Vulnerabilities > Incorrect Resource Transfer Between Spheres
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-08-27 | CVE-2019-13263 | Incorrect Resource Transfer Between Spheres vulnerability in Dlink Dir-825/Ac G1 Firmware D-link DIR-825AC G1 devices have Insufficient Compartmentalization between a host network and a guest network that are established by the same device. | 8.8 |
| 2019-08-21 | CVE-2018-17791 | Incorrect Resource Transfer Between Spheres vulnerability in Newgensoft Omniflow Intelligent Business Process Suite 7.0 Newgen OmniFlow Intelligent Business Process Suite (iBPS) 7.0 has an "improper server side validation" vulnerability where client-side validations are tampered, and inappropriate information is stored on the server side and fetched from the server every time the user visits the D, creating business confusion. | 7.5 |
| 2019-07-29 | CVE-2019-1020011 | Incorrect Resource Transfer Between Spheres vulnerability in Charcoal-Se Smokedetector SmokeDetector intentionally does automatic deployments of updated copies of SmokeDetector without server operator authority. | 7.2 |
| 2019-06-14 | CVE-2019-11770 | Incorrect Resource Transfer Between Spheres vulnerability in Eclipse Buildship In Eclipse Buildship versions prior to 3.1.1, the build files indicate that this project is resolving dependencies over HTTP instead of HTTPS. | 8.1 |
| 2019-04-22 | CVE-2019-10248 | Incorrect Resource Transfer Between Spheres vulnerability in Eclipse Vorto Eclipse Vorto versions prior to 0.11 resolved Maven build artifacts for the Xtext project over HTTP instead of HTTPS. | 8.1 |
| 2017-10-17 | CVE-2017-14013 | Incorrect Resource Transfer Between Spheres vulnerability in Prominent Multiflex M10A Controller Firmware A Client-Side Enforcement of Server-Side Security issue was discovered in ProMinent MultiFLEX M10a Controller web interface. | 5.6 |
| 2016-09-29 | CVE-2016-5062 | Incorrect Resource Transfer Between Spheres vulnerability in Aternity 9.0 The web server in Aternity before 9.0.1 does not require authentication for getMBeansFromURL loading of Java MBeans, which allows remote attackers to execute arbitrary Java code by registering MBeans. | 9.8 |