Common Weakness Enumeration

CWE-668

Discouraged

Exposure of Resource to Wrong Sphere

Abstraction: Class · Status: Draft

The product exposes a resource to the wrong control sphere, providing unintended actors with inappropriate access to the resource.

1252 vulnerabilities reference this CWE, most recent first.

GHSA-H4M4-PGP4-WHGM

Vulnerability from github – Published: 2021-07-02 19:19 – Updated: 2022-10-25 20:25
VLAI
Summary
The reset password form reveal users email address
Details

Impact

The reset password form reveals the email address of users just by giving their username.

Patches

The problem has been patched on XWiki 13.2RC1.

Workarounds

It's possible to manually modify the resetpasswordinline.vm to perform the changes made in https://github.com/xwiki/xwiki-platform/commit/0cf716250b3645a5974c80d8336dcdf885749dff#diff-14a3132e3986b1f5606dd13d9d8a8bb8634bec9932123c5e49e9604cfd850fc2

References

https://jira.xwiki.org/browse/XWIKI-18400

For more information

If you have any questions or comments about this advisory: * Open an issue in Jira XWiki * Email us at Security ML

Show details on source website

{
  "affected": [
    {
      "package": {
        "ecosystem": "Maven",
        "name": "org.xwiki.platform:xwiki-platform-web"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "13.1"
            },
            {
              "fixed": "13.2"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    }
  ],
  "aliases": [
    "CVE-2021-32731"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-200",
      "CWE-668"
    ],
    "github_reviewed": true,
    "github_reviewed_at": "2021-07-02T16:39:50Z",
    "nvd_published_at": "2021-07-01T19:15:00Z",
    "severity": "MODERATE"
  },
  "details": "### Impact\nThe reset password form reveals the email address of users just by giving their username.\n\n### Patches\nThe problem has been patched on XWiki 13.2RC1.\n\n### Workarounds\nIt\u0027s possible to manually modify the `resetpasswordinline.vm` to perform the changes made in https://github.com/xwiki/xwiki-platform/commit/0cf716250b3645a5974c80d8336dcdf885749dff#diff-14a3132e3986b1f5606dd13d9d8a8bb8634bec9932123c5e49e9604cfd850fc2\n\n### References\nhttps://jira.xwiki.org/browse/XWIKI-18400\n\n### For more information\nIf you have any questions or comments about this advisory:\n* Open an issue in [Jira XWiki](https://jira.xiwki.org)\n* Email us at [Security ML](mailto:security@xwiki.org)\n",
  "id": "GHSA-h4m4-pgp4-whgm",
  "modified": "2022-10-25T20:25:48Z",
  "published": "2021-07-02T19:19:04Z",
  "references": [
    {
      "type": "WEB",
      "url": "https://github.com/xwiki/xwiki-platform/security/advisories/GHSA-h4m4-pgp4-whgm"
    },
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-32731"
    },
    {
      "type": "WEB",
      "url": "https://github.com/xwiki/xwiki-platform/commit/0cf716250b3645a5974c80d8336dcdf885749dff#diff-14a3132e3986b1f5606dd13d9d8a8bb8634bec9932123c5e49e9604cfd850fc2"
    },
    {
      "type": "PACKAGE",
      "url": "https://github.com/xwiki/xwiki-platform"
    },
    {
      "type": "WEB",
      "url": "https://jira.xwiki.org/browse/XWIKI-18400"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
      "type": "CVSS_V3"
    }
  ],
  "summary": "The reset password form reveal users email address"
}

GHSA-H57H-9X5H-V7JM

Vulnerability from github – Published: 2022-09-10 00:00 – Updated: 2022-09-15 00:00
VLAI
Details

Improper restriction of broadcasting Intent in SaWebViewRelayActivity of?Waterplugin prior to version 2.2.11.22081151 allows attacker to access the file without permission.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2022-36875"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-284",
      "CWE-668"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2022-09-09T15:15:00Z",
    "severity": "MODERATE"
  },
  "details": "Improper restriction of broadcasting Intent in SaWebViewRelayActivity of?Waterplugin prior to version 2.2.11.22081151 allows attacker to access the file without permission.",
  "id": "GHSA-h57h-9x5h-v7jm",
  "modified": "2022-09-15T00:00:17Z",
  "published": "2022-09-10T00:00:28Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-36875"
    },
    {
      "type": "WEB",
      "url": "https://security.samsungmobile.com/serviceWeb.smsb?year=2022\u0026month=09"
    },
    {
      "type": "WEB",
      "url": "https://security.samsungmobile.com/serviceWeb.smsb?year==2022\u0026month=09"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-H5FG-GGGQ-X5VH

