CWE-668
DiscouragedExposure of Resource to Wrong Sphere
Abstraction: Class · Status: Draft
The product exposes a resource to the wrong control sphere, providing unintended actors with inappropriate access to the resource.
1248 vulnerabilities reference this CWE, most recent first.
GHSA-4X87-37H3-GRRR
Vulnerability from github – Published: 2022-05-24 19:06 – Updated: 2022-07-13 00:01A potential vulnerability has been identified in HPE OneView Global Dashboard release 2.31 which could lead to a local disclosure of privileged information. HPE has provided an update to OneView Global Dashboard. The issue is resolved in 2.32.
{
"affected": [],
"aliases": [
"CVE-2021-26585"
],
"database_specific": {
"cwe_ids": [
"CWE-668"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2021-06-24T12:15:00Z",
"severity": "MODERATE"
},
"details": "A potential vulnerability has been identified in HPE OneView Global Dashboard release 2.31 which could lead to a local disclosure of privileged information. HPE has provided an update to OneView Global Dashboard. The issue is resolved in 2.32.",
"id": "GHSA-4x87-37h3-grrr",
"modified": "2022-07-13T00:01:11Z",
"published": "2022-05-24T19:06:12Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-26585"
},
{
"type": "WEB",
"url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbhf04162en_us"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"type": "CVSS_V3"
}
]
}
GHSA-4XCQ-3FJF-XFQW
Vulnerability from github – Published: 2025-08-20 15:31 – Updated: 2025-09-25 18:30A vulnerability was identified in Docker Desktop that allows local running Linux containers to access the Docker Engine API via the configured Docker subnet, at 192.168.65.7:2375 by default. This vulnerability occurs with or without Enhanced Container Isolation (ECI) enabled, and with or without the "Expose daemon on tcp://localhost:2375 without TLS" option enabled. This can lead to execution of a wide range of privileged commands to the engine API, including controlling other containers, creating new ones, managing images etc. In some circumstances (e.g. Docker Desktop for Windows with WSL backend) it also allows mounting the host drive with the same privileges as the user running Docker Desktop.
{
"affected": [],
"aliases": [
"CVE-2025-9074"
],
"database_specific": {
"cwe_ids": [
"CWE-668"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2025-08-20T14:15:49Z",
"severity": "CRITICAL"
},
"details": "A vulnerability was identified in Docker Desktop that allows local running Linux containers to access the Docker Engine API via the configured Docker subnet, at 192.168.65.7:2375 by default. This vulnerability occurs with or without Enhanced Container Isolation (ECI) enabled, and with or without the \"Expose daemon on tcp://localhost:2375 without TLS\" option enabled.\nThis can lead to execution of a wide range of privileged commands to the engine API, including controlling other containers, creating new ones, managing images etc. In some circumstances (e.g. Docker Desktop for Windows with WSL backend) it also allows mounting the host drive with the same privileges as the user running Docker Desktop.",
"id": "GHSA-4xcq-3fjf-xfqw",
"modified": "2025-09-25T18:30:30Z",
"published": "2025-08-20T15:31:42Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-9074"
},
{
"type": "WEB",
"url": "https://blog.qwertysecurity.com/Articles/blog3"
},
{
"type": "WEB",
"url": "https://blog.qwertysecurity.com/Articles/blog3.html"
},
{
"type": "WEB",
"url": "https://docs.docker.com/desktop/release-notes/#4443"
},
{
"type": "WEB",
"url": "https://pvotal.tech/breaking-dockers-isolation-using-docker-cve-2025-9074"
},
{
"type": "WEB",
"url": "https://www.bleepingcomputer.com/news/security/critical-docker-desktop-flaw-lets-attackers-hijack-windows-hosts"
},
{
"type": "WEB",
"url": "https://www.vicarius.io/vsociety/posts/cve-2025-9074-detect-docker-desktop-vulnerability"
},
{
"type": "WEB",
"url": "https://www.vicarius.io/vsociety/posts/cve-2025-9074-mitigate-docker-desktop-vulnerability"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:P/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
"type": "CVSS_V4"
}
]
}
GHSA-4XMC-28V8-F8CV
Vulnerability from github – Published: 2022-05-13 01:43 – Updated: 2022-05-13 01:43An issue was discovered in Xen through 4.9.x allowing x86 HVM guest OS users to cause a denial of service (hypervisor crash) or possibly gain privileges because self-linear shadow mappings are mishandled for translated guests.
