Vulnerabilities > Externally Controlled Reference to a Resource in Another Sphere
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-10-29 | CVE-2024-5823 | Externally Controlled Reference to a Resource in Another Sphere vulnerability in Gaizhenbiao Chuanhuchatgpt A file overwrite vulnerability exists in gaizhenbiao/chuanhuchatgpt versions <= 20240410. | 9.1 |
| 2024-09-12 | CVE-2024-45826 | Externally Controlled Reference to a Resource in Another Sphere vulnerability in Rockwellautomation Thinmanager 13.1.0/13.2.0 CVE-2024-45826 IMPACT Due to improper input validation, a path traversal and remote code execution vulnerability exists when the ThinManager® processes a crafted POST request. | 8.8 |
| 2024-08-27 | CVE-2024-8207 | Externally Controlled Reference to a Resource in Another Sphere vulnerability in Mongodb In certain highly specific configurations of the host system and MongoDB server binary installation on Linux Operating Systems, it may be possible for a unintended actor with host-level access to cause the MongoDB Server binary to load unintended actor-controlled shared libraries when the server binary is started, potentially resulting in the unintended actor gaining full control over the MongoDB server process. | 6.7 |
| 2024-08-18 | CVE-2024-7911 | Externally Controlled Reference to a Resource in Another Sphere vulnerability in Oretnom23 Simple Online Bidding System 1.0 A vulnerability was found in SourceCodester Simple Online Bidding System 1.0. | 9.8 |
| 2024-08-06 | CVE-2024-28962 | Externally Controlled Reference to a Resource in Another Sphere vulnerability in Dell Alienware Update, Command Update and Update Dell Command | Update, Dell Update, and Alienware Update UWP, versions prior to 5.4, contain an Exposed Dangerous Method or Function vulnerability. | 7.5 |
| 2024-07-09 | CVE-2024-38049 | Externally Controlled Reference to a Resource in Another Sphere vulnerability in Microsoft products Windows Distributed Transaction Coordinator Remote Code Execution Vulnerability | 8.1 |
| 2024-02-08 | CVE-2024-1329 | Externally Controlled Reference to a Resource in Another Sphere vulnerability in Hashicorp Nomad 1.5.13/1.6.6/1.7.3. HashiCorp Nomad and Nomad Enterprise 1.5.13 up to 1.6.6, and 1.7.3 template renderer is vulnerable to arbitrary file write on the host as the Nomad client user through symlink attacks. | 7.5 |
| 2024-02-02 | CVE-2024-24760 | Externally Controlled Reference to a Resource in Another Sphere vulnerability in Mailcow Mailcow: Dockerized mailcow is a dockerized email package, with multiple containers linked in one bridged network. | 7.3 |
| 2024-01-22 | CVE-2020-36772 | Externally Controlled Reference to a Resource in Another Sphere vulnerability in Cloudlinux Cagefs CloudLinux CageFS 7.0.8-2 or below insufficiently restricts file paths supplied to the sendmail proxy command. | 4.4 |
| 2024-01-19 | CVE-2024-0728 | Externally Controlled Reference to a Resource in Another Sphere vulnerability in Foru CMS Project Foru CMS 20200623 A vulnerability classified as problematic was found in ForU CMS up to 2020-06-23. | 9.8 |