CWE-669
Allowed-with-ReviewIncorrect Resource Transfer Between Spheres
Abstraction: Class · Status: Draft
The product does not properly transfer a resource/behavior to another sphere, or improperly imports a resource/behavior from another sphere, in a manner that provides unintended control over that resource.
144 vulnerabilities reference this CWE, most recent first.
GHSA-C4J8-5XV4-XCXH
Vulnerability from github – Published: 2022-05-24 19:09 – Updated: 2022-09-15 00:00In MB connect line mymbCONNECT24, mbCONNECT24 in versions <= 2.8.0 an authenticated attacker can change the password of his account into a new password that violates the password policy by intercepting and modifying the request that is send to the server.
{
"affected": [],
"aliases": [
"CVE-2021-34574"
],
"database_specific": {
"cwe_ids": [
"CWE-669"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2021-08-02T11:15:00Z",
"severity": "MODERATE"
},
"details": "In MB connect line mymbCONNECT24, mbCONNECT24 in versions \u003c= 2.8.0 an authenticated attacker can change the password of his account into a new password that violates the password policy by intercepting and modifying the request that is send to the server.",
"id": "GHSA-c4j8-5xv4-xcxh",
"modified": "2022-09-15T00:00:21Z",
"published": "2022-05-24T19:09:36Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-34574"
},
{
"type": "WEB",
"url": "https://cert.vde.com/de-de/advisories/vde-2021-030"
},
{
"type": "WEB",
"url": "https://cert.vde.com/en/advisories/VDE-2021-030"
},
{
"type": "WEB",
"url": "https://cert.vde.com/en/advisories/VDE-2022-039"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N",
"type": "CVSS_V3"
}
]
}
GHSA-CFX3-M5FR-8C98
Vulnerability from github – Published: 2022-05-24 17:39 – Updated: 2022-05-24 17:39In SOOIL Developments Co., Ltd Diabecare RS, AnyDana-i and AnyDana-A, a client-side control vulnerability in the insulin pump and its AnyDana-i and AnyDana-A mobile applications allows physically proximate attackers to bypass checks for default PINs via Bluetooth Low Energy.
{
"affected": [],
"aliases": [
"CVE-2020-27268"
],
"database_specific": {
"cwe_ids": [
"CWE-269",
"CWE-669"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2021-01-19T22:15:00Z",
"severity": "MODERATE"
},
"details": "In SOOIL Developments Co., Ltd Diabecare RS, AnyDana-i and AnyDana-A, a client-side control vulnerability in the insulin pump and its AnyDana-i and AnyDana-A mobile applications allows physically proximate attackers to bypass checks for default PINs via Bluetooth Low Energy.",
"id": "GHSA-cfx3-m5fr-8c98",
"modified": "2022-05-24T17:39:27Z",
"published": "2022-05-24T17:39:27Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-27268"
},
{
"type": "WEB",
"url": "https://us-cert.cisa.gov/ics/advisories/icsma-21-012-01"
}
],
"schema_version": "1.4.0",
"severity": []
}
GHSA-F3JF-WGCF-HQJR
Vulnerability from github – Published: 2025-09-19 00:30 – Updated: 2025-09-19 00:30PureVPN client applications on Linux through September 2025 mishandle firewalling. They flush the system's existing iptables rules and apply default ACCEPT policies when connecting to a VPN server. This removes firewall rules that may have been configured manually or by other software (e.g., UFW, container engines, or system security policies). Upon VPN disconnect, the original firewall state is not restored. As a result, the system may become unintentionally exposed to network traffic that was previously blocked. This affects CLI 2.0.1 and GUI 2.10.0.