Vulnerability from github – Published: 2025-09-18 15:30 – Updated: 2026-01-27 21:31
VLAI
Details

In the Linux kernel, the following vulnerability has been resolved:

HID: intel-ish-hid: Fix kernel panic during warm reset

During warm reset device->fw_client is set to NULL. If a bus driver is registered after this NULL setting and before new firmware clients are enumerated by ISHTP, kernel panic will result in the function ishtp_cl_bus_match(). This is because of reference to device->fw_client->props.protocol_name.

ISH firmware after getting successfully loaded, sends a warm reset notification to remove all clients from the bus and sets device->fw_client to NULL. Until kernel v5.15, all enabled ISHTP kernel module drivers were loaded right after any of the first ISHTP device was registered, regardless of whether it was a matched or an unmatched device. This resulted in all drivers getting registered much before the warm reset notification from ISH.

Starting kernel v5.16, this issue got exposed after the change was introduced to load only bus drivers for the respective matching devices. In this scenario, cros_ec_ishtp device and cros_ec_ishtp driver are registered after the warm reset device fw_client NULL setting. cros_ec_ishtp driver_register() triggers the callback to ishtp_cl_bus_match() to match ISHTP driver to the device and causes kernel panic in guid_equal() when dereferencing fw_client NULL pointer to get protocol_name.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2023-53392"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-668"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2025-09-18T14:15:42Z",
    "severity": "HIGH"
  },
  "details": "In the Linux kernel, the following vulnerability has been resolved:\n\nHID: intel-ish-hid: Fix kernel panic during warm reset\n\nDuring warm reset device-\u003efw_client is set to NULL. If a bus driver is\nregistered after this NULL setting and before new firmware clients are\nenumerated by ISHTP, kernel panic will result in the function\nishtp_cl_bus_match(). This is because of reference to\ndevice-\u003efw_client-\u003eprops.protocol_name.\n\nISH firmware after getting successfully loaded, sends a warm reset\nnotification to remove all clients from the bus and sets\ndevice-\u003efw_client to NULL. Until kernel v5.15, all enabled ISHTP kernel\nmodule drivers were loaded right after any of the first ISHTP device was\nregistered, regardless of whether it was a matched or an unmatched\ndevice. This resulted in all drivers getting registered much before the\nwarm reset notification from ISH.\n\nStarting kernel v5.16, this issue got exposed after the change was\nintroduced to load only bus drivers for the respective matching devices.\nIn this scenario, cros_ec_ishtp device and cros_ec_ishtp driver are\nregistered after the warm reset device fw_client NULL setting.\ncros_ec_ishtp driver_register() triggers the callback to\nishtp_cl_bus_match() to match ISHTP driver to the device and causes kernel\npanic in guid_equal() when dereferencing fw_client NULL pointer to get\nprotocol_name.",
  "id": "GHSA-h5fg-gggq-x5vh",
  "modified": "2026-01-27T21:31:33Z",
  "published": "2025-09-18T15:30:34Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-53392"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/38518593ec55e897abda4b4be77b2ec8ec4447d1"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/45b9055a3a3ff6e8c08faad82ea36a8644a81587"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/6c8cc40c588f8080a164d88336b1490279e0f1da"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-H5M9-C2H6-X3RP

Vulnerability from github – Published: 2022-01-11 00:01 – Updated: 2022-01-15 00:03
VLAI
Details

In Beaver Themer, attackers can bypass conditional logic controls (for hiding content) when viewing the post archives. Exploitation requires that a Themer layout is applied to the archives, and that the post excerpt field is not set.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2021-42749"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-668"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2022-01-10T14:10:00Z",
    "severity": "MODERATE"
  },
  "details": "In Beaver Themer, attackers can bypass conditional logic controls (for hiding content) when viewing the post archives. Exploitation requires that a Themer layout is applied to the archives, and that the post excerpt field is not set.",
  "id": "GHSA-h5m9-c2h6-x3rp",
  "modified": "2022-01-15T00:03:32Z",
  "published": "2022-01-11T00:01:15Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-42749"
    },
    {
      "type": "WEB",
      "url": "https://docs.wpbeaverbuilder.com/beaver-builder/developer/conditionally-hidden-content"
    },
    {
      "type": "WEB",
      "url": "https://tekfused.com/tek/vulnerability-research/beaver-builder-vulnerabilities-visibility-conditional-logic-cve"
    }
  ],
  "schema_version": "1.4.0",
  "severity": []
}

