Vulnerabilities > Externally Controlled Reference to a Resource in Another Sphere
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-11-17 | CVE-2022-42732 | Externally Controlled Reference to a Resource in Another Sphere vulnerability in Siemens Syngo Dynamics Cardiovascular Imaging and Information System A vulnerability has been identified in syngo Dynamics (All versions < VA40G HF01). | 7.5 |
| 2022-11-17 | CVE-2022-42733 | Externally Controlled Reference to a Resource in Another Sphere vulnerability in Siemens Syngo Dynamics Cardiovascular Imaging and Information System A vulnerability has been identified in syngo Dynamics (All versions < VA40G HF01). | 7.5 |
| 2022-11-17 | CVE-2022-42734 | Externally Controlled Reference to a Resource in Another Sphere vulnerability in Siemens Syngo Dynamics Cardiovascular Imaging and Information System A vulnerability has been identified in syngo Dynamics (All versions < VA40G HF01). | 7.5 |
| 2022-11-17 | CVE-2022-42891 | Externally Controlled Reference to a Resource in Another Sphere vulnerability in Siemens Syngo Dynamics Cardiovascular Imaging and Information System A vulnerability has been identified in syngo Dynamics (All versions < VA40G HF01). | 7.5 |
| 2022-11-17 | CVE-2022-42893 | Externally Controlled Reference to a Resource in Another Sphere vulnerability in Siemens Syngo Dynamics Cardiovascular Imaging and Information System A vulnerability has been identified in syngo Dynamics (All versions < VA40G HF01). | 7.5 |
| 2022-10-14 | CVE-2021-27406 | Externally Controlled Reference to a Resource in Another Sphere vulnerability in Perfact Openvpn-Client An attacker can take leverage on PerFact OpenVPN-Client versions 1.4.1.0 and prior to send the config command from any application running on the local host machine to force the back-end server into initializing a new open-VPN instance with arbitrary open-VPN configuration. | 8.8 |
| 2022-09-13 | CVE-2022-39206 | Externally Controlled Reference to a Resource in Another Sphere vulnerability in Onedev Project Onedev Onedev is an open source, self-hosted Git Server with CI/CD and Kanban. | 9.9 |
| 2022-09-06 | CVE-2022-2633 | Externally Controlled Reference to a Resource in Another Sphere vulnerability in Plugins360 All-In-One Video Gallery 2.5.8/2.5.9/2.6.0 The All-in-One Video Gallery plugin for WordPress is vulnerable to arbitrary file downloads and blind server-side request forgery via the 'dl' parameter found in the ~/public/video.php file in versions up to, and including 2.6.0. | 8.2 |
| 2022-08-10 | CVE-2022-20239 | Externally Controlled Reference to a Resource in Another Sphere vulnerability in Google Android remap_pfn_range' here may map out of size kernel memory (for example, may map the kernel area), and because the 'vma->vm_page_prot' can also be controlled by userspace, so userspace may map the kernel area to be writable, which is easy to be exploitedProduct: AndroidVersions: Android SoCAndroid ID: A-233972091 | 9.8 |
| 2022-07-28 | CVE-2016-0796 | Externally Controlled Reference to a Resource in Another Sphere vulnerability in Mb.Miniaudioplayer Project Mb.Miniaudioplayer WordPress Plugin mb.miniAudioPlayer-an HTML5 audio player for your mp3 files is prone to multiple vulnerabilities, including open proxy and security bypass vulnerabilities because it fails to properly verify user-supplied input. | 7.5 |