Vulnerabilities > Incorrect Resource Transfer Between Spheres
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-12-18 | CVE-2020-26177 | Incorrect Resource Transfer Between Spheres vulnerability in Tangro Business Workflow 1.17.5 In tangro Business Workflow before 1.18.1, a user's profile contains some items that are greyed out and thus are not intended to be edited by regular users. | 4.3 |
| 2020-12-07 | CVE-2020-5800 | Incorrect Resource Transfer Between Spheres vulnerability in EAT Spray Love Project EAT Spray Love 2.0.20 The Eat Spray Love mobile app for both iOS and Android contains logic that allows users to bypass authentication and retrieve or modify information that they would not normally have access to. | 9.8 |
| 2020-08-11 | CVE-2020-10778 | Incorrect Resource Transfer Between Spheres vulnerability in Redhat Cloudforms 4.7/5.0.0 In Red Hat CloudForms 4.7 and 5, the read only widgets can be edited by inspecting the forms and dropping the disabled attribute from the fields since there is no server-side validation. | 6.0 |
| 2020-07-22 | CVE-2020-15892 | Incorrect Resource Transfer Between Spheres vulnerability in Dlink Dap-1520 Firmware 1.0.8/1.10B04 An issue was discovered in apply.cgi on D-Link DAP-1520 devices before 1.10b04Beta02. | 9.8 |
| 2020-05-21 | CVE-2020-1048 | Incorrect Resource Transfer Between Spheres vulnerability in Microsoft products An elevation of privilege vulnerability exists when the Windows Print Spooler service improperly allows arbitrary writing to the file system, aka 'Windows Print Spooler Elevation of Privilege Vulnerability'. | 7.8 |
| 2020-01-17 | CVE-2020-6862 | Incorrect Resource Transfer Between Spheres vulnerability in ZTE F6X2W Firmware 6.0.10P2T2/6.0.10P2T5 V6.0.10P2T2 and V6.0.10P2T5 of F6x2W product are impacted by Information leak vulnerability. | 5.3 |
| 2019-11-01 | CVE-2012-2979 | Incorrect Resource Transfer Between Spheres vulnerability in Freebsd Name Server Daemon FreeBSD NSD before 3.2.13 allows remote attackers to crash a NSD child server process (SIGSEGV) and cause a denial of service in the NSD server. | 7.5 |
| 2019-10-02 | CVE-2019-13025 | Incorrect Resource Transfer Between Spheres vulnerability in Compal Ch7465Lg Firmware Ch7465Lgncip6.12.18.245P8Nosh Compal CH7465LG CH7465LG-NCIP-6.12.18.24-5p8-NOSH devices have Incorrect Access Control because of Improper Input Validation. | 9.8 |
| 2019-09-05 | CVE-2019-10753 | Incorrect Resource Transfer Between Spheres vulnerability in Diffplug Eclipse-Cdt, Eclipse-Groovy and Eclipse-Wtp In all versions prior to version 3.9.6 for eclipse-wtp, all versions prior to version 9.4.4 for eclipse-cdt, and all versions prior to version 3.0.1 for eclipse-groovy, Spotless was resolving dependencies over an insecure channel (http). | 5.9 |
| 2019-08-27 | CVE-2019-13266 | Incorrect Resource Transfer Between Spheres vulnerability in Tp-Link Archer C2 V1 Firmware and Archer C3200 V1 Firmware TP-Link Archer C3200 V1 and Archer C2 V1 devices have Insufficient Compartmentalization between a host network and a guest network that are established by the same device. | 8.8 |