Vulnerabilities > Incorrect Resource Transfer Between Spheres
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-08-27 | CVE-2019-13266 | Incorrect Resource Transfer Between Spheres vulnerability in Tp-Link Archer C2 V1 Firmware and Archer C3200 V1 Firmware TP-Link Archer C3200 V1 and Archer C2 V1 devices have Insufficient Compartmentalization between a host network and a guest network that are established by the same device. | 5.8 |
| 2019-08-27 | CVE-2019-13263 | Incorrect Resource Transfer Between Spheres vulnerability in Dlink Dir-825/Ac G1 Firmware D-link DIR-825AC G1 devices have Insufficient Compartmentalization between a host network and a guest network that are established by the same device. | 8.8 |
| 2019-08-21 | CVE-2018-17791 | Incorrect Resource Transfer Between Spheres vulnerability in Newgensoft Omniflow Intelligent Business Process Suite 7.0 Newgen OmniFlow Intelligent Business Process Suite (iBPS) 7.0 has an "improper server side validation" vulnerability where client-side validations are tampered, and inappropriate information is stored on the server side and fetched from the server every time the user visits the D, creating business confusion. | 5.0 |
| 2019-07-29 | CVE-2019-1020011 | Incorrect Resource Transfer Between Spheres vulnerability in Charcoal-Se Smokedetector SmokeDetector intentionally does automatic deployments of updated copies of SmokeDetector without server operator authority. | 6.5 |
| 2019-06-14 | CVE-2019-11770 | Incorrect Resource Transfer Between Spheres vulnerability in Eclipse Buildship In Eclipse Buildship versions prior to 3.1.1, the build files indicate that this project is resolving dependencies over HTTP instead of HTTPS. | 8.1 |
| 2019-05-24 | CVE-2019-11875 | Incorrect Resource Transfer Between Spheres vulnerability in Blueprism Robotic Process Automation 6.4.0.8445 In AutomateAppCore.dll in Blue Prism Robotic Process Automation 6.4.0.8445, a vulnerability in access control can be exploited to escalate privileges. | 6.5 |
| 2019-04-22 | CVE-2019-10248 | Incorrect Resource Transfer Between Spheres vulnerability in Eclipse Vorto Eclipse Vorto versions prior to 0.11 resolved Maven build artifacts for the Xtext project over HTTP instead of HTTPS. | 6.8 |
| 2017-10-17 | CVE-2017-14013 | Incorrect Resource Transfer Between Spheres vulnerability in Prominent Multiflex M10A Controller Firmware A Client-Side Enforcement of Server-Side Security issue was discovered in ProMinent MultiFLEX M10a Controller web interface. | 6.8 |
| 2016-09-29 | CVE-2016-5062 | Incorrect Resource Transfer Between Spheres vulnerability in Aternity 9.0 The web server in Aternity before 9.0.1 does not require authentication for getMBeansFromURL loading of Java MBeans, which allows remote attackers to execute arbitrary Java code by registering MBeans. | 9.3 |
| 2004-09-16 | CVE-2004-0872 | Incorrect Resource Transfer Between Spheres vulnerability in Opera Browser 7.51 Opera does not prevent cookies that are sent over an insecure channel (HTTP) from also being sent over a secure channel (HTTPS/SSL) in the same domain, which could allow remote attackers to steal cookies and conduct unauthorized activities, aka "Cross Security Boundary Cookie Injection." | 5.0 |