CWE-668
Exposure of Resource to Wrong Sphere
Description
The product exposes a resource to the wrong control sphere, providing unintended actors with inappropriate access to the resource.
Hierarchy (View 1000)
CVEs mapped to this weakness (268)
page 9 of 14| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2022-45438 | 0.00 | — | 0.01 | Jan 16, 2023 | When explicitly enabling the feature flag DASHBOARD_CACHE (disabled by default), the system allowed for an unauthenticated user to access dashboard configuration metadata using a REST API Get endpoint. This issue affects Apache Superset version 1.5.2 and prior versions and… | |||
| CVE-2022-24913 | 0.00 | — | 0.00 | Jan 12, 2023 | Versions of the package com.fasterxml.util:java-merge-sort before 1.1.0 are vulnerable to Insecure Temporary File in the StdTempFileProvider() function in StdTempFileProvider.java, which uses the permissive File.createTempFile() function, exposing temporary file contents. | |||
| CVE-2018-25068 | — | 0.00 | — | 0.01 | Jan 6, 2023 | A vulnerability has been found in devent globalpom-utils up to 4.5.0 and classified as critical. This vulnerability affects the function createTmpDir of the file globalpomutils-fileresources/src/main/java/com/anrisoftware/globalpom/fileresourcemanager/FileResourceManagerProvider.… | ||
| CVE-2022-45935 | 0.00 | — | 0.00 | Jan 6, 2023 | Usage of temporary files with insecure permissions by the Apache James server allows an attacker with local access to access private user data in transit. Vulnerable components includes the SMTP stack and IMAP APPEND command. This issue affects Apache James server version… | |||
| CVE-2015-10004 | 0.00 | — | 0.01 | Dec 27, 2022 | Token validation methods are susceptible to a timing side-channel during HMAC comparison. With a large enough number of requests over a low latency connection, an attacker may use this to determine the expected HMAC. | |||
| CVE-2022-47410 | — | 0.00 | — | 0.01 | Dec 14, 2022 | An issue was discovered in the fp_newsletter (aka Newsletter subscriber management) extension before 1.1.1, 1.2.0, 2.x before 2.1.2, 2.2.1 through 2.4.0, and 3.x before 3.2.6 for TYPO3. Data about subscribers may be obtained via createAction operations. | ||
| CVE-2022-47411 | — | 0.00 | — | 0.01 | Dec 14, 2022 | An issue was discovered in the fp_newsletter (aka Newsletter subscriber management) extension before 1.1.1, 1.2.0, 2.x before 2.1.2, 2.2.1 through 2.4.0, and 3.x before 3.2.6 for TYPO3. Data about subscribers may be obtained via unsubscribeAction operations. | ||
| CVE-2022-21126 | — | 0.00 | — | 0.01 | Nov 29, 2022 | The package com.github.samtools:htsjdk before 3.0.1 are vulnerable to Creation of Temporary File in Directory with Insecure Permissions due to the createTempDir() function in util/IOUtil.java not checking for the existence of the temporary directory before attempting to create… | ||
| CVE-2022-41954 | 0.00 | — | 0.00 | Nov 25, 2022 | MPXJ is an open source library to read and write project plans from a variety of file formats and databases. On Unix-like operating systems (not Windows or macos), MPXJ's use of `File.createTempFile(..)` results in temporary files being created with the permissions `-rw-r--r--`.… | |||
| CVE-2022-41946 | 0.00 | — | 0.00 | Nov 23, 2022 | pgjdbc is an open source postgresql JDBC Driver. In affected versions a prepared statement using either `PreparedStatement.setText(int, InputStream)` or `PreparedStatemet.setBytea(int, InputStream)` will create a temporary file if the InputStream is larger than 2k. This will… | |||
| CVE-2022-3952 | 0.00 | — | 0.01 | Nov 11, 2022 | A vulnerability has been found in ManyDesigns Portofino 5.3.2 and classified as problematic. Affected by this vulnerability is the function createTempDir of the file WarFileLauncher.java. The manipulation leads to creation of temporary file in directory with insecure… | |||
| CVE-2022-3866 | 0.00 | — | 0.01 | Nov 10, 2022 | HashiCorp Nomad and Nomad Enterprise 1.4.0 up to 1.4.1 workload identity token can list non-sensitive metadata for paths under nomad/ that belong to other jobs in the same namespace. Fixed in 1.4.2. | |||
