Vulnerabilities > Externally Controlled Reference to a Resource in Another Sphere
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-08-31 | CVE-2022-46868 | Externally Controlled Reference to a Resource in Another Sphere vulnerability in Acronis Cyber Protect Home Office 39900/40107 Local privilege escalation during recovery due to improper soft link handling. | 7.8 |
| 2023-08-09 | CVE-2023-35838 | Externally Controlled Reference to a Resource in Another Sphere vulnerability in Wireguard 0.5.3 The WireGuard client 0.5.3 on Windows insecurely configures the operating system and firewall such that traffic to a local network that uses non-RFC1918 IP addresses is blocked. | 5.7 |
| 2023-07-12 | CVE-2023-38046 | Externally Controlled Reference to a Resource in Another Sphere vulnerability in Paloaltonetworks Pan-Os A vulnerability exists in Palo Alto Networks PAN-OS software that enables an authenticated administrator with the privilege to commit a specifically created configuration to read local files and resources from the system. | 4.9 |
| 2023-06-22 | CVE-2023-3256 | Externally Controlled Reference to a Resource in Another Sphere vulnerability in Advantech R-Seenet Advantech R-SeeNet versions 2.4.22 allows low-level users to access and load the content of local files. | 8.1 |
| 2023-05-27 | CVE-2023-33188 | Externally Controlled Reference to a Resource in Another Sphere vulnerability in Omninotes Omni Notes Omni-notes is an open source note-taking application for Android. | 5.5 |
| 2023-05-10 | CVE-2023-32076 | Externally Controlled Reference to a Resource in Another Sphere vulnerability in In-Toto Project In-Toto in-toto is a framework to protect supply chain integrity. | 5.5 |
| 2023-05-10 | CVE-2023-0008 | Externally Controlled Reference to a Resource in Another Sphere vulnerability in Paloaltonetworks Pan-Os A file disclosure vulnerability in Palo Alto Networks PAN-OS software enables an authenticated read-write administrator with access to the web interface to export local files from the firewall through a race condition. | 4.4 |
| 2023-05-02 | CVE-2023-30943 | Externally Controlled Reference to a Resource in Another Sphere vulnerability in multiple products The vulnerability was found Moodle which exists because the application allows a user to control path of the older to create in TinyMCE loaders. | 5.3 |
| 2023-04-25 | CVE-2023-0045 | Externally Controlled Reference to a Resource in Another Sphere vulnerability in multiple products The current implementation of the prctl syscall does not issue an IBPB immediately during the syscall. | 7.5 |
| 2023-04-19 | CVE-2023-21097 | Externally Controlled Reference to a Resource in Another Sphere vulnerability in Google Android In toUriInner of Intent.java, there is a possible way to launch an arbitrary activity due to a confused deputy. | 7.8 |