CWE-669
Allowed-with-ReviewIncorrect Resource Transfer Between Spheres
Abstraction: Class · Status: Draft
The product does not properly transfer a resource/behavior to another sphere, or improperly imports a resource/behavior from another sphere, in a manner that provides unintended control over that resource.
144 vulnerabilities reference this CWE, most recent first.
GHSA-7H4F-H4V7-62J6
Vulnerability from github – Published: 2022-05-13 01:37 – Updated: 2022-05-13 01:37A Client-Side Enforcement of Server-Side Security issue was discovered in ProMinent MultiFLEX M10a Controller web interface. The log out function in the application removes the user's session only on the client side. This may allow an attacker to bypass protection mechanisms, gain privileges, or assume the identity of an authenticated user.
{
"affected": [],
"aliases": [
"CVE-2017-14013"
],
"database_specific": {
"cwe_ids": [
"CWE-602",
"CWE-669"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2017-10-17T22:29:00Z",
"severity": "MODERATE"
},
"details": "A Client-Side Enforcement of Server-Side Security issue was discovered in ProMinent MultiFLEX M10a Controller web interface. The log out function in the application removes the user\u0027s session only on the client side. This may allow an attacker to bypass protection mechanisms, gain privileges, or assume the identity of an authenticated user.",
"id": "GHSA-7h4f-h4v7-62j6",
"modified": "2022-05-13T01:37:39Z",
"published": "2022-05-13T01:37:39Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-14013"
},
{
"type": "WEB",
"url": "https://ics-cert.us-cert.gov/advisories/ICSA-17-285-01"
},
{
"type": "WEB",
"url": "http://www.securityfocus.com/bid/101259"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L",
"type": "CVSS_V3"
}
]
}
GHSA-7R4W-V667-C6CR
Vulnerability from github – Published: 2024-07-30 09:32 – Updated: 2024-08-02 15:31In the Linux kernel, the following vulnerability has been resolved:
s390/pkey: Use kfree_sensitive() to fix Coccinelle warnings
Replace memzero_explicit() and kfree() with kfree_sensitive() to fix warnings reported by Coccinelle:
WARNING opportunity for kfree_sensitive/kvfree_sensitive (line 1506) WARNING opportunity for kfree_sensitive/kvfree_sensitive (line 1643) WARNING opportunity for kfree_sensitive/kvfree_sensitive (line 1770)
{
"affected": [],
"aliases": [
"CVE-2024-42158"
],
"database_specific": {
"cwe_ids": [
"CWE-669"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2024-07-30T08:15:07Z",
"severity": "MODERATE"
},
"details": "In the Linux kernel, the following vulnerability has been resolved:\n\ns390/pkey: Use kfree_sensitive() to fix Coccinelle warnings\n\nReplace memzero_explicit() and kfree() with kfree_sensitive() to fix\nwarnings reported by Coccinelle:\n\nWARNING opportunity for kfree_sensitive/kvfree_sensitive (line 1506)\nWARNING opportunity for kfree_sensitive/kvfree_sensitive (line 1643)\nWARNING opportunity for kfree_sensitive/kvfree_sensitive (line 1770)",
"id": "GHSA-7r4w-v667-c6cr",
"modified": "2024-08-02T15:31:17Z",
"published": "2024-07-30T09:32:03Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-42158"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/22e6824622e8a8889df0f8fc4ed5aea0e702a694"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/62151a0acde90823bdfa991d598c85cf4b1d387d"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:N/A:N",
"type": "CVSS_V3"
}
]
}
GHSA-7WP3-3RR7-485G
Vulnerability from github – Published: 2025-08-21 15:30 – Updated: 2026-01-02 18:30Plex Media Server (PMS) versions 1.41.7.x through 1.42.0.x are affected by an unspecified security vulnerability reported via Plex’s bug bounty program. While technical details have not been publicly disclosed, the issue was acknowledged by the vendor and resolved in version 1.42.1. The vulnerability may have posed a risk to system integrity, confidentiality, or availability, prompting a strong recommendation for all users to upgrade immediately.
