Vulnerabilities > Exposure of Resource to Wrong Sphere
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2017-12-01 | CVE-2017-17087 | Exposure of Resource to Wrong Sphere vulnerability in multiple products fileio.c in Vim prior to 8.0.1263 sets the group ownership of a .swp file to the editor's primary group (which may be different from the group ownership of the original file), which allows local users to obtain sensitive information by leveraging an applicable group membership, as demonstrated by /etc/shadow owned by root:shadow mode 0640, but /etc/.shadow.swp owned by root:users mode 0640, a different vulnerability than CVE-2017-1000382. | 5.5 |
| 2017-11-30 | CVE-2017-12363 | Exposure of Resource to Wrong Sphere vulnerability in Cisco Webex Meetings Server 2.6.0.8/2.7 A vulnerability in Cisco WebEx Meeting Server could allow an unauthenticated, remote attacker to modify the welcome message of a meeting on an affected system. | 5.3 |
| 2017-11-30 | CVE-2017-12351 | Exposure of Resource to Wrong Sphere vulnerability in Cisco Nx-Os 7.0(3)I7(1)/8.1(0)Bd(0.20) A vulnerability in the guest shell feature of Cisco NX-OS System Software could allow an authenticated, local attacker to read and send packets outside the scope of the guest shell container. | 5.7 |
| 2017-11-30 | CVE-2017-12342 | Exposure of Resource to Wrong Sphere vulnerability in Cisco Nx-Os 7.0(0)Hsk(0.357)/8.1(1) A vulnerability in the Open Agent Container (OAC) feature of Cisco Nexus Series Switches could allow an unauthenticated, local attacker to read and send packets outside the scope of the OAC. | 6.8 |
| 2017-11-22 | CVE-2017-8185 | Exposure of Resource to Wrong Sphere vulnerability in Huawei Me906S-158 Firmware ME906s-158 earlier than ME906S_Installer_13.1805.10.3 versions has a privilege elevation vulnerability. | 7.8 |
| 2017-11-22 | CVE-2017-8171 | Exposure of Resource to Wrong Sphere vulnerability in Huawei P10 Plus Firmware Huawei smart phones with software earlier than Vicky-AL00AC00B172D versions have a Factory Reset Protection (FRP) bypass security vulnerability. | 4.6 |
| 2017-11-22 | CVE-2017-8161 | Exposure of Resource to Wrong Sphere vulnerability in Huawei Eva-L09 EVA-L09 smartphones with software Earlier than EVA-L09C25B150CUSTC25D003 versions,Earlier than EVA-L09C440B140 versions,Earlier than EVA-L09C464B361 versions,Earlier than EVA-L09C675B320CUSTC675D004 versions have Factory Reset Protection (FRP) bypass security vulnerability. | 4.6 |
| 2017-11-08 | CVE-2017-16660 | Exposure of Resource to Wrong Sphere vulnerability in Cacti 1.1.27 Cacti 1.1.27 allows remote authenticated administrators to conduct Remote Code Execution attacks by placing the Log Path under the web root, and then making a remote_agent.php request containing PHP code in a Client-ip header. | 7.2 |
| 2017-10-18 | CVE-2017-15592 | Exposure of Resource to Wrong Sphere vulnerability in XEN An issue was discovered in Xen through 4.9.x allowing x86 HVM guest OS users to cause a denial of service (hypervisor crash) or possibly gain privileges because self-linear shadow mappings are mishandled for translated guests. | 8.8 |
| 2017-09-13 | CVE-2017-12249 | Exposure of Resource to Wrong Sphere vulnerability in Cisco Meeting Server A vulnerability in the Traversal Using Relay NAT (TURN) server included with Cisco Meeting Server (CMS) could allow an authenticated, remote attacker to gain unauthenticated or unauthorized access to components of or sensitive information in an affected system. | 9.1 |