Vulnerabilities > Externally Controlled Reference to a Resource in Another Sphere
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-11-15 | CVE-2023-34982 | Externally Controlled Reference to a Resource in Another Sphere vulnerability in Aveva products This external control vulnerability, if exploited, could allow a local OS-authenticated user with standard privileges to delete files with System privilege on the machine where these products are installed, resulting in denial of service. | 7.1 |
| 2023-10-27 | CVE-2023-40139 | Externally Controlled Reference to a Resource in Another Sphere vulnerability in Google Android In FillUi of FillUi.java, there is a possible way to view another user's images due to a confused deputy. | 5.5 |
| 2023-10-04 | CVE-2023-44209 | Externally Controlled Reference to a Resource in Another Sphere vulnerability in Acronis Agent C22.02 Local privilege escalation due to improper soft link handling. | 7.8 |
| 2023-09-05 | CVE-2023-32615 | Externally Controlled Reference to a Resource in Another Sphere vulnerability in Openautomationsoftware OAS Platform 18.00.0072 A file write vulnerability exists in the OAS Engine configuration functionality of Open Automation Software OAS Platform v18.00.0072. | 8.1 |
| 2023-09-01 | CVE-2023-4704 | Externally Controlled Reference to a Resource in Another Sphere vulnerability in Instantcms External Control of System or Configuration Setting in GitHub repository instantsoft/icms2 prior to 2.16.1-git. | 4.9 |
| 2023-08-31 | CVE-2022-46868 | Externally Controlled Reference to a Resource in Another Sphere vulnerability in Acronis Cyber Protect Home Office 39900/40107 Local privilege escalation during recovery due to improper soft link handling. | 7.8 |
| 2023-08-09 | CVE-2023-35838 | Externally Controlled Reference to a Resource in Another Sphere vulnerability in Wireguard 0.5.3 The WireGuard client 0.5.3 on Windows insecurely configures the operating system and firewall such that traffic to a local network that uses non-RFC1918 IP addresses is blocked. | 5.7 |
| 2023-07-12 | CVE-2023-38046 | Externally Controlled Reference to a Resource in Another Sphere vulnerability in Paloaltonetworks Pan-Os A vulnerability exists in Palo Alto Networks PAN-OS software that enables an authenticated administrator with the privilege to commit a specifically created configuration to read local files and resources from the system. | 4.9 |
| 2023-06-22 | CVE-2023-3256 | Externally Controlled Reference to a Resource in Another Sphere vulnerability in Advantech R-Seenet Advantech R-SeeNet versions 2.4.22 allows low-level users to access and load the content of local files. | 8.1 |
| 2023-05-27 | CVE-2023-33188 | Externally Controlled Reference to a Resource in Another Sphere vulnerability in Omninotes Omni Notes Omni-notes is an open source note-taking application for Android. | 5.5 |