Vulnerabilities > Exposure of Resource to Wrong Sphere
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-06-26 | CVE-2019-3569 | Exposure of Resource to Wrong Sphere vulnerability in Facebook Hhvm HHVM, when used with FastCGI, would bind by default to all available interfaces. | 5.0 |
| 2019-06-24 | CVE-2019-12929 | Exposure of Resource to Wrong Sphere vulnerability in Qemu The QMP guest_exec command in QEMU 4.0.0 and earlier is prone to OS command injection, which allows the attacker to achieve code execution, denial of service, or information disclosure by sending a crafted QMP command to the listening server. | 9.8 |
| 2019-06-24 | CVE-2019-12928 | Exposure of Resource to Wrong Sphere vulnerability in Qemu The QMP migrate command in QEMU version 4.0.0 and earlier is vulnerable to OS command injection, which allows the remote attacker to achieve code execution, denial of service, or information disclosure by sending a crafted QMP command to the listening server. | 9.8 |
| 2019-06-20 | CVE-2019-1848 | Exposure of Resource to Wrong Sphere vulnerability in Cisco Digital Network Architecture Center A vulnerability in Cisco Digital Network Architecture (DNA) Center could allow an unauthenticated, adjacent attacker to bypass authentication and access critical internal services. | 4.8 |
| 2019-06-20 | CVE-2019-12904 | Exposure of Resource to Wrong Sphere vulnerability in multiple products In Libgcrypt 1.8.4, the C implementation of AES is vulnerable to a flush-and-reload side-channel attack because physical addresses are available to other processes. | 5.9 |
| 2019-06-18 | CVE-2019-12875 | Exposure of Resource to Wrong Sphere vulnerability in Alpinelinux Abuild Alpine Linux abuild through 3.4.0 allows an unprivileged member of the abuild group to add an untrusted package via a --keys-dir option that causes acceptance of an untrusted signing key. | 4.0 |
| 2019-05-30 | CVE-2018-4048 | Exposure of Resource to Wrong Sphere vulnerability in GOG Galaxy 1.2.48.36 An exploitable local privilege elevation vulnerability exists in the file system permissions of the `Temp` directory in GOG Galaxy 1.2.48.36 (Windows 64-bit Installer). | 7.2 |
| 2019-05-22 | CVE-2018-7846 | Exposure of Resource to Wrong Sphere vulnerability in Schneider-Electric products A CWE-501: Trust Boundary Violation vulnerability on connection to the Controller exists in all versions of the Modicon M580, Modicon M340, Modicon Quantum and Modicon Premium which could cause unauthorized access by conducting a brute force attack on Modbus protocol to the controller. | 5.0 |
| 2019-04-10 | CVE-2018-20321 | Exposure of Resource to Wrong Sphere vulnerability in Suse Rancher An issue was discovered in Rancher 2 through 2.1.5. | 9.0 |
| 2019-04-04 | CVE-2018-18068 | Exposure of Resource to Wrong Sphere vulnerability in Raspberrypi Raspberry PI 3 Model B+ Firmware The ARM-based hardware debugging feature on Raspberry Pi 3 module B+ and possibly other devices allows non-secure EL1 code to read/write any EL3 (the highest privilege level in ARMv8) memory/register via inter-processor debugging. | 10.0 |