Exposure of Resource to Wrong Sphere

Overview apache-airflow-providers-amazon is a Provider for Apache Airflow. Implements apache-airflow-providers-amazon package Affected versions of this package are vulnerable to Exposure of Resource to Wrong Sphere due to improper handling of the session token cookie path. An attacker can gain...

EUVD-2020-26568

Malware in sbrugna...

CVE-2025-6788

A CWE-668: Exposure of Resource to Wrong Sphere vulnerability exists that exposes TGML diagram resources to the wrong control sphere, providing other authenticated users with potentially inappropriate access to TGML diagrams...

K000148650: Intel processor vulnerabilities CVE-2024-22185 and CVE-2024-24985

Security Advisory Description CVE-2024-22185 Time-of-check Time-of-use Race Condition in some IntelR processors with IntelR ACTM may allow a privileged user to potentially enable escalation of privilege via local access. CVE-2024-24985 Exposure of resource to wrong sphere in some IntelR processor...

CVE-2024-39553

An Exposure of Resource to Wrong Sphere vulnerability in the sampling service of Juniper Networks Junos OS Evolved allows an unauthenticated network-based attacker to send arbitrary data to the device, which leads msvcsd process to crash with limited availability impacting Denial of Service DoS a...

Exposure Of Resource To Wrong Sphere

dirac is vulnerable to Exposure of Resource to Wrong Sphere. The vulnerability is due to the proxy generation process in ProxyFile.py, which allows unauthorized users on the same machine to read the proxy file allowing them to perform any action possible with the original proxy...

CVE-2024-21597

An Exposure of Resource to Wrong Sphere vulnerability in the Packet Forwarding Engine PFE of Juniper Networks Junos OS on MX Series allows an unauthenticated, network-based attacker to bypass the intended access restrictions. In an Abstracted Fabric AF scenario if routing-instances RI are...

CVE-2024-21597 Junos OS: MX Series: In an AF scenario traffic can bypass configured lo0 firewall filters

An Exposure of Resource to Wrong Sphere vulnerability in the Packet Forwarding Engine PFE of Juniper Networks Junos OS on MX Series allows an unauthenticated, network-based attacker to bypass the intended access restrictions. In an Abstracted Fabric AF scenario if routing-instances RI are...

PT-2024-1131 · Juniper Networks · Junos

Name of the Vulnerable Software and Affected Versions: Juniper Networks Junos OS on MX Series versions earlier than 20.4R3-S9 Juniper Networks Junos OS on MX Series version 21.2 versions earlier than 21.2R3-S3 Juniper Networks Junos OS on MX Series version 21.4 versions earlier than 21.4R3-S5...

CVE-2023-34189

Exposure of Resource to Wrong Sphere Vulnerability in Apache Software Foundation Apache InLong.This issue affects Apache InLong: from 1.4.0 through 1.7.0. The attacker could use general users to delete and update the process, which only the admin can operate occurrences. Users are advised to...

JVN#64316789: Multiple vulnerabilities in SoftEther VPN and PacketiX VPN

SoftEther VPN provided by University of Tsukuba SoftEther VPN Project and PacketiX VPN provided by SoftEther Corporation contain multiple vulnerabilities listed below in VPN Client function, and Dynamic DNS Client function included in the VPN server. Heap-based buffer overflow CWE-122 -...

CVE-2022-38087

Exposure of resource to wrong sphere in BIOS firmware for some IntelR Processors may allow a privileged user to potentially enable information disclosure via local access...

Remote code execution

A CWE-668: Exposure of Resource to Wrong Sphere vulnerability exists that could cause remote code execution when a valid user visits a malicious link provided through the web endpoints. Affected Products: EcoStruxure Control Expert V15.1 and above...

CVE-2023-27976

A CWE-668: Exposure of Resource to Wrong Sphere vulnerability exists that could cause remote code execution when a valid user visits a malicious link provided through the web endpoints. Affected Products: EcoStruxure Control Expert V15.1 and above...

SUSE CVE-2022-21947

A Exposure of Resource to Wrong Sphere vulnerability in Rancher Desktop of SUSE allows attackers in the local network to connect to the Dashboard API steve to carry out arbitrary actions. This issue affects: SUSE Rancher Desktop versions prior to V...

Siemens Brownfield Connectivity Gateway

As of January 10, 2023, CISA will no longer be updating ICS security advisories for Siemens product vulnerabilities beyond the initial advisory. For the most up-to-date information on vulnerabilities in this advisory, please seeSiemens' ProductCERT Security Advisories CERT Services | Services |...

Design/Logic Flaw

A CWE-668: Exposure of Resource to Wrong Sphere vulnerability exists that could cause all remote domains to access the resources data supplied by the server when an attacker sends a fetch request from third-party site or malicious site. Affected Products: EcoStruxure Power Commission Versions pri...

CVE-2022-26121

An exposure of resource to wrong sphere vulnerability CWE-668 in FortiAnalyzer and FortiManager GUI 7.0.0 through 7.0.3, 6.4.0 through 6.4.8, 6.2.0 through 6.2.9, 6.0.0 through 6.0.11, 5.6.0 through 5.6.11 may allow an unauthenticated and remote attacker to access report template images via...

CVE-2022-32530

CVE-2022-32530 affects Schneider Electric’s Geo SCADA Mobile (Build 222 and prior). The vulnerability is described as CWE-668: Exposure of Resource to Wrong Sphere, which could mislead users by hiding alarms or presenting incorrect server connection options or control requests when a mobile devic...

CVE-2022-21947

The CVE-2022-21947 entry concerns SUSE Rancher Desktop (Rancher Desktop) with an exposure of the Dashboard API (steve) to the local network. Affected: Rancher Desktop versions prior to V. Root cause: Exposure of Resource to Wrong Sphere vulnerability allows a local-network attacker to connect to ...