Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CWE-668 (将资源暴露给错误范围) — Vulnerability Class 126

126 vulnerabilities classified as CWE-668 (将资源暴露给错误范围). AI Chinese analysis included.

CVE IDTitleCVSSSeverityPublished
CVE-2023-3670 Codesys: Vulnerability in CODESYS Development System and CODESYS Scripting — CODESYS Development System 7.3 High2023-07-28
CVE-2023-34189 Apache InLong: General user can delete and update process — Apache InLong 9.1 -2023-07-25
CVE-2023-35696 SICK ICR890-4 安全漏洞 — ICR890-4 7.5 High2023-07-10
CVE-2023-34114 Zoom Client 安全漏洞 — Zoom for Windows Client 7.4 High2023-06-13
CVE-2023-31103 Apache InLong: Attackers can change the immutable name and type of cluster — Apache InLong 8.2 -2023-05-22
CVE-2023-31206 Apache InLong: Attackers can change the immutable name and type of nodes — Apache InLong 8.2 -2023-05-22
CVE-2023-27976 Schneider Electric EcoStruxure Control Expert 安全漏洞 — EcoStruxure Control Expert 8.8 High2023-04-18
CVE-2023-29208 Data leak through deleted documents — xwiki-platform 7.5 High2023-04-15
CVE-2023-26458 Information Disclosure vulnerability in SAP Landscape Management — Landscape Management 6.8 Medium2023-04-11
CVE-2023-29192 SilverwareGames.io users with access to the game upload panel are able to edit download links for games uploaded by other developers — silverwaregames-io-issue-tracker 2.7 Low2023-04-10
CVE-2023-28433 Minio Privilege Escalation on Windows via Path separator manipulation — minio 8.8 High2023-03-22
CVE-2023-24523 SAP Host Agent 安全漏洞 — Host Agent Service 8.8 High2023-02-14
CVE-2022-46756 Dell VxRail 安全漏洞 — VxRail HCI 8.2 High2023-02-01
CVE-2022-22732 Schneider Electric EcoStruxure Power Commission 安全漏洞 — EcoStruxure Power Commission 3.9 Low2023-01-30
CVE-2022-45438 Apache Superset: Dashboard metadata information leak — Apache Superset 5.3 -2023-01-16
CVE-2022-45935 Apache James server: Temporary File Information Disclosure — Apache James server 5.5 -2023-01-06
CVE-2022-31596 SAP BusinessObjects Business Intelligence Platform 安全漏洞 — SAP Business Objects Platform (Monitoring DB) 6.7 -2022-12-12
CVE-2022-3866 Nomad Workload Identity Token Can List Non-sensitive Metadata for Paths Under nomad/ — Nomad 5.0 Medium2022-11-10
CVE-2022-41874 Tauri Filesystem Scope can be Partially Bypassed — tauri 2.6 Low2022-11-10
CVE-2022-39015 SAP BusinessObjects Business Intelligence Platform 安全漏洞 — SAP BusinessObjects Business Intelligence Platform (AdminTools/Query Builder) 6.5 -2022-10-11
CVE-2022-35936 Ethermint DoS through Unintended Contract Selfdestruct — ethermint 8.2 High2022-08-05
CVE-2022-32249 SAP S/4HANA 和 SAP Business One 安全漏洞 — SAP Business one 7.5 -2022-07-12
CVE-2022-32530 Schneider Electric Geo SCADA Mobile 安全漏洞 — Geo SCADA Mobile 4.8 Medium2022-06-24
CVE-2022-29247 Exposure of Resource to Wrong Sphere in Electron — electron 2.2 Low2022-06-13
CVE-2022-1467 AVEVA InTouch Access Anywhere Exposure of Resource to Wrong Sphere — AVEVA InTouch Access Anywhere 7.4 High2022-05-23
CVE-2022-24823 Local Information Disclosure Vulnerability in io.netty:netty-codec-http — netty 5.5 Medium2022-05-06
CVE-2022-22515 A component of the CODESYS Control runtime system allows read and write access to configuration files — CODESYS Control RTE (SL) 8.1 High2022-04-07
CVE-2022-21947 rancher desktop: Dashboard API is network accessible — Rancher 8.3 High2022-04-01
CVE-2022-21718 Renderers can obtain access to random bluetooth device without permission in Electron — electron 3.4 Low2022-03-22
CVE-2022-24074 Naver Whale Browser 安全漏洞 — NAVER Whale browser 9.8 -2022-03-17

Vulnerabilities classified as CWE-668 (将资源暴露给错误范围) represent 126 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.