GHSA-H5WH-7H2J-H999

Vulnerability from github – Published: 2022-04-15 00:00 – Updated: 2022-04-26 13:04
VLAI
Summary
Exposure of Resource to Wrong Sphere in Simple-Wayland-HotKey-Daemon
Details

SWHKD 1.1.5 consumes the keyboard events of unintended users. This could potentially cause an information leak, but is usually a denial of functionality.

Show details on source website

{
  "affected": [
    {
      "package": {
        "ecosystem": "crates.io",
        "name": "Simple-Wayland-HotKey-Daemon"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "last_affected": "1.1.5"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    }
  ],
  "aliases": [
    "CVE-2022-27817"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-668"
    ],
    "github_reviewed": true,
    "github_reviewed_at": "2022-04-26T13:04:22Z",
    "nvd_published_at": "2022-04-14T17:15:00Z",
    "severity": "MODERATE"
  },
  "details": "SWHKD 1.1.5 consumes the keyboard events of unintended users. This could potentially cause an information leak, but is usually a denial of functionality.",
  "id": "GHSA-h5wh-7h2j-h999",
  "modified": "2022-04-26T13:04:22Z",
  "published": "2022-04-15T00:00:40Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-27817"
    },
    {
      "type": "PACKAGE",
      "url": "https://github.com/waycrate/swhkd"
    },
    {
      "type": "WEB",
      "url": "https://github.com/waycrate/swhkd/releases"
    },
    {
      "type": "WEB",
      "url": "https://www.openwall.com/lists/oss-security/2022/04/14/1"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:L",
      "type": "CVSS_V3"
    }
  ],
  "summary": "Exposure of Resource to Wrong Sphere in Simple-Wayland-HotKey-Daemon"
}

GHSA-H6G2-MC2X-J8WM

Vulnerability from github – Published: 2022-05-24 19:09 – Updated: 2022-07-13 00:01
VLAI
Details

muc.lib.lua in Prosody 0.11.0 through 0.11.9 allows remote attackers to obtain sensitive information (list of admins, members, owners, and banned entities of a Multi-User chat room) in some common configurations.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2021-37601"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-668"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2021-07-30T14:15:00Z",
    "severity": "HIGH"
  },
  "details": "muc.lib.lua in Prosody 0.11.0 through 0.11.9 allows remote attackers to obtain sensitive information (list of admins, members, owners, and banned entities of a Multi-User chat room) in some common configurations.",
  "id": "GHSA-h6g2-mc2x-j8wm",
  "modified": "2022-07-13T00:01:34Z",
  "published": "2022-05-24T19:09:20Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-37601"
    },
    {
      "type": "WEB",
      "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/7BZRRPCNOETB4MN4XSYPRBBKDIHO27DY"
    },
    {
      "type": "WEB",
      "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/EMKIOEP2CYWHVVUCNWISPE4AGH4IR7O2"
    },
    {
      "type": "WEB",
      "url": "https://prosody.im"
    },
    {
      "type": "WEB",
      "url": "https://prosody.im/security/advisory_20210722"
    },
    {
      "type": "WEB",
      "url": "http://www.openwall.com/lists/oss-security/2021/07/28/4"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-H732-87V7-7449

Vulnerability from github – Published: 2024-12-25 18:30 – Updated: 2024-12-25 18:30
VLAI
Details

Dell NativeEdge, version(s) 2.1.0.0, contain(s) a Creation of Temporary File With Insecure Permissions vulnerability. A high privileged attacker with local access could potentially exploit this vulnerability, leading to Information disclosure.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2024-52543"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-378",
      "CWE-668"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2024-12-25T16:15:22Z",
    "severity": "MODERATE"
  },
  "details": "Dell NativeEdge, version(s) 2.1.0.0, contain(s) a Creation of Temporary File With Insecure Permissions vulnerability. A high privileged attacker with local access could potentially exploit this vulnerability, leading to Information disclosure.",
  "id": "GHSA-h732-87v7-7449",
  "modified": "2024-12-25T18:30:45Z",
  "published": "2024-12-25T18:30:45Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-52543"
    },
    {
      "type": "WEB",
      "url": "https://www.dell.com/support/kbdoc/en-us/000258904/dsa-2024-488-security-update-for-dell-nativeedge-multiple-vulnerabilities"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-H872-JXR7-Q7RJ

