CWE-669
Allowed-with-ReviewIncorrect Resource Transfer Between Spheres
Abstraction: Class · Status: Draft
The product does not properly transfer a resource/behavior to another sphere, or improperly imports a resource/behavior from another sphere, in a manner that provides unintended control over that resource.
144 vulnerabilities reference this CWE, most recent first.
GHSA-XFP8-8C2H-HG4Q
Vulnerability from github – Published: 2023-06-07 21:30 – Updated: 2024-04-04 04:39An issue was discovered in the Shannon RCS component in Samsung Exynos Modem 5123 and 5300. Incorrect resource transfer between spheres can cause unintended querying of the SIM status via a crafted application.
{
"affected": [],
"aliases": [
"CVE-2023-31114"
],
"database_specific": {
"cwe_ids": [
"CWE-669"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2023-06-07T21:15:13Z",
"severity": "CRITICAL"
},
"details": "An issue was discovered in the Shannon RCS component in Samsung Exynos Modem 5123 and 5300. Incorrect resource transfer between spheres can cause unintended querying of the SIM status via a crafted application.",
"id": "GHSA-xfp8-8c2h-hg4q",
"modified": "2024-04-04T04:39:54Z",
"published": "2023-06-07T21:30:18Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-31114"
},
{
"type": "WEB",
"url": "https://semiconductor.samsung.com/support/quality-support/product-security-updates"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N",
"type": "CVSS_V3"
}
]
}
GHSA-XPQH-GRPW-4XMG
Vulnerability from github – Published: 2026-04-03 06:31 – Updated: 2026-04-04 06:57An issue was discovered in Roundcube Webmail before 1.5.14 and 1.6.14. Insufficient Cascading Style Sheets (CSS) sanitization in HTML e-mail messages may lead to a fixed-position mitigation bypass via the use of !important.
{
"affected": [
{
"package": {
"ecosystem": "Packagist",
"name": "roundcube/roundcubemail"
},
"ranges": [
{
"events": [
{
"introduced": "1.7-beta"
},
{
"fixed": "1.7-rc5"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"aliases": [
"CVE-2026-35544"
],
"database_specific": {
"cwe_ids": [
"CWE-669"
],
"github_reviewed": true,
"github_reviewed_at": "2026-04-04T06:57:38Z",
"nvd_published_at": "2026-04-03T05:16:22Z",
"severity": "MODERATE"
},
"details": "An issue was discovered in Roundcube Webmail before 1.5.14 and 1.6.14. Insufficient Cascading Style Sheets (CSS) sanitization in HTML e-mail messages may lead to a fixed-position mitigation bypass via the use of !important.",
"id": "GHSA-xpqh-grpw-4xmg",
"modified": "2026-04-04T06:57:38Z",
"published": "2026-04-03T06:31:32Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-35544"
},
{
"type": "WEB",
"url": "https://github.com/roundcube/roundcubemail/commit/099009b9c8e1d3c636fb9a5af72f7c2596018662"
},
{
"type": "WEB",
"url": "https://github.com/roundcube/roundcubemail/commit/226811a1c974271dbedca72672923abaff8191c0"
},
{
"type": "WEB",
"url": "https://github.com/roundcube/roundcubemail/commit/57dec0c127b98e0c8e3b9c26c80049b9c4bcaea7"
},
{
"type": "PACKAGE",
"url": "https://github.com/roundcube/roundcubemail"
},
{
"type": "WEB",
"url": "https://github.com/roundcube/roundcubemail/releases/tag/1.5.14"
},
{
"type": "WEB",
"url": "https://github.com/roundcube/roundcubemail/releases/tag/1.6.14"
},
{
"type": "WEB",
"url": "https://github.com/roundcube/roundcubemail/releases/tag/1.7-rc5"
},
{
"type": "WEB",
"url": "https://roundcube.net/news/2026/03/18/security-updates-1.7-rc5-1.6.14-1.5.14"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
"type": "CVSS_V3"
}
],
"summary": "Roundcube Webmail: Insufficient CSS sanitization in HTML e-mail messages"
}
GHSA-XWHF-R489-W73V
Vulnerability from github – Published: 2023-04-13 18:30 – Updated: 2024-04-04 03:27An issue was discovered in TigerGraph Enterprise Free Edition 3.x. Data loading jobs in gsql_server, created by any user with designer permissions, can read sensitive data from arbitrary locations.
{
"affected": [],
"aliases": [
"CVE-2023-22950"
],
"database_specific": {
"cwe_ids": [
"CWE-669"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2023-04-13T18:15:00Z",
"severity": "MODERATE"
},
"details": "An issue was discovered in TigerGraph Enterprise Free Edition 3.x. Data loading jobs in gsql_server, created by any user with designer permissions, can read sensitive data from arbitrary locations.",
"id": "GHSA-xwhf-r489-w73v",
"modified": "2024-04-04T03:27:07Z",
"published": "2023-04-13T18:30:29Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-22950"
},
{
"type": "WEB",
"url": "https://dev.tigergraph.com/forum/c/tg-community/announcements/35"
},
{
"type": "WEB",
"url": "https://neo4j.com/security/cve-2023-22950"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"type": "CVSS_V3"
}
]
}
GHSA-XX87-33V7-6X23
Vulnerability from github – Published: 2026-05-26 13:30 – Updated: 2026-05-26 13:30In Roundcube Webmail 1.6.x before 1.6.16 and 1.7.x before 1.7.1, the remote image blocking feature can be bypassed via a crafted CSS var() value in an e-mail message, which may lead to information disclosure or access-control bypass.
{
"affected": [],
"aliases": [
"CVE-2026-48846"
],
"database_specific": {
"cwe_ids": [
"CWE-669"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2026-05-25T20:16:37Z",
"severity": "MODERATE"
},
"details": "In Roundcube Webmail 1.6.x before 1.6.16 and 1.7.x before 1.7.1, the remote image blocking feature can be bypassed via a crafted CSS var() value in an e-mail message, which may lead to information disclosure or access-control bypass.",
"id": "GHSA-xx87-33v7-6x23",
"modified": "2026-05-26T13:30:49Z",
"published": "2026-05-26T13:30:49Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-48846"
},
{
"type": "WEB",
"url": "https://github.com/roundcube/roundcubemail/commit/59cca80908a61e662c5f81741449e9aeb91e8abe"
},
{
"type": "WEB",
"url": "https://github.com/roundcube/roundcubemail/commit/852350486b88b35b8544e8a630fad89e99e2150a"
},
{
"type": "WEB",
"url": "https://github.com/roundcube/roundcubemail/releases/tag/1.6.16"
},
{
"type": "WEB",
"url": "https://github.com/roundcube/roundcubemail/releases/tag/1.7.1"
},
{
"type": "WEB",
"url": "https://roundcube.net/news/2026/05/24/security-updates-1.6.16-and-1.7.1"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N",
"type": "CVSS_V3"
}
]
}
No mitigation information available for this CWE.
No CAPEC attack patterns related to this CWE.