular Flip 2 B9HUAH1 devices, PIN authentication can be bypassed by creating a special file within the /data/local/tmp/ directory. | 6.8 |
| 2019-11-21 | CVE-2019-16541 | Exposure of Resource to Wrong Sphere vulnerability in Jenkins Jira Jenkins JIRA Plugin 3.0.10 and earlier does not declare the correct (folder) scope for per-folder Jira site definitions, allowing users to select and use credentials with System scope. | 9.9 |
| 2019-11-15 | CVE-2014-0023 | Exposure of Resource to Wrong Sphere vulnerability in Redhat Openshift OpenShift: Install script has temporary file creation vulnerability which can result in arbitrary code execution | 7.8 |
| 2019-11-14 | CVE-2019-15350 | Exposure of Resource to Wrong Sphere vulnerability in Tecno-Mobile Tecno/H622/Tecno-Id5B:8.1.0/O11019/G-180829V31:User/Release-Keys Firmware The Tecno Camon Android device with a build fingerprint of TECNO/H622/TECNO-ID5b:8.1.0/O11019/G-180829V31:user/release-keys contains a pre-installed platform app with a package name of com.lovelyfont.defcontainer (versionCode=7, versionName=7.0.11). | 7.8 |
| 2019-11-14 | CVE-2019-15349 | Exposure of Resource to Wrong Sphere vulnerability in Tecno-Mobile Tecno/H612/Tecno-Id5A:8.1.0/O11019/F-180828V106:User/Release-Keys Firmware The Tecno Camon Android device with a build fingerprint of TECNO/H612/TECNO-ID5a:8.1.0/O11019/F-180828V106:user/release-keys contains a pre-installed platform app with a package name of com.lovelyfont.defcontainer (versionCode=7, versionName=7.0.11). | 7.8 |
| 2019-11-14 | CVE-2019-15346 | Exposure of Resource to Wrong Sphere vulnerability in Tecno-Mobile Camon Iclick 2 Firmware The Tecno Camon iClick 2 Android device with a build fingerprint of TECNO/H622/TECNO-ID6:8.1.0/O11019/F-180824V116:user/release-keys contains a pre-installed platform app with a package name of com.lovelyfont.defcontainer (versionCode=7, versionName=7.0.11). | 7.8 |
| 2019-11-14 | CVE-2019-15345 | Exposure of Resource to Wrong Sphere vulnerability in Tecno-Mobile Camon Iclick Firmware The Tecno Camon iClick Android device with a build fingerprint of TECNO/H633/TECNO-IN6:8.1.0/O11019/A-180409V96:user/release-keys contains a pre-installed platform app with a package name of com.lovelyfont.defcontainer (versionCode=7, versionName=7.0.8). | 7.8 |
| 2019-11-14 | CVE-2019-15341 | Exposure of Resource to Wrong Sphere vulnerability in Tecno-Mobile Camon Iair 2+ Firmware The Tecno Camon iAir 2 Plus Android device with a build fingerprint of TECNO/H622/TECNO-ID3k:8.1.0/O11019/E-180914V83:user/release-keys contains a pre-installed platform app with a package name of com.lovelyfont.defcontainer (versionCode=7, versionName=7.0.11). | 7.8 |
| 2019-11-14 | CVE-2019-18954 | Exposure of Resource to Wrong Sphere vulnerability in Netease Pomelo 2.2.5 Pomelo v2.2.5 allows external control of critical state data. | 5.3 |