Vulnerabilities > Exposure of Resource to Wrong Sphere
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2017-08-08 | CVE-2017-6872 | Exposure of Resource to Wrong Sphere vulnerability in Siemens Ozw672 Firmware and Ozw772 Firmware A vulnerability was discovered in Siemens OZW672 (all versions) and OZW772 (all versions) that could allow an attacker with access to port 21/tcp to access or alter historical measurement data stored on the device. | 6.5 |
| 2017-08-03 | CVE-2017-11382 | Exposure of Resource to Wrong Sphere vulnerability in Trendmicro Deep Discovery Email Inspector 2.5.1 Denial of Service vulnerability in Trend Micro Deep Discovery Email Inspector 2.5.1 allows remote attackers to delete arbitrary files on vulnerable installations, thus disabling the service. | 7.5 |
| 2017-06-15 | CVE-2017-0215 | Exposure of Resource to Wrong Sphere vulnerability in Microsoft Windows 10 and Windows Server 2016 Microsoft Windows 10 1607 and Windows Server 2016 allow an attacker to exploit a security feature bypass vulnerability in Device Guard that could allow the attacker to inject malicious code into a Windows PowerShell session, aka "Device Guard Code Integrity Policy Security Feature Bypass Vulnerability." This CVE ID is unique from CVE-2017-0173, CVE-2017-0216, CVE-2017-0218, and CVE-2017-0219. | 5.3 |
| 2017-05-15 | CVE-2017-7490 | Exposure of Resource to Wrong Sphere vulnerability in Moodle In Moodle 2.x and 3.x, searching of arbitrary blogs is possible because a capability check is missing. | 5.3 |
| 2017-05-02 | CVE-2017-8418 | Exposure of Resource to Wrong Sphere vulnerability in Rubocop Project Rubocop RuboCop 0.48.1 and earlier does not use /tmp in safe way, allowing local users to exploit this to tamper with cache files belonging to other users. | 3.3 |
| 2017-04-17 | CVE-2017-5648 | Exposure of Resource to Wrong Sphere vulnerability in Apache Tomcat While investigating bug 60718, it was noticed that some calls to application listeners in Apache Tomcat 9.0.0.M1 to 9.0.0.M17, 8.5.0 to 8.5.11, 8.0.0.RC1 to 8.0.41, and 7.0.0 to 7.0.75 did not use the appropriate facade object. | 9.1 |
| 2017-02-23 | CVE-2017-6100 | Exposure of Resource to Wrong Sphere vulnerability in Tcpdf Project Tcpdf tcpdf before 6.2.0 uploads files from the server generating PDF-files to an external FTP. | 7.5 |
| 2017-02-09 | CVE-2017-5634 | Exposure of Resource to Wrong Sphere vulnerability in Norwegian-Air Norwegian AIR Kiosk The Norwegian Air Shuttle (aka norwegian.com) airline kiosk allows physically proximate attackers to bypass the intended "Please select booking identification" UI step, and obtain administrative privileges and network access on the underlying Windows OS, by accessing a touch-screen print icon to manipulate the print dialog. | 6.6 |
| 2016-12-29 | CVE-2016-5334 | Exposure of Resource to Wrong Sphere vulnerability in VMWare Identity Manager and Vrealize Automation VMware Identity Manager 2.x before 2.7.1 and vRealize Automation 7.x before 7.2.0 allow remote attackers to read /SAAS/WEB-INF and /SAAS/META-INF files via unspecified vectors. | 5.3 |
| 2016-07-15 | CVE-2016-5787 | Exposure of Resource to Wrong Sphere vulnerability in GE Cimplicity General Electric (GE) Digital Proficy HMI/SCADA - CIMPLICITY before 8.2 SIM 27 mishandles service DACLs, which allows local users to modify a service configuration via unspecified vectors. | 6.3 |