{
"affected": [],
"aliases": [
"CVE-2025-59692"
],
"database_specific": {
"cwe_ids": [
"CWE-669"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2025-09-18T23:15:34Z",
"severity": "LOW"
},
"details": "PureVPN client applications on Linux through September 2025 mishandle firewalling. They flush the system\u0027s existing iptables rules and apply default ACCEPT policies when connecting to a VPN server. This removes firewall rules that may have been configured manually or by other software (e.g., UFW, container engines, or system security policies). Upon VPN disconnect, the original firewall state is not restored. As a result, the system may become unintentionally exposed to network traffic that was previously blocked. This affects CLI 2.0.1 and GUI 2.10.0.",
"id": "GHSA-f3jf-wgcf-hqjr",
"modified": "2025-09-19T00:30:58Z",
"published": "2025-09-19T00:30:58Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-59692"
},
{
"type": "WEB",
"url": "https://anagogistis.com/posts/purevpn-ipv6-leak"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N",
"type": "CVSS_V3"
}
]
}
GHSA-FG2Q-V428-2GPH
Vulnerability from github – Published: 2022-05-24 16:44 – Updated: 2022-11-22 19:37Eclipse Vorto versions prior to 0.11 resolved Maven build artifacts for the Xtext project over HTTP instead of HTTPS. Any of these dependent artifacts could have been maliciously compromised by a MITM attack. Hence produced build artifacts of Vorto might be infected.
{
"affected": [
{
"package": {
"ecosystem": "Maven",
"name": "org.eclipse.vorto:org.eclipse.vorto.core"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "0.11.0"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"aliases": [
"CVE-2019-10248"
],
"database_specific": {
"cwe_ids": [
"CWE-494",
"CWE-669",
"CWE-829"
],
"github_reviewed": true,
"github_reviewed_at": "2022-11-22T19:37:26Z",
"nvd_published_at": "2019-04-22T21:29:00Z",
"severity": "HIGH"
},
"details": "Eclipse Vorto versions prior to 0.11 resolved Maven build artifacts for the Xtext project over HTTP instead of HTTPS. Any of these dependent artifacts could have been maliciously compromised by a MITM attack. Hence produced build artifacts of Vorto might be infected.",
"id": "GHSA-fg2q-v428-2gph",
"modified": "2022-11-22T19:37:26Z",
"published": "2022-05-24T16:44:08Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2019-10248"
},
{
"type": "WEB",
"url": "https://bugs.eclipse.org/bugs/show_bug.cgi?id=546622"
},
{
"type": "PACKAGE",
"url": "https://github.com/eclipse/vorto"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
],
"summary": "Eclipse Vorto resolved Maven build artifacts for the Xtext project over HTTP instead of HTTPS"
}
GHSA-G4H2-2GP2-J3WQ
Vulnerability from github – Published: 2026-05-26 13:30 – Updated: 2026-05-26 13:30In Roundcube Webmail 1.6.x between 1.6.14 and 1.6.16 and 1.7.x before 1.7.1, remote image blocking was not honored for URLs pointing to local/private destinations, which may lead to information disclosure or privilege escalation via a text/html email message.
{
"affected": [],
"aliases": [
"CVE-2026-48845"
],
"database_specific": {
"cwe_ids": [
"CWE-669"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2026-05-25T20:16:37Z",
"severity": "MODERATE"
},
"details": "In Roundcube Webmail 1.6.x between 1.6.14 and 1.6.16 and 1.7.x before 1.7.1, remote image blocking was not honored for URLs pointing to local/private destinations, which may lead to information disclosure or privilege escalation via a text/html email message.",
"id": "GHSA-g4h2-2gp2-j3wq",
"modified": "2026-05-26T13:30:49Z",
"published": "2026-05-26T13:30:49Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-48845"
},
{
"type": "WEB",
"url": "https://github.com/roundcube/roundcubemail/commit/7b52353653a67e6073b97d70eb94047132b78556"
},
{
"type": "WEB",
"url": "https://github.com/roundcube/roundcubemail/commit/d82b8c6cd06c378eca6d647ccd548f4ff1c68659"
},
{
"type": "WEB",
"url": "https://github.com/roundcube/roundcubemail/releases/tag/1.6.16"
},
{
"type": "WEB",
"url": "https://github.com/roundcube/roundcubemail/releases/tag/1.7.1"
},
{
"type": "WEB",
"url": "https://roundcube.net/news/2026/05/24/security-updates-1.6.16-and-1.7.1"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N",
"type": "CVSS_V3"
}
]
}
GHSA-G4HC-RPR7-VVCR
Vulnerability from github – Published: 2022-01-22 00:00 – Updated: 2022-09-01 00:00Unisphere for PowerMax versions prior to 9.2.2.2 contains a privilege escalation vulnerability. An adjacent malicious user could potentially exploit this vulnerability to escalate their privileges and access functionalities they do not have access to.