| CVE-2022-39315 | 0.00 | — | 0.01 | Oct 25, 2022 | Kirby is a Content Management System. Prior to versions 3.5.8.2, 3.6.6.2, 3.7.5.1, and 3.8.1, a user enumeration vulnerability affects all Kirby sites with user accounts unless Kirby's API and Panel are disabled in the config. It can only be exploited for targeted attacks… | |||
| CVE-2022-40316 | — | 0.00 | — | 0.01 | Sep 30, 2022 | The H5P activity attempts report did not filter by groups, which in separate groups mode could reveal information to non-editing teachers about attempts/users in groups they should not have access to. | ||
| CVE-2022-34867 | — | 0.00 | — | 0.01 | Sep 6, 2022 | Unauthenticated Sensitive Information Disclosure vulnerability in WP Libre Form 2 plugin <= 2.0.8 at WordPress allows attackers to list and delete submissions. Affects only versions from 2.0.0 to 2.0.8. | ||
| CVE-2021-3859 | — | 0.00 | — | 0.01 | Aug 26, 2022 | A flaw was found in Undertow that tripped the client-side invocation timeout with certain calls made over HTTP2. This flaw allows an attacker to carry out denial of service attacks. | ||
| CVE-2022-35936 | — | 0.00 | — | 0.01 | Aug 5, 2022 | Ethermint is an Ethereum library. In Ethermint running versions before `v0.17.2`, the contract `selfdestruct` invocation permanently removes the corresponding bytecode from the internal database storage. However, due to a bug in the `DeleteAccount`function, all contracts that… | ||
| CVE-2022-36901 | — | 0.00 | — | 0.01 | Jul 27, 2022 | Jenkins HTTP Request Plugin 1.15 and earlier stores HTTP Request passwords unencrypted in its global configuration file on the Jenkins controller where they can be viewed by users with access to the Jenkins controller file system. | ||
| CVE-2022-30187 | — | 0.00 | — | 0.01 | Jul 12, 2022 | Azure Storage Library Information Disclosure Vulnerability | ||
| CVE-2022-29247 | 0.00 | — | 0.01 | Jun 13, 2022 | Electron is a framework for writing cross-platform desktop applications using JavaScript (JS), HTML, and CSS. A vulnerability in versions prior to 18.0.0-beta.6, 17.2.0, 16.2.6, and 15.5.5 allows a renderer with JS execution to obtain access to a new renderer process with… |
- CVE-2022-45438Jan 16, 2023risk 0.00cvss —epss 0.01
When explicitly enabling the feature flag DASHBOARD_CACHE (disabled by default), the system allowed for an unauthenticated user to access dashboard configuration metadata using a REST API Get endpoint. This issue affects Apache Superset version 1.5.2 and prior versions and…
- CVE-2022-24913Jan 12, 2023risk 0.00cvss —epss 0.00
Versions of the package com.fasterxml.util:java-merge-sort before 1.1.0 are vulnerable to Insecure Temporary File in the StdTempFileProvider() function in StdTempFileProvider.java, which uses the permissive File.createTempFile() function, exposing temporary file contents.
- CVE-2018-25068Jan 6, 2023risk 0.00cvss —epss 0.01
A vulnerability has been found in devent globalpom-utils up to 4.5.0 and classified as critical. This vulnerability affects the function createTmpDir of the file globalpomutils-fileresources/src/main/java/com/anrisoftware/globalpom/fileresourcemanager/FileResourceManagerProvider.…
- CVE-2022-45935Jan 6, 2023risk 0.00cvss —epss 0.00
Usage of temporary files with insecure permissions by the Apache James server allows an attacker with local access to access private user data in transit. Vulnerable components includes the SMTP stack and IMAP APPEND command. This issue affects Apache James server version…
- CVE-2015-10004Dec 27, 2022risk 0.00cvss —epss 0.01
Token validation methods are susceptible to a timing side-channel during HMAC comparison. With a large enough number of requests over a low latency connection, an attacker may use this to determine the expected HMAC.
- CVE-2022-47410Dec 14, 2022risk 0.00cvss —epss 0.01
An issue was discovered in the fp_newsletter (aka Newsletter subscriber management) extension before 1.1.1, 1.2.0, 2.x before 2.1.2, 2.2.1 through 2.4.0, and 3.x before 3.2.6 for TYPO3. Data about subscribers may be obtained via createAction operations.
