Vulnerabilities > Externally Controlled Reference to a Resource in Another Sphere
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-01-10 | CVE-2023-49862 | Externally Controlled Reference to a Resource in Another Sphere vulnerability in Wwbn Avideo An information disclosure vulnerability exists in the aVideoEncoderReceiveImage.json.php image upload functionality of WWBN AVideo dev master commit 15fed957fb. | 6.5 |
| 2024-01-10 | CVE-2023-49863 | Externally Controlled Reference to a Resource in Another Sphere vulnerability in Wwbn Avideo An information disclosure vulnerability exists in the aVideoEncoderReceiveImage.json.php image upload functionality of WWBN AVideo dev master commit 15fed957fb. | 6.5 |
| 2024-01-10 | CVE-2023-49864 | Externally Controlled Reference to a Resource in Another Sphere vulnerability in Wwbn Avideo Devmastercommit15Fed957Fb An information disclosure vulnerability exists in the aVideoEncoderReceiveImage.json.php image upload functionality of WWBN AVideo dev master commit 15fed957fb. | 6.5 |
| 2023-12-14 | CVE-2023-6569 | Externally Controlled Reference to a Resource in Another Sphere vulnerability in H2O 3.40.0.4 External Control of File Name or Path in h2oai/h2o-3 | 8.2 |
| 2023-12-08 | CVE-2023-6618 | Externally Controlled Reference to a Resource in Another Sphere vulnerability in Oretnom23 Simple Student Attendance System 1.0 A vulnerability was found in SourceCodester Simple Student Attendance System 1.0. | 8.8 |
| 2023-11-30 | CVE-2023-5247 | Externally Controlled Reference to a Resource in Another Sphere vulnerability in Mitsubishielectric products Malicious Code Execution Vulnerability due to External Control of File Name or Path in multiple Mitsubishi Electric FA Engineering Software Products allows a malicious attacker to execute a malicious code by having legitimate users open a specially crafted project file, which could result in information disclosure, tampering and deletion, or a denial-of-service (DoS) condition. | 7.8 |
| 2023-11-27 | CVE-2023-35985 | Externally Controlled Reference to a Resource in Another Sphere vulnerability in Foxitsoftware Foxit Reader 12.1.3.15356 An arbitrary file creation vulnerability exists in the Javascript exportDataObject API of Foxit Reader 12.1.3.15356 due to a failure to properly validate a dangerous extension. | 8.8 |
| 2023-11-27 | CVE-2023-39542 | Externally Controlled Reference to a Resource in Another Sphere vulnerability in Foxitsoftware Foxit Reader 12.1.3.15356 A code execution vulnerability exists in the Javascript saveAs API of Foxit Reader 12.1.3.15356. | 8.8 |
| 2023-11-27 | CVE-2023-40194 | Externally Controlled Reference to a Resource in Another Sphere vulnerability in Foxitsoftware Foxit Reader 12.1.3.15356 An arbitrary file creation vulnerability exists in the Javascript exportDataObject API of Foxit Reader 12.1.3.15356 due to mistreatment of whitespace characters. | 8.8 |
| 2023-11-15 | CVE-2023-34982 | Externally Controlled Reference to a Resource in Another Sphere vulnerability in Aveva products This external control vulnerability, if exploited, could allow a local OS-authenticated user with standard privileges to delete files with System privilege on the machine where these products are installed, resulting in denial of service. | 7.1 |