{
"affected": [],
"aliases": [
"CVE-2021-36338"
],
"database_specific": {
"cwe_ids": [
"CWE-565",
"CWE-669"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2022-01-21T21:15:00Z",
"severity": "HIGH"
},
"details": "Unisphere for PowerMax versions prior to 9.2.2.2 contains a privilege escalation vulnerability. An adjacent malicious user could potentially exploit this vulnerability to escalate their privileges and access functionalities they do not have access to.",
"id": "GHSA-g4hc-rpr7-vvcr",
"modified": "2022-09-01T00:00:17Z",
"published": "2022-01-22T00:00:20Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-36338"
},
{
"type": "WEB",
"url": "https://www.dell.com/support/kbdoc/000194640"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-G6WH-H8P9-V37J
Vulnerability from github – Published: 2022-04-30 18:18 – Updated: 2022-04-30 18:18SMTP service in Microsoft Windows 2000, Windows XP Professional, and Exchange 2000 allows remote attackers to cause a denial of service via a command with a malformed data transfer (BDAT) request.
{
"affected": [],
"aliases": [
"CVE-2002-0055"
],
"database_specific": {
"cwe_ids": [
"CWE-669"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2002-03-08T05:00:00Z",
"severity": "MODERATE"
},
"details": "SMTP service in Microsoft Windows 2000, Windows XP Professional, and Exchange 2000 allows remote attackers to cause a denial of service via a command with a malformed data transfer (BDAT) request.",
"id": "GHSA-g6wh-h8p9-v37j",
"modified": "2022-04-30T18:18:27Z",
"published": "2022-04-30T18:18:27Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2002-0055"
},
{
"type": "WEB",
"url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2002/ms02-012"
},
{
"type": "WEB",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A30"
},
{
"type": "WEB",
"url": "http://marc.info/?l=bugtraq\u0026m=101558498401274\u0026w=2"
},
{
"type": "WEB",
"url": "http://www.iss.net/security_center/static/8307.php"
},
{
"type": "WEB",
"url": "http://www.securityfocus.com/bid/4204"
}
],
"schema_version": "1.4.0",
"severity": []
}
GHSA-GFW5-R5R2-FV73
Vulnerability from github – Published: 2025-08-03 18:32 – Updated: 2025-11-25 09:31The gh package before 1.5.0 for R delivers an HTTP response in a data structure that includes the Authorization header from the corresponding HTTP request.
{
"affected": [],
"aliases": [
"CVE-2025-54956"
],
"database_specific": {
"cwe_ids": [
"CWE-669"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2025-08-03T18:15:25Z",
"severity": "LOW"
},
"details": "The gh package before 1.5.0 for R delivers an HTTP response in a data structure that includes the Authorization header from the corresponding HTTP request.",
"id": "GHSA-gfw5-r5r2-fv73",
"modified": "2025-11-25T09:31:22Z",
"published": "2025-08-03T18:32:49Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-54956"
},
{
"type": "WEB",
"url": "https://github.com/r-lib/gh/issues/222"
},
{
"type": "WEB",
"url": "https://github.com/r-lib/gh/commit/b575d488c71318449cc6c8c989c617db29275848"
},
{
"type": "WEB",
"url": "https://github.com/r-lib/gh/compare/v1.4.1...v1.5.0"
},
{
"type": "WEB",
"url": "https://lists.debian.org/debian-lts-announce/2025/11/msg00021.html"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:L/I:N/A:N",
"type": "CVSS_V3"
}
]
}
GHSA-GRJH-583F-V73H
Vulnerability from github – Published: 2026-04-10 18:31 – Updated: 2026-05-05 03:31In systemd 259, systemd-journald can send ANSI escape sequences to the terminals of arbitrary users when a "logger -p emerg" command is executed, if ForwardToWall=yes is set.