{
"affected": [],
"aliases": [
"CVE-2025-34158"
],
"database_specific": {
"cwe_ids": [
"CWE-20",
"CWE-669"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2025-08-21T14:15:39Z",
"severity": "CRITICAL"
},
"details": "Plex Media Server (PMS) versions 1.41.7.x through 1.42.0.x are affected by an unspecified security vulnerability reported via Plex\u2019s bug bounty program. While technical details have not been publicly disclosed, the issue was acknowledged by the vendor and resolved in version 1.42.1. The vulnerability may have posed a risk to system integrity, confidentiality, or availability, prompting a strong recommendation for all users to upgrade immediately.",
"id": "GHSA-7wp3-3rr7-485g",
"modified": "2026-01-02T18:30:19Z",
"published": "2025-08-21T15:30:35Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-34158"
},
{
"type": "WEB",
"url": "https://forums.plex.tv/t/plex-media-server-security-update/928341"
},
{
"type": "WEB",
"url": "https://github.com/lufinkey/vulnerability-research/blob/main/CVE-2025-34158/README.md"
},
{
"type": "WEB",
"url": "https://github.com/lufinkey/vulnerability-research/tree/main/CVE-2025-34158"
},
{
"type": "WEB",
"url": "https://www.bleepingcomputer.com/news/security/plex-warns-users-to-patch-security-vulnerability-immediately"
},
{
"type": "WEB",
"url": "https://www.plex.tv/media-server-downloads"
},
{
"type": "WEB",
"url": "https://www.runzero.com/blog/plex"
},
{
"type": "WEB",
"url": "https://www.tenable.com/plugins/nessus/250294"
},
{
"type": "WEB",
"url": "https://www.vulncheck.com/advisories/plex-media-server-unspecified"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N",
"type": "CVSS_V3"
},
{
"score": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
"type": "CVSS_V4"
}
]
}
GHSA-7XCV-HWP5-79FX
Vulnerability from github – Published: 2022-12-13 12:30 – Updated: 2024-04-04 03:13PHP Remote File Inclusion in GitHub repository tsolucio/corebos prior to 8.0.
{
"affected": [],
"aliases": [
"CVE-2022-4446"
],
"database_specific": {
"cwe_ids": [
"CWE-669",
"CWE-98"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2022-12-13T12:15:00Z",
"severity": "CRITICAL"
},
"details": "PHP Remote File Inclusion in GitHub repository tsolucio/corebos prior to 8.0.",
"id": "GHSA-7xcv-hwp5-79fx",
"modified": "2024-04-04T03:13:27Z",
"published": "2022-12-13T12:30:22Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-4446"
},
{
"type": "WEB",
"url": "https://github.com/tsolucio/corebos/commit/8035e725ecb397348bd50545e90975b699e4f9f2"
},
{
"type": "WEB",
"url": "https://huntr.dev/bounties/718f1be6-3834-4ef2-8134-907a52009894"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-83WH-H8H8-HXQ9
Vulnerability from github – Published: 2022-04-23 00:40 – Updated: 2024-04-03 23:49FreeBSD NSD before 3.2.13 allows remote attackers to crash a NSD child server process (SIGSEGV) and cause a denial of service in the NSD server.
{
"affected": [],
"aliases": [
"CVE-2012-2979"
],
"database_specific": {
"cwe_ids": [
"CWE-669"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2019-11-01T15:15:00Z",
"severity": "HIGH"
},
"details": "FreeBSD NSD before 3.2.13 allows remote attackers to crash a NSD child server process (SIGSEGV) and cause a denial of service in the NSD server.",
"id": "GHSA-83wh-h8h8-hxq9",
"modified": "2024-04-03T23:49:26Z",
"published": "2022-04-23T00:40:09Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2012-2979"
},
{
"type": "WEB",
"url": "https://security-tracker.debian.org/tracker/CVE-2012-2979"
},
{
"type": "WEB",
"url": "https://vuxml.freebsd.org/freebsd/17f369dc-d7e7-11e1-90a2-000c299b62e1.html"
},
{
"type": "WEB",
"url": "https://www.tenable.com/plugins/nessus/60150"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-862P-MJJ9-4WCQ
Vulnerability from github – Published: 2022-01-15 00:01 – Updated: 2022-01-15 00:01A vulnerability in the web-based management interface of Cisco Unified Contact Center Management Portal (Unified CCMP) and Cisco Unified Contact Center Domain Manager (Unified CCDM) could allow an authenticated, remote attacker to elevate their privileges to Administrator. This vulnerability is due to the lack of server-side validation of user permissions. An attacker could exploit this vulnerability by submitting a crafted HTTP request to a vulnerable system. A successful exploit could allow the attacker to create Administrator accounts. With these accounts, the attacker could access and modify telephony and user resources across all the Unified platforms that are associated to the vulnerable Cisco Unified CCMP. To successfully exploit this vulnerability, an attacker would need valid Advanced User credentials.
