Vulnerabilities > Exposure of Resource to Wrong Sphere
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2023-08-13 | CVE-2023-39383 | Exposure of Resource to Wrong Sphere vulnerability in Huawei Emui and Harmonyos Vulnerability of input parameters being not strictly verified in the AMS module. | 7.5 |
2023-08-10 | CVE-2023-38830 | Exposure of Resource to Wrong Sphere vulnerability in PHPjabbers Yacht Listing Script 1.0 An information leak in PHPJabbers Yacht Listing Script v1.0 allows attackers to export clients' credit card numbers from the Reservations module. | 7.5 |
2023-08-08 | CVE-2023-39214 | Exposure of Resource to Wrong Sphere vulnerability in Zoom Meeting Software Development Kit, Rooms and Zoom Exposure of sensitive information in Zoom Client SDK's before 5.15.5 may allow an authenticated user to enable a denial of service via network access. | 8.1 |
2023-08-03 | CVE-2023-38955 | Exposure of Resource to Wrong Sphere vulnerability in Zkteco Bioaccess IVS 3.3.1 ZKTeco BioAccess IVS v3.3.1 allows unauthenticated attackers to obtain sensitive information about all managed devices, including their IP addresses and device names. | 7.5 |
2023-08-03 | CVE-2023-33368 | Exposure of Resource to Wrong Sphere vulnerability in Assaabloy Control ID Idsecure 4.7.26.0 Some API routes exists in Control ID IDSecure 4.7.26.0 and prior, exfiltrating sensitive information and passwords to users accessing these API routes. | 6.5 |
2023-07-26 | CVE-2023-39155 | Exposure of Resource to Wrong Sphere vulnerability in Jenkins Chef Identity Jenkins Chef Identity Plugin 2.0.3 and earlier does not mask the user.pem key form field, increasing the potential for attackers to observe and capture it. | 5.3 |
2023-07-25 | CVE-2022-46901 | Exposure of Resource to Wrong Sphere vulnerability in Vocera Report Server and Voice Server An issue was discovered in Vocera Report Server and Voice Server 5.x through 5.8. | 7.5 |
2023-07-20 | CVE-2023-37645 | Exposure of Resource to Wrong Sphere vulnerability in Eyoucms 1.6.3 eyoucms v1.6.3 was discovered to contain an information disclosure vulnerability via the component /custom_model_path/recruit.filelist.txt. | 5.3 |
2023-07-20 | CVE-2023-3299 | Exposure of Resource to Wrong Sphere vulnerability in Hashicorp Nomad HashiCorp Nomad Enterprise 1.2.11 up to 1.5.6, and 1.4.10 ACL policies using a block without a label generates unexpected results. | 2.7 |
2023-07-14 | CVE-2023-32759 | Exposure of Resource to Wrong Sphere vulnerability in Archerirm Archer An issue in Archer Platform before v.6.13 and fixed in 6.12.0.6 and 6.13.0 allows an authenticated attacker to obtain sensitive information via a crafted URL. | 6.5 |