Vulnerabilities > Externally Controlled Reference to a Resource in Another Sphere
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-08-22 | CVE-2022-32761 | Externally Controlled Reference to a Resource in Another Sphere vulnerability in Wwbn Avideo 11.6 An information disclosure vulnerability exists in the aVideoEncoderReceiveImage functionality of WWBN AVideo 11.6 and dev master commit 3f7c0364. | 6.5 |
| 2022-08-12 | CVE-2022-20319 | Externally Controlled Reference to a Resource in Another Sphere vulnerability in Google Android 13.0 In DreamServices, there is a possible way to launch arbitrary protected activities due to a confused deputy. | 7.8 |
| 2022-08-10 | CVE-2022-20239 | Externally Controlled Reference to a Resource in Another Sphere vulnerability in Google Android remap_pfn_range' here may map out of size kernel memory (for example, may map the kernel area), and because the 'vma->vm_page_prot' can also be controlled by userspace, so userspace may map the kernel area to be writable, which is easy to be exploitedProduct: AndroidVersions: Android SoCAndroid ID: A-233972091 | 9.8 |
| 2022-07-28 | CVE-2016-0796 | Externally Controlled Reference to a Resource in Another Sphere vulnerability in Mb.Miniaudioplayer Project Mb.Miniaudioplayer WordPress Plugin mb.miniAudioPlayer-an HTML5 audio player for your mp3 files is prone to multiple vulnerabilities, including open proxy and security bypass vulnerabilities because it fails to properly verify user-supplied input. | 7.5 |
| 2022-07-17 | CVE-2015-10003 | Externally Controlled Reference to a Resource in Another Sphere vulnerability in Filezilla-Project Filezilla Server A vulnerability, which was classified as problematic, was found in FileZilla Server up to 0.9.50. | 4.3 |
| 2022-07-15 | CVE-2022-30245 | Externally Controlled Reference to a Resource in Another Sphere vulnerability in Honeywell Alerton Compass 1.6.5 Honeywell Alerton Compass Software 1.6.5 allows unauthenticated configuration changes from remote users. | 6.5 |
| 2022-07-13 | CVE-2022-20223 | Externally Controlled Reference to a Resource in Another Sphere vulnerability in Google Android In assertSafeToStartCustomActivity of AppRestrictionsFragment.java, there is a possible way to start a phone call without permissions due to a confused deputy. | 7.8 |
| 2022-06-28 | CVE-2021-3779 | Externally Controlled Reference to a Resource in Another Sphere vulnerability in Ruby-Mysql Project Ruby-Mysql A malicious MySQL server can request local file content from a client using ruby-mysql prior to version 2.10.0 without explicit authorization from the user. | 6.5 |
| 2022-06-02 | CVE-2022-24241 | Externally Controlled Reference to a Resource in Another Sphere vulnerability in Aceware Aceweb Online Portal 3.5.065 ACEweb Online Portal 3.5.065 was discovered to contain an External Controlled File Path and Name vulnerability via the txtFilePath parameter in attachments.awp. | 7.5 |
| 2022-04-21 | CVE-2022-20789 | Externally Controlled Reference to a Resource in Another Sphere vulnerability in Cisco Unified Communications Manager 12.5(1)/14.0 A vulnerability in the software upgrade process of Cisco Unified Communications Manager (Unified CM) and Cisco Unified Communications Manager Session Management Edition (Unified CM SME) could allow an authenticated, remote attacker to write arbitrary files on the affected system. | 6.5 |