CWE-669
Incorrect Resource Transfer Between Spheres
ClassDraft
Description
The product does not properly transfer a resource/behavior to another sphere, or improperly imports a resource/behavior from another sphere, in a manner that provides unintended control over that resource.
Hierarchy (View 1000)
CVEs mapped to this weakness (31)
page 2 of 2| CVE | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2025-59691 | Low | 0.24 | 3.7 | 0.00 | Sep 18, 2025 | PureVPN client applications on Linux through September 2025 allow IPv6 traffic to leak outside the VPN tunnel upon network events such as Wi-Fi reconnect or system resume. In the CLI client, the VPN auto-reconnects and claims to be connected, but IPv6 traffic is no longer routed or blocked. In the GUI client, the IPv6 connection remains functional after disconnection until the user clicks Reconnect. In both cases, the real IPv6 address is exposed to external services, violating user privacy and defeating the advertised IPv6 leak protection. This affects CLI 2.0.1 and GUI 2.10.0. | |
| CVE-2025-54352 | Low | 0.24 | 3.7 | 0.00 | Jul 21, 2025 | WordPress 3.5 through 6.8.2 allows remote attackers to guess titles of private and draft posts via pingback.ping XML-RPC requests. NOTE: the Supplier is not changing this behavior. | |
| CVE-2025-56675 | Low | 0.23 | 3.5 | 0.00 | Sep 30, 2025 | The EKEN video doorbell T6 BT60PLUS_MAIN_V1.0_GC1084_20230531 periodically sends debug logs to the EKEN cloud servers with sensitive information such as the Wi-Fi SSID and password. | |
| CVE-2026-32772 | Low | 0.22 | 3.4 | 0.00 | Mar 16, 2026 | telnet in GNU inetutils through 2.7 allows servers to read arbitrary environment variables from clients via NEW_ENVIRON SEND USERVAR. | |
| CVE-2025-59453 | Low | 0.21 | 3.2 | 0.00 | Sep 16, 2025 | Click Studios Passwordstate before 9.9 Build 9972 has a potential authentication bypass for Passwordstate emergency access. By using a crafted URL while on the Emergency Access web page, an unauthorized person can gain access to the Passwordstate Administration section. | |
| CVE-2026-40228 | Low | 0.19 | 2.9 | 0.00 | Apr 10, 2026 | In systemd 259, systemd-journald can send ANSI escape sequences to the terminals of arbitrary users when a "logger -p emerg" command is executed, if ForwardToWall=yes is set. | |
| CVE-2024-31573 | Med | 0.19 | 4.0 | 0.00 | Oct 17, 2025 | XMLUnit for Java before 2.10.0, in the default configuration, might allow code execution via an untrusted stylesheet (used for an XSLT transformation), because XSLT extension functions are enabled. | |
| CVE-2025-26698 | Low | 0.18 | 2.7 | 0.00 | Feb 26, 2025 | Incorrect resource transfer between spheres issue exists in RevoWorks SCVX and RevoWorks Browser. If exploited, malicious files may be downloaded to the system where using the product. | |
| CVE-2025-54956 | Low | 0.14 | 3.2 | 0.00 | Aug 3, 2025 | The gh package before 1.5.0 for R delivers an HTTP response in a data structure that includes the Authorization header from the corresponding HTTP request. | |
| CVE-2002-0055 | 0.04 | — | 0.48 | Mar 8, 2002 | SMTP service in Microsoft Windows 2000, Windows XP Professional, and Exchange 2000 allows remote attackers to cause a denial of service via a command with a malformed data transfer (BDAT) request. | ||
| CVE-2004-0872 | 0.00 | — | 0.01 | Sep 16, 2004 | Opera does not prevent cookies that are sent over an insecure channel (HTTP) from also being sent over a secure channel (HTTPS/SSL) in the same domain, which could allow remote attackers to steal cookies and conduct unauthorized activities, aka "Cross Security Boundary Cookie Injection." |