Vulnerability from github – Published: 2022-02-15 00:02 – Updated: 2023-08-08 15:31
VLAI
Details

** UNSUPPORTED WHEN ASSIGNED ** Emerson Dixell XWEB-500 products are affected by information disclosure via directory listing. A potential attacker can use this misconfiguration to access all the files in the remote directories. Note: the product has not been supported since 2018 and should be removed or replaced.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2021-45421"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-200",
      "CWE-668"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2022-02-14T14:15:00Z",
    "severity": "HIGH"
  },
  "details": "** UNSUPPORTED WHEN ASSIGNED ** Emerson Dixell XWEB-500 products are affected by information disclosure via directory listing. A potential attacker can use this misconfiguration to access all the files in the remote directories. Note: the product has not been supported since 2018 and should be removed or replaced.",
  "id": "GHSA-h872-jxr7-q7rj",
  "modified": "2023-08-08T15:31:43Z",
  "published": "2022-02-15T00:02:47Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-45421"
    },
    {
      "type": "WEB",
      "url": "https://www.swascan.com/emerson"
    },
    {
      "type": "WEB",
      "url": "http://dixell.com"
    },
    {
      "type": "WEB",
      "url": "http://emerson.com"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-H8G5-2596-XJH9

Vulnerability from github – Published: 2025-03-27 15:31 – Updated: 2025-03-28 18:33
VLAI
Details

Following the sandbox escape in CVE-2025-2783, various Firefox developers identified a similar pattern in our IPC code. Attackers were able to confuse the parent process into leaking handles to unprivileged child processes leading to a sandbox escape. The original vulnerability was being exploited in the wild. This only affects Firefox on Windows. Other operating systems are unaffected. This vulnerability affects Firefox < 136.0.4, Firefox ESR < 128.8.1, and Firefox ESR < 115.21.1.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2025-2857"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-668"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2025-03-27T14:15:55Z",
    "severity": "CRITICAL"
  },
  "details": "Following the sandbox escape in CVE-2025-2783, various Firefox developers identified a similar pattern in our IPC code. Attackers were able to confuse the parent process into leaking handles to unprivileged child processes leading to a sandbox escape. \nThe original vulnerability was being exploited in the wild. \n*This only affects Firefox on Windows. Other operating systems are unaffected.* This vulnerability affects Firefox \u003c 136.0.4, Firefox ESR \u003c 128.8.1, and Firefox ESR \u003c 115.21.1.",
  "id": "GHSA-h8g5-2596-xjh9",
  "modified": "2025-03-28T18:33:09Z",
  "published": "2025-03-27T15:31:10Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-2857"
    },
    {
      "type": "WEB",
      "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1956398"
    },
    {
      "type": "WEB",
      "url": "https://issues.chromium.org/issues/405143032"
    },
    {
      "type": "WEB",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-2783"
    },
    {
      "type": "WEB",
      "url": "https://www.mozilla.org/security/advisories/mfsa2025-19"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-H8M9-2C4V-J2JX

Vulnerability from github – Published: 2022-05-24 17:43 – Updated: 2022-05-24 17:43
VLAI
Details

The browser could have been confused into transferring a screen sharing state into another tab, which would leak unintended information. This vulnerability affects Firefox < 85.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2021-23958"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-668"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2021-02-26T03:15:00Z",
    "severity": "MODERATE"
  },
  "details": "The browser could have been confused into transferring a screen sharing state into another tab, which would leak unintended information. This vulnerability affects Firefox \u003c 85.",
  "id": "GHSA-h8m9-2c4v-j2jx",
  "modified": "2022-05-24T17:43:11Z",
  "published": "2022-05-24T17:43:11Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-23958"
    },
    {
      "type": "WEB",
      "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1642747"
    },
    {
      "type": "WEB",
      "url": "https://www.mozilla.org/security/advisories/mfsa2021-03"
    }
  ],
  "schema_version": "1.4.0",
  "severity": []
}

No mitigation information available for this CWE.

No CAPEC attack patterns related to this CWE.