Vulnerabilities > Externally Controlled Reference to a Resource in Another Sphere
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-08-31 | CVE-2022-46868 | Externally Controlled Reference to a Resource in Another Sphere vulnerability in Acronis Cyber Protect Home Office 39900/40107 Local privilege escalation during recovery due to improper soft link handling. | 7.8 |
| 2023-08-09 | CVE-2023-35838 | Externally Controlled Reference to a Resource in Another Sphere vulnerability in Wireguard 0.5.3 The WireGuard client 0.5.3 on Windows insecurely configures the operating system and firewall such that traffic to a local network that uses non-RFC1918 IP addresses is blocked. | 5.7 |
| 2023-08-09 | CVE-2023-37855 | Externally Controlled Reference to a Resource in Another Sphere vulnerability in Phoenixcontact products In PHOENIX CONTACTs WP 6xxx series web panels in versions prior to 4.0.10 a remote attacker with low privileges is able to gain limited read-access to the device-filesystem within the embedded Qt browser. | 4.3 |
| 2023-08-09 | CVE-2023-37856 | Externally Controlled Reference to a Resource in Another Sphere vulnerability in Phoenixcontact products In PHOENIX CONTACTs WP 6xxx series web panels in versions prior to 4.0.10 a remote attacker with low privileges is able to gain limited read-access to the device-filesystem through a configuration dialog within the embedded Qt browser . | 4.3 |
| 2023-07-12 | CVE-2023-38046 | Externally Controlled Reference to a Resource in Another Sphere vulnerability in Paloaltonetworks Pan-Os 11.0.0 A vulnerability exists in Palo Alto Networks PAN-OS software that enables an authenticated administrator with the privilege to commit a specifically created configuration to read local files and resources from the system. | 4.9 |
| 2023-06-22 | CVE-2023-3256 | Externally Controlled Reference to a Resource in Another Sphere vulnerability in Advantech R-Seenet Advantech R-SeeNet versions 2.4.22 allows low-level users to access and load the content of local files. | 8.1 |
| 2023-05-27 | CVE-2023-33188 | Externally Controlled Reference to a Resource in Another Sphere vulnerability in Omninotes Omni Notes Omni-notes is an open source note-taking application for Android. | 5.5 |
| 2023-05-10 | CVE-2023-32076 | Externally Controlled Reference to a Resource in Another Sphere vulnerability in In-Toto Project In-Toto in-toto is a framework to protect supply chain integrity. | 5.5 |
| 2023-05-10 | CVE-2023-0008 | Externally Controlled Reference to a Resource in Another Sphere vulnerability in Paloaltonetworks Pan-Os A file disclosure vulnerability in Palo Alto Networks PAN-OS software enables an authenticated read-write administrator with access to the web interface to export local files from the firewall through a race condition. | 4.4 |
| 2023-05-02 | CVE-2023-30943 | Externally Controlled Reference to a Resource in Another Sphere vulnerability in multiple products The vulnerability was found Moodle which exists because the application allows a user to control path of the older to create in TinyMCE loaders. | 5.3 |