Vulnerabilities > Inclusion of Functionality from Untrusted Control Sphere
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-03-02 | CVE-2023-26053 | Inclusion of Functionality from Untrusted Control Sphere vulnerability in Gradle Gradle is a build tool with a focus on build automation and support for multi-language development. | 9.8 |
| 2023-02-09 | CVE-2023-21440 | Inclusion of Functionality from Untrusted Control Sphere vulnerability in Samsung Android 13.0 Improper access control vulnerability in WindowManagerService prior to SMR Feb-2023 Release 1 allows attackers to take a screen capture. | 5.5 |
| 2022-12-26 | CVE-2022-24119 | Certain General Electric Renewable Energy products have a hidden feature for unauthenticated remote access to the device configuration shell. | 9.8 |
| 2022-10-18 | CVE-2022-22246 | Inclusion of Functionality from Untrusted Control Sphere vulnerability in Juniper Junos A PHP Local File Inclusion (LFI) vulnerability in the J-Web component of Juniper Networks Junos OS may allow a low-privileged authenticated attacker to execute an untrusted PHP file. | 8.8 |
| 2022-07-08 | CVE-2021-41037 | Inclusion of Functionality from Untrusted Control Sphere vulnerability in Eclipse Equinox P2 In Eclipse p2, installable units are able to alter the Eclipse Platform installation and the local machine via touchpoints during installation. | 6.8 |
| 2022-05-24 | CVE-2021-4229 | Inclusion of Functionality from Untrusted Control Sphere vulnerability in Ua-Parser-Js Project Ua-Parser-Js 0.7.29/0.8.0/1.0.0 A vulnerability was found in ua-parser-js 0.7.29/0.8.0/1.0.0. | 7.6 |
| 2022-05-11 | CVE-2022-29845 | Inclusion of Functionality from Untrusted Control Sphere vulnerability in Ipswitch Whatsup Gold 21.1.0/21.1.1/22.0.0 In Progress Ipswitch WhatsUp Gold 21.1.0 through 21.1.1, and 22.0.0, it is possible for an authenticated user to invoke an API transaction that would allow them to read the contents of a local file. | 4.0 |
| 2022-04-14 | CVE-2022-24824 | Inclusion of Functionality from Untrusted Control Sphere vulnerability in Discourse Discourse is an open source platform for community discussion. | 5.0 |
| 2022-04-11 | CVE-2022-1161 | Inclusion of Functionality from Untrusted Control Sphere vulnerability in Rockwellautomation products An attacker with the ability to modify a user program may change user program code on some ControlLogix, CompactLogix, and GuardLogix Control systems. | 7.5 |
| 2022-03-15 | CVE-2022-25485 | Inclusion of Functionality from Untrusted Control Sphere vulnerability in Cuppacms 1.0 CuppaCMS v1.0 was discovered to contain a local file inclusion via the url parameter in /alerts/alertLightbox.php. | 6.8 |