{
"affected": [],
"aliases": [
"CVE-2022-20658"
],
"database_specific": {
"cwe_ids": [
"CWE-669"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2022-01-14T05:15:00Z",
"severity": "CRITICAL"
},
"details": "A vulnerability in the web-based management interface of Cisco Unified Contact Center Management Portal (Unified CCMP) and Cisco Unified Contact Center Domain Manager (Unified CCDM) could allow an authenticated, remote attacker to elevate their privileges to Administrator. This vulnerability is due to the lack of server-side validation of user permissions. An attacker could exploit this vulnerability by submitting a crafted HTTP request to a vulnerable system. A successful exploit could allow the attacker to create Administrator accounts. With these accounts, the attacker could access and modify telephony and user resources across all the Unified platforms that are associated to the vulnerable Cisco Unified CCMP. To successfully exploit this vulnerability, an attacker would need valid Advanced User credentials.",
"id": "GHSA-862p-mjj9-4wcq",
"modified": "2022-01-15T00:01:53Z",
"published": "2022-01-15T00:01:53Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-20658"
},
{
"type": "WEB",
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ccmp-priv-esc-JzhTFLm4"
}
],
"schema_version": "1.4.0",
"severity": []
}
GHSA-8X4Q-773G-Q756
Vulnerability from github – Published: 2025-10-10 09:30 – Updated: 2025-10-10 09:30In SonarQube before 25.6, 2025.3 Commercial, and 2025.1.3 LTA, authenticated low-privileged users can query the /api/v2/users-management/users endpoint and obtain user fields intended for administrators only, including the email addresses of other accounts.
{
"affected": [],
"aliases": [
"CVE-2025-62292"
],
"database_specific": {
"cwe_ids": [
"CWE-669"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2025-10-10T07:15:43Z",
"severity": "MODERATE"
},
"details": "In SonarQube before 25.6, 2025.3 Commercial, and 2025.1.3 LTA, authenticated low-privileged users can query the /api/v2/users-management/users endpoint and obtain user fields intended for administrators only, including the email addresses of other accounts.",
"id": "GHSA-8x4q-773g-q756",
"modified": "2025-10-10T09:30:49Z",
"published": "2025-10-10T09:30:49Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-62292"
},
{
"type": "WEB",
"url": "https://sonarsource.atlassian.net/browse/SONAR-24830"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
"type": "CVSS_V3"
}
]
}
GHSA-994H-6RHW-F376
Vulnerability from github – Published: 2022-05-24 19:06 – Updated: 2022-05-24 19:06Firefox used to cache the last filename used for printing a file. When generating a filename for printing, Firefox usually suggests the web page title. The caching and suggestion techniques combined may have lead to the title of a website visited during private browsing mode being stored on disk. This vulnerability affects Firefox < 89.
{
"affected": [],
"aliases": [
"CVE-2021-29960"
],
"database_specific": {
"cwe_ids": [
"CWE-669"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2021-06-24T14:15:00Z",
"severity": "MODERATE"
},
"details": "Firefox used to cache the last filename used for printing a file. When generating a filename for printing, Firefox usually suggests the web page title. The caching and suggestion techniques combined may have lead to the title of a website visited during private browsing mode being stored on disk. This vulnerability affects Firefox \u003c 89.",
"id": "GHSA-994h-6rhw-f376",
"modified": "2022-05-24T19:06:08Z",
"published": "2022-05-24T19:06:08Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-29960"
},
{
"type": "WEB",
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1675965"
},
{
"type": "WEB",
"url": "https://security.gentoo.org/glsa/202107-09"
},
{
"type": "WEB",
"url": "https://www.mozilla.org/security/advisories/mfsa2021-23"
}
],
"schema_version": "1.4.0",
"severity": []
}
GHSA-9J3M-G383-29QR
Vulnerability from github – Published: 2022-08-14 00:25 – Updated: 2022-08-14 00:25Impact
Contracts using the cross chain utilies for Arbitrum L2, CrossChainEnabledArbitrumL2 or LibArbitrumL2, will classify direct interactions of externally owned accounts (EOAs) as cross chain calls, even though they are not started on L1. This is assessed as low severity because any action taken by an EOA on the contract could also be taken by the EOA through the bridge if the issue was not present.