- CVE-2022-47411Dec 14, 2022risk 0.00cvss —epss 0.01
An issue was discovered in the fp_newsletter (aka Newsletter subscriber management) extension before 1.1.1, 1.2.0, 2.x before 2.1.2, 2.2.1 through 2.4.0, and 3.x before 3.2.6 for TYPO3. Data about subscribers may be obtained via unsubscribeAction operations.
- CVE-2022-21126Nov 29, 2022risk 0.00cvss —epss 0.01
The package com.github.samtools:htsjdk before 3.0.1 are vulnerable to Creation of Temporary File in Directory with Insecure Permissions due to the createTempDir() function in util/IOUtil.java not checking for the existence of the temporary directory before attempting to create…
- CVE-2022-41954Nov 25, 2022risk 0.00cvss —epss 0.00
MPXJ is an open source library to read and write project plans from a variety of file formats and databases. On Unix-like operating systems (not Windows or macos), MPXJ's use of `File.createTempFile(..)` results in temporary files being created with the permissions `-rw-r--r--`.…
- CVE-2022-41946Nov 23, 2022risk 0.00cvss —epss 0.00
pgjdbc is an open source postgresql JDBC Driver. In affected versions a prepared statement using either `PreparedStatement.setText(int, InputStream)` or `PreparedStatemet.setBytea(int, InputStream)` will create a temporary file if the InputStream is larger than 2k. This will…
- CVE-2022-3952Nov 11, 2022risk 0.00cvss —epss 0.01
A vulnerability has been found in ManyDesigns Portofino 5.3.2 and classified as problematic. Affected by this vulnerability is the function createTempDir of the file WarFileLauncher.java. The manipulation leads to creation of temporary file in directory with insecure…
- CVE-2022-3866Nov 10, 2022risk 0.00cvss —epss 0.01
HashiCorp Nomad and Nomad Enterprise 1.4.0 up to 1.4.1 workload identity token can list non-sensitive metadata for paths under nomad/ that belong to other jobs in the same namespace. Fixed in 1.4.2.
- CVE-2022-39315Oct 25, 2022risk 0.00cvss —epss 0.01
Kirby is a Content Management System. Prior to versions 3.5.8.2, 3.6.6.2, 3.7.5.1, and 3.8.1, a user enumeration vulnerability affects all Kirby sites with user accounts unless Kirby's API and Panel are disabled in the config. It can only be exploited for targeted attacks…
- CVE-2022-40316Sep 30, 2022risk 0.00cvss —epss 0.01
The H5P activity attempts report did not filter by groups, which in separate groups mode could reveal information to non-editing teachers about attempts/users in groups they should not have access to.
- CVE-2022-34867Sep 6, 2022risk 0.00cvss —epss 0.01
Unauthenticated Sensitive Information Disclosure vulnerability in WP Libre Form 2 plugin <= 2.0.8 at WordPress allows attackers to list and delete submissions. Affects only versions from 2.0.0 to 2.0.8.
- CVE-2021-3859Aug 26, 2022risk 0.00cvss —epss 0.01
A flaw was found in Undertow that tripped the client-side invocation timeout with certain calls made over HTTP2. This flaw allows an attacker to carry out denial of service attacks.
- CVE-2022-35936Aug 5, 2022risk 0.00cvss —epss 0.01
Ethermint is an Ethereum library. In Ethermint running versions before `v0.17.2`, the contract `selfdestruct` invocation permanently removes the corresponding bytecode from the internal database storage. However, due to a bug in the `DeleteAccount`function, all contracts that…
- CVE-2022-36901Jul 27, 2022risk 0.00cvss —epss 0.01
Jenkins HTTP Request Plugin 1.15 and earlier stores HTTP Request passwords unencrypted in its global configuration file on the Jenkins controller where they can be viewed by users with access to the Jenkins controller file system.
- CVE-2022-30187Jul 12, 2022risk 0.00cvss —epss 0.01
Azure Storage Library Information Disclosure Vulnerability
- CVE-2022-29247Jun 13, 2022risk 0.00cvss —epss 0.01
Electron is a framework for writing cross-platform desktop applications using JavaScript (JS), HTML, and CSS. A vulnerability in versions prior to 18.0.0-beta.6, 17.2.0, 16.2.6, and 15.5.5 allows a renderer with JS execution to obtain access to a new renderer process with…