{
"affected": [],
"aliases": [
"CVE-2017-15592"
],
"database_specific": {
"cwe_ids": [
"CWE-668"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2017-10-18T08:29:00Z",
"severity": "HIGH"
},
"details": "An issue was discovered in Xen through 4.9.x allowing x86 HVM guest OS users to cause a denial of service (hypervisor crash) or possibly gain privileges because self-linear shadow mappings are mishandled for translated guests.",
"id": "GHSA-4xmc-28v8-f8cv",
"modified": "2022-05-13T01:43:48Z",
"published": "2022-05-13T01:43:48Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-15592"
},
{
"type": "WEB",
"url": "https://lists.debian.org/debian-lts-announce/2017/11/msg00027.html"
},
{
"type": "WEB",
"url": "https://lists.debian.org/debian-lts-announce/2018/10/msg00021.html"
},
{
"type": "WEB",
"url": "https://security.gentoo.org/glsa/201801-14"
},
{
"type": "WEB",
"url": "https://support.citrix.com/article/CTX228867"
},
{
"type": "WEB",
"url": "https://support.citrix.com/article/CTX230138"
},
{
"type": "WEB",
"url": "https://www.debian.org/security/2017/dsa-4050"
},
{
"type": "WEB",
"url": "https://xenbits.xen.org/xsa/advisory-243.html"
},
{
"type": "WEB",
"url": "http://www.securityfocus.com/bid/101513"
},
{
"type": "WEB",
"url": "http://www.securityfocus.com/bid/102129"
},
{
"type": "WEB",
"url": "http://www.securitytracker.com/id/1039568"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-5267-2G9R-5CQX
Vulnerability from github – Published: 2022-07-22 00:00 – Updated: 2022-07-27 00:00Authenticated (custom plugin role) Arbitrary File Read via Export function vulnerability in GiveWP's GiveWP plugin <= 2.20.2 at WordPress.
{
"affected": [],
"aliases": [
"CVE-2022-31475"
],
"database_specific": {
"cwe_ids": [
"CWE-22",
"CWE-668"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2022-07-21T18:15:00Z",
"severity": "MODERATE"
},
"details": "Authenticated (custom plugin role) Arbitrary File Read via Export function vulnerability in GiveWP\u0027s GiveWP plugin \u003c= 2.20.2 at WordPress.",
"id": "GHSA-5267-2g9r-5cqx",
"modified": "2022-07-27T00:00:39Z",
"published": "2022-07-22T00:00:32Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-31475"
},
{
"type": "WEB",
"url": "https://patchstack.com/database/vulnerability/give/wordpress-givewp-plugin-2-20-2-authenticated-arbitrary-file-read-via-export-function-vulnerability"
},
{
"type": "WEB",
"url": "https://wordpress.org/plugins/give/#developers"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N",
"type": "CVSS_V3"
}
]
}
GHSA-52F4-H455-6W3R
Vulnerability from github – Published: 2026-06-13 00:34 – Updated: 2026-06-13 00:34OpenClaw before 2026.4.26 contains an information disclosure vulnerability in sandboxed session spawning that exposes the real workspace path to child prompts. Attackers can exploit this by spawning child sessions from sandboxed parents to reveal host workspace location or related memory context to child models.
{
"affected": [],
"aliases": [
"CVE-2026-53826"
],
"database_specific": {
"cwe_ids": [
"CWE-668"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2026-06-12T22:16:53Z",
"severity": "LOW"
},
"details": "OpenClaw before 2026.4.26 contains an information disclosure vulnerability in sandboxed session spawning that exposes the real workspace path to child prompts. Attackers can exploit this by spawning child sessions from sandboxed parents to reveal host workspace location or related memory context to child models.",
"id": "GHSA-52f4-h455-6w3r",
"modified": "2026-06-13T00:34:32Z",
"published": "2026-06-13T00:34:31Z",
"references": [
{
"type": "WEB",
"url": "https://github.com/openclaw/openclaw/security/advisories/GHSA-6c4r-g249-wv3c"
},
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-53826"
},
{
"type": "WEB",
"url": "https://www.vulncheck.com/advisories/openclaw-information-disclosure-via-sandboxed-session-spawn"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
"type": "CVSS_V3"
},
{
"score": "CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
"type": "CVSS_V4"
}
]
}
GHSA-53WJ-WWHG-8J4V
Vulnerability from github – Published: 2022-04-23 00:03 – Updated: 2022-04-30 00:00IBM Cognos Analytics 11.1.7, 11.2.0, and 11.1.7 could allow an authenticated user to view report pages that they should not have access to. IBM X-Force ID: 209697.