Patches
This issue has been patched in v4.7.2.
References
https://github.com/OpenZeppelin/openzeppelin-contracts/pull/3578
For more information
If you have any questions or comments about this advisory, or need assistance deploying a fix, email us at security@openzeppelin.com.
{
"affected": [
{
"package": {
"ecosystem": "npm",
"name": "@openzeppelin/contracts"
},
"ranges": [
{
"events": [
{
"introduced": "4.6.0"
},
{
"fixed": "4.7.2"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "npm",
"name": "@openzeppelin/contracts-upgradeable"
},
"ranges": [
{
"events": [
{
"introduced": "4.6.0"
},
{
"fixed": "4.7.2"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"aliases": [
"CVE-2022-35916"
],
"database_specific": {
"cwe_ids": [
"CWE-669"
],
"github_reviewed": true,
"github_reviewed_at": "2022-08-14T00:25:11Z",
"nvd_published_at": "2022-08-01T21:15:00Z",
"severity": "MODERATE"
},
"details": "### Impact\n\nContracts using the cross chain utilies for Arbitrum L2, `CrossChainEnabledArbitrumL2` or `LibArbitrumL2`, will classify direct interactions of externally owned accounts (EOAs) as cross chain calls, even though they are not started on L1. This is assessed as low severity because any action taken by an EOA on the contract could also be taken by the EOA through the bridge if the issue was not present.\n\n### Patches\n\nThis issue has been patched in v4.7.2.\n\n### References\n\nhttps://github.com/OpenZeppelin/openzeppelin-contracts/pull/3578\n\n### For more information\n\nIf you have any questions or comments about this advisory, or need assistance deploying a fix, email us at [security@openzeppelin.com](mailto:security@openzeppelin.com).",
"id": "GHSA-9j3m-g383-29qr",
"modified": "2022-08-14T00:25:11Z",
"published": "2022-08-14T00:25:11Z",
"references": [
{
"type": "WEB",
"url": "https://github.com/OpenZeppelin/openzeppelin-contracts/security/advisories/GHSA-9j3m-g383-29qr"
},
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-35916"
},
{
"type": "WEB",
"url": "https://github.com/OpenZeppelin/openzeppelin-contracts/pull/3578"
},
{
"type": "PACKAGE",
"url": "https://github.com/OpenZeppelin/openzeppelin-contracts"
},
{
"type": "WEB",
"url": "https://github.com/OpenZeppelin/openzeppelin-contracts/releases/tag/v4.7.2"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
"type": "CVSS_V3"
}
],
"summary": "OpenZeppelin Contracts\u0027s Cross chain utilities for Arbitrum L2 see EOA calls as cross chain calls"
}
GHSA-9VWP-H229-H4CM
Vulnerability from github – Published: 2026-05-26 13:30 – Updated: 2026-05-26 13:30Roundcube Webmail 1.6.x before 1.6.16, and 1.7.x before 1.7.1 allows pre-authentication arbitrary file deletion via redis/memcache session poisoning bypass.
{
"affected": [],
"aliases": [
"CVE-2026-48847"
],
"database_specific": {
"cwe_ids": [
"CWE-669"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2026-05-25T20:16:37Z",
"severity": "LOW"
},
"details": "Roundcube Webmail 1.6.x before 1.6.16, and 1.7.x before 1.7.1 allows pre-authentication arbitrary file deletion via redis/memcache session poisoning bypass.",
"id": "GHSA-9vwp-h229-h4cm",
"modified": "2026-05-26T13:30:49Z",
"published": "2026-05-26T13:30:49Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-48847"
},
{
"type": "WEB",
"url": "https://github.com/roundcube/roundcubemail/commit/703318e6a59515b73b0d8aa2a91e346b02f56baa"
},
{
"type": "WEB",
"url": "https://github.com/roundcube/roundcubemail/commit/a4eb375b98cc3d055de665c34efc729dd8ef272a"
},
{
"type": "WEB",
"url": "https://github.com/roundcube/roundcubemail/releases/tag/1.6.16"
},
{
"type": "WEB",
"url": "https://github.com/roundcube/roundcubemail/releases/tag/1.7.1"
},
{
"type": "WEB",
"url": "https://roundcube.net/news/2026/05/24/security-updates-1.6.16-and-1.7.1"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L",
"type": "CVSS_V3"
}
]
}
No mitigation information available for this CWE.
No CAPEC attack patterns related to this CWE.