Common Weakness Enumeration

CWE-669

Allowed-with-Review

Incorrect Resource Transfer Between Spheres

Abstraction: Class · Status: Draft

The product does not properly transfer a resource/behavior to another sphere, or improperly imports a resource/behavior from another sphere, in a manner that provides unintended control over that resource.

144 vulnerabilities reference this CWE, most recent first.

GHSA-XFP8-8C2H-HG4Q

Vulnerability from github – Published: 2023-06-07 21:30 – Updated: 2024-04-04 04:39
VLAI
Details

An issue was discovered in the Shannon RCS component in Samsung Exynos Modem 5123 and 5300. Incorrect resource transfer between spheres can cause unintended querying of the SIM status via a crafted application.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2023-31114"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-669"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2023-06-07T21:15:13Z",
    "severity": "CRITICAL"
  },
  "details": "An issue was discovered in the Shannon RCS component in Samsung Exynos Modem 5123 and 5300. Incorrect resource transfer between spheres can cause unintended querying of the SIM status via a crafted application.",
  "id": "GHSA-xfp8-8c2h-hg4q",
  "modified": "2024-04-04T04:39:54Z",
  "published": "2023-06-07T21:30:18Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-31114"
    },
    {
      "type": "WEB",
      "url": "https://semiconductor.samsung.com/support/quality-support/product-security-updates"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-XPQH-GRPW-4XMG

Vulnerability from github – Published: 2026-04-03 06:31 – Updated: 2026-04-04 06:57
VLAI
Summary
Roundcube Webmail: Insufficient CSS sanitization in HTML e-mail messages
Details

An issue was discovered in Roundcube Webmail before 1.5.14 and 1.6.14. Insufficient Cascading Style Sheets (CSS) sanitization in HTML e-mail messages may lead to a fixed-position mitigation bypass via the use of !important.

Show details on source website

{
  "affected": [
    {
      "package": {
        "ecosystem": "Packagist",
        "name": "roundcube/roundcubemail"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "1.7-beta"
            },
            {
              "fixed": "1.7-rc5"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    }
  ],
  "aliases": [
    "CVE-2026-35544"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-669"
    ],
    "github_reviewed": true,
    "github_reviewed_at": "2026-04-04T06:57:38Z",
    "nvd_published_at": "2026-04-03T05:16:22Z",
    "severity": "MODERATE"
  },
  "details": "An issue was discovered in Roundcube Webmail before 1.5.14 and 1.6.14. Insufficient Cascading Style Sheets (CSS) sanitization in HTML e-mail messages may lead to a fixed-position mitigation bypass via the use of !important.",
  "id": "GHSA-xpqh-grpw-4xmg",
  "modified": "2026-04-04T06:57:38Z",
  "published": "2026-04-03T06:31:32Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-35544"
    },
    {
      "type": "WEB",
      "url": "https://github.com/roundcube/roundcubemail/commit/099009b9c8e1d3c636fb9a5af72f7c2596018662"
    },
    {
      "type": "WEB",
      "url": "https://github.com/roundcube/roundcubemail/commit/226811a1c974271dbedca72672923abaff8191c0"
    },
    {
      "type": "WEB",
      "url": "https://github.com/roundcube/roundcubemail/commit/57dec0c127b98e0c8e3b9c26c80049b9c4bcaea7"
    },
    {
      "type": "PACKAGE",
      "url": "https://github.com/roundcube/roundcubemail"
    },
    {
      "type": "WEB",
      "url": "https://github.com/roundcube/roundcubemail/releases/tag/1.5.14"
    },
    {
      "type": "WEB",
      "url": "https://github.com/roundcube/roundcubemail/releases/tag/1.6.14"
    },
    {
      "type": "WEB",
      "url": "https://github.com/roundcube/roundcubemail/releases/tag/1.7-rc5"
    },
    {
      "type": "WEB",
      "url": "https://roundcube.net/news/2026/03/18/security-updates-1.7-rc5-1.6.14-1.5.14"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
      "type": "CVSS_V3"
    }
  ],
  "summary": "Roundcube Webmail: Insufficient CSS sanitization in HTML e-mail messages"
}

GHSA-XWHF-R489-W73V

Vulnerability from github – Published: 2023-04-13 18:30 – Updated: 2024-04-04 03:27
VLAI
Details

An issue was discovered in TigerGraph Enterprise Free Edition 3.x. Data loading jobs in gsql_server, created by any user with designer permissions, can read sensitive data from arbitrary locations.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2023-22950"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-669"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2023-04-13T18:15:00Z",
    "severity": "MODERATE"
  },
  "details": "An issue was discovered in TigerGraph Enterprise Free Edition 3.x. Data loading jobs in gsql_server, created by any user with designer permissions, can read sensitive data from arbitrary locations.",
  "id": "GHSA-xwhf-r489-w73v",
  "modified": "2024-04-04T03:27:07Z",
  "published": "2023-04-13T18:30:29Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-22950"
    },
    {
      "type": "WEB",
      "url": "https://dev.tigergraph.com/forum/c/tg-community/announcements/35"
    },
    {
      "type": "WEB",
      "url": "https://neo4j.com/security/cve-2023-22950"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-XX87-33V7-6X23

Vulnerability from github – Published: 2026-05-26 13:30 – Updated: 2026-05-26 13:30
VLAI
Details

In Roundcube Webmail 1.6.x before 1.6.16 and 1.7.x before 1.7.1, the remote image blocking feature can be bypassed via a crafted CSS var() value in an e-mail message, which may lead to information disclosure or access-control bypass.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2026-48846"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-669"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2026-05-25T20:16:37Z",
    "severity": "MODERATE"
  },
  "details": "In Roundcube Webmail 1.6.x before 1.6.16 and 1.7.x before 1.7.1, the remote image blocking feature can be bypassed via a crafted CSS var() value in an e-mail message, which may lead to information disclosure or access-control bypass.",
  "id": "GHSA-xx87-33v7-6x23",
  "modified": "2026-05-26T13:30:49Z",
  "published": "2026-05-26T13:30:49Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-48846"
    },
    {
      "type": "WEB",
      "url": "https://github.com/roundcube/roundcubemail/commit/59cca80908a61e662c5f81741449e9aeb91e8abe"
    },
    {
      "type": "WEB",
      "url": "https://github.com/roundcube/roundcubemail/commit/852350486b88b35b8544e8a630fad89e99e2150a"
    },
    {
      "type": "WEB",
      "url": "https://github.com/roundcube/roundcubemail/releases/tag/1.6.16"
    },
    {
      "type": "WEB",
      "url": "https://github.com/roundcube/roundcubemail/releases/tag/1.7.1"
    },
    {
      "type": "WEB",
      "url": "https://roundcube.net/news/2026/05/24/security-updates-1.6.16-and-1.7.1"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N",
      "type": "CVSS_V3"
    }
  ]
}

No mitigation information available for this CWE.

No CAPEC attack patterns related to this CWE.