{
"affected": [],
"aliases": [
"CVE-2026-40228"
],
"database_specific": {
"cwe_ids": [
"CWE-669"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2026-04-10T16:16:33Z",
"severity": "LOW"
},
"details": "In systemd 259, systemd-journald can send ANSI escape sequences to the terminals of arbitrary users when a \"logger -p emerg\" command is executed, if ForwardToWall=yes is set.",
"id": "GHSA-grjh-583f-v73h",
"modified": "2026-05-05T03:31:39Z",
"published": "2026-04-10T18:31:18Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-40228"
},
{
"type": "WEB",
"url": "https://www.openwall.com/lists/oss-security/2026/04/08/1"
},
{
"type": "WEB",
"url": "http://www.openwall.com/lists/oss-security/2026/05/05/1"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N",
"type": "CVSS_V3"
}
]
}
GHSA-GVXV-5FP2-358Q
Vulnerability from github – Published: 2019-09-11 23:08 – Updated: 2022-11-17 18:24In all versions prior to version 3.9.6 for eclipse-wtp, all versions prior to version 9.4.4 for eclipse-cdt, and all versions prior to version 3.0.1 for eclipse-groovy, Spotless was resolving dependencies over an insecure channel (http). If the build occurred over an insecure connection, a malicious user could have perform a Man-in-the-Middle attack during the build and alter the build artifacts that were produced. In case that any of these artifacts were compromised, any developers using these could be altered. Note: In order to validate that this artifact was not compromised, the maintainer would need to confirm that none of the artifacts published to the registry were not altered with. Until this happens, we can not guarantee that this artifact was not compromised even though the probability that this happened is low.
{
"affected": [
{
"package": {
"ecosystem": "Maven",
"name": "com.diffplug.spotless:spotless-eclipse-wtp"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "3.9.6"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "Maven",
"name": "com.diffplug.spotless:spotless-eclipse-cdt"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "9.4.4"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "Maven",
"name": "com.diffplug.spotless:spotless-eclipse-groovy"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "3.0.1"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"aliases": [
"CVE-2019-10753"
],
"database_specific": {
"cwe_ids": [
"CWE-669"
],
"github_reviewed": true,
"github_reviewed_at": "2019-09-11T22:56:33Z",
"nvd_published_at": "2019-09-05T20:15:00Z",
"severity": "MODERATE"
},
"details": "In all versions prior to version 3.9.6 for eclipse-wtp, all versions prior to version 9.4.4 for eclipse-cdt, and all versions prior to version 3.0.1 for eclipse-groovy, Spotless was resolving dependencies over an insecure channel (http). If the build occurred over an insecure connection, a malicious user could have perform a Man-in-the-Middle attack during the build and alter the build artifacts that were produced. In case that any of these artifacts were compromised, any developers using these could be altered. **Note:** In order to validate that this artifact was not compromised, the maintainer would need to confirm that none of the artifacts published to the registry were not altered with. Until this happens, we can not guarantee that this artifact was not compromised even though the probability that this happened is low.",
"id": "GHSA-gvxv-5fp2-358q",
"modified": "2022-11-17T18:24:26Z",
"published": "2019-09-11T23:08:57Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2019-10753"
},
{
"type": "WEB",
"url": "https://github.com/diffplug/spotless/issues/360"
},
{
"type": "PACKAGE",
"url": "https://github.com/diffplug/spotless"
},
{
"type": "WEB",
"url": "https://snyk.io/vuln/SNYK-JAVA-COMDIFFPLUGSPOTLESS-460377"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N",
"type": "CVSS_V3"
}
],
"summary": "Incorrect Resource Transfer Between Spheres in eclipse-wtp"
}
No mitigation information available for this CWE.
No CAPEC attack patterns related to this CWE.