{
"affected": [],
"aliases": [
"CVE-2021-38905"
],
"database_specific": {
"cwe_ids": [
"CWE-668"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2022-04-22T17:15:00Z",
"severity": "MODERATE"
},
"details": "IBM Cognos Analytics 11.1.7, 11.2.0, and 11.1.7 could allow an authenticated user to view report pages that they should not have access to. IBM X-Force ID: 209697.",
"id": "GHSA-53wj-wwhg-8j4v",
"modified": "2022-04-30T00:00:44Z",
"published": "2022-04-23T00:03:02Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-38905"
},
{
"type": "WEB",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/209697"
},
{
"type": "WEB",
"url": "https://security.netapp.com/advisory/ntap-20220602-0003"
},
{
"type": "WEB",
"url": "https://www.ibm.com/support/pages/node/6570957"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
"type": "CVSS_V3"
}
]
}
GHSA-5429-PJWW-7675
Vulnerability from github – Published: 2022-01-08 00:43 – Updated: 2023-08-08 20:44Apache Kylin allows users to read data from other database systems using JDBC. The MySQL JDBC driver supports certain properties, which, if left unmitigated, can allow an attacker to execute arbitrary code from a hacker-controlled malicious MySQL server within Kylin server processes. This issue affects Apache Kylin 2 version 2.6.6 and prior versions; Apache Kylin 3 version 3.1.2 and prior versions.
{
"affected": [
{
"package": {
"ecosystem": "Maven",
"name": "org.apache.kylin:kylin"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "3.1.3"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"aliases": [
"CVE-2021-36774"
],
"database_specific": {
"cwe_ids": [
"CWE-668",
"CWE-89"
],
"github_reviewed": true,
"github_reviewed_at": "2022-01-07T23:19:03Z",
"nvd_published_at": "2022-01-06T13:15:00Z",
"severity": "MODERATE"
},
"details": "Apache Kylin allows users to read data from other database systems using JDBC. The MySQL JDBC driver supports certain properties, which, if left unmitigated, can allow an attacker to execute arbitrary code from a hacker-controlled malicious MySQL server within Kylin server processes. This issue affects Apache Kylin 2 version 2.6.6 and prior versions; Apache Kylin 3 version 3.1.2 and prior versions.",
"id": "GHSA-5429-pjww-7675",
"modified": "2023-08-08T20:44:51Z",
"published": "2022-01-08T00:43:04Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-36774"
},
{
"type": "WEB",
"url": "https://github.com/apache/kylin/pull/1646"
},
{
"type": "PACKAGE",
"url": "https://github.com/apache/kylin"
},
{
"type": "WEB",
"url": "https://lists.apache.org/thread/lchpcvoolc6w8zc6vo1wstk8zbfqv2ow"
},
{
"type": "WEB",
"url": "http://www.openwall.com/lists/oss-security/2022/01/06/5"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"type": "CVSS_V3"
}
],
"summary": "SQL Injection in Apache Kylin"
}
GHSA-54FP-2G66-5C89
Vulnerability from github – Published: 2023-10-10 18:31 – Updated: 2023-11-07 00:30Remote Procedure Call Information Disclosure Vulnerability
{
"affected": [],
"aliases": [
"CVE-2023-36596"
],
"database_specific": {
"cwe_ids": [
"CWE-668"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2023-10-10T18:15:14Z",
"severity": "HIGH"
},
"details": "Remote Procedure Call Information Disclosure Vulnerability",
"id": "GHSA-54fp-2g66-5c89",
"modified": "2023-11-07T00:30:31Z",
"published": "2023-10-10T18:31:34Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-36596"
},
{
"type": "WEB",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36596"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"type": "CVSS_V3"
}
]
}
GHSA-54R9-6X6G-2VFV
Vulnerability from github – Published: 2022-12-25 06:30 – Updated: 2023-01-06 21:30Certain ZKTeco products (ZEM500-510-560-760, ZEM600-800, ZEM720, ZMM) allow access to sensitive information via direct requests for the form/DataApp?style=1 and form/DataApp?style=0 URLs. The affected versions may be before 8.88 (ZEM500-510-560-760, ZEM600-800, ZEM720) and 15.00 (ZMM200-220-210). The fixed versions are firmware version 8.88 (ZEM500-510-560-760, ZEM600-800, ZEM720) and firmware version 15.00 (ZMM200-220-210).
{
"affected": [],
"aliases": [
"CVE-2022-42953"
],
"database_specific": {
"cwe_ids": [
"CWE-425",
"CWE-668"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2022-12-25T05:15:00Z",
"severity": "HIGH"
},
"details": "Certain ZKTeco products (ZEM500-510-560-760, ZEM600-800, ZEM720, ZMM) allow access to sensitive information via direct requests for the form/DataApp?style=1 and form/DataApp?style=0 URLs. The affected versions may be before 8.88 (ZEM500-510-560-760, ZEM600-800, ZEM720) and 15.00 (ZMM200-220-210). The fixed versions are firmware version 8.88 (ZEM500-510-560-760, ZEM600-800, ZEM720) and firmware version 15.00 (ZMM200-220-210).",
"id": "GHSA-54r9-6x6g-2vfv",
"modified": "2023-01-06T21:30:41Z",
"published": "2022-12-25T06:30:21Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-42953"
},
{
"type": "WEB",
"url": "https://seclists.org/fulldisclosure/2022/Oct/23"
},
{
"type": "WEB",
"url": "https://www.redteam-pentesting.de/en/advisories/-advisories-publicised-vulnerability-analyses"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"type": "CVSS_V3"
}
]
}
GHSA-55C8-6R36-9G85
Vulnerability from github – Published: 2022-07-13 00:00 – Updated: 2022-07-28 00:00Intel microprocessor generations 6 to 8 are affected by a new Spectre variant that is able to bypass their retpoline mitigation in the kernel to leak arbitrary data. An attacker with unprivileged user access can hijack return instructions to achieve arbitrary speculative code execution under certain microarchitecture-dependent conditions.
{
"affected": [],
"aliases": [
"CVE-2022-29901"
],
"database_specific": {
"cwe_ids": [
"CWE-200",
"CWE-668"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2022-07-12T19:15:00Z",
"severity": "MODERATE"
},
"details": "Intel microprocessor generations 6 to 8 are affected by a new Spectre variant that is able to bypass their retpoline mitigation in the kernel to leak arbitrary data. An attacker with unprivileged user access can hijack return instructions to achieve arbitrary speculative code execution under certain microarchitecture-dependent conditions.",
"id": "GHSA-55c8-6r36-9g85",
"modified": "2022-07-28T00:00:44Z",
"published": "2022-07-13T00:00:41Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-29901"
},
{
"type": "WEB",
"url": "https://comsec.ethz.ch/retbleed"
},
{
"type": "WEB",
"url": "https://lists.debian.org/debian-lts-announce/2022/09/msg00011.html"
},
{
"type": "WEB",
"url": "https://lists.debian.org/debian-lts-announce/2022/12/msg00034.html"
},
{
"type": "WEB",
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/D4RW5FCIYFNCQOEFJEUIRW3DGYW7CWBG"
},
{
"type": "WEB",
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/M27MB3QFNIJV4EQQSXWARHP3OGX6CR6K"
},
{
"type": "WEB",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/D4RW5FCIYFNCQOEFJEUIRW3DGYW7CWBG"
},
{
"type": "WEB",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/M27MB3QFNIJV4EQQSXWARHP3OGX6CR6K"
},
{
"type": "WEB",
"url": "https://security.gentoo.org/glsa/202402-07"
},
{
"type": "WEB",
"url": "https://security.netapp.com/advisory/ntap-20221007-0007"
},
{
"type": "WEB",
"url": "https://www.debian.org/security/2022/dsa-5207"
},
{
"type": "WEB",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00702.html"
},
{
"type": "WEB",
"url": "https://www.secpod.com/blog/retbleed-intel-and-amd-processor-information-disclosure-vulnerability"
},
{
"type": "WEB",
"url": "http://www.openwall.com/lists/oss-security/2022/07/12/2"
},
{
"type": "WEB",
"url": "http://www.openwall.com/lists/oss-security/2022/07/12/4"
},
{
"type": "WEB",
"url": "http://www.openwall.com/lists/oss-security/2022/07/12/5"
},
{
"type": "WEB",
"url": "http://www.openwall.com/lists/oss-security/2022/07/13/1"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N",
"type": "CVSS_V3"
}
]
}
No mitigation information available for this CWE.
No CAPEC attack patterns related to this CWE.