Vulnerabilities > Inclusion of Functionality from Untrusted Control Sphere
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-07-20 | CVE-2022-33317 | Inclusion of Functionality from Untrusted Control Sphere vulnerability in multiple products Inclusion of Functionality from Untrusted Control Sphere vulnerability in ICONICS GENESIS64 versions 10.97.1 and prior and Mitsubishi Electric MC Works64 versions 4.04E (10.95.210.01) and prior allows an unauthenticated attacker to execute an arbitrary malicious code by leading a user to load a monitoring screen file including malicious script codes. | 7.8 |
| 2022-07-15 | CVE-2022-30243 | Inclusion of Functionality from Untrusted Control Sphere vulnerability in Honeywell Alterton Visual Logic Firmware Honeywell Alerton Visual Logic through 2022-05-04 allows unauthenticated programming writes from remote users. | 8.8 |
| 2022-07-15 | CVE-2022-30244 | Inclusion of Functionality from Untrusted Control Sphere vulnerability in Honeywell Alerton Ascent Control Module Firmware Honeywell Alerton Ascent Control Module (ACM) through 2022-05-04 allows unauthenticated programming writes from remote users. | 8.0 |
| 2022-07-08 | CVE-2021-41037 | Inclusion of Functionality from Untrusted Control Sphere vulnerability in Eclipse Equinox P2 In Eclipse p2, installable units are able to alter the Eclipse Platform installation and the local machine via touchpoints during installation. | 8.0 |
| 2022-05-24 | CVE-2021-4229 | Inclusion of Functionality from Untrusted Control Sphere vulnerability in Ua-Parser-Js Project Ua-Parser-Js 0.7.29/0.8.0/1.0.0 A vulnerability was found in ua-parser-js 0.7.29/0.8.0/1.0.0. | 8.8 |
| 2022-05-11 | CVE-2022-29845 | Inclusion of Functionality from Untrusted Control Sphere vulnerability in Progress Whatsup Gold 21.1.0/21.1.1/22.0.0 In Progress Ipswitch WhatsUp Gold 21.1.0 through 21.1.1, and 22.0.0, it is possible for an authenticated user to invoke an API transaction that would allow them to read the contents of a local file. | 6.5 |
| 2022-03-15 | CVE-2022-25485 | Inclusion of Functionality from Untrusted Control Sphere vulnerability in Cuppacms 1.0 CuppaCMS v1.0 was discovered to contain a local file inclusion via the url parameter in /alerts/alertLightbox.php. | 7.8 |
| 2022-03-15 | CVE-2022-25486 | Inclusion of Functionality from Untrusted Control Sphere vulnerability in Cuppacms 1.0 CuppaCMS v1.0 was discovered to contain a local file inclusion via the url parameter in /alerts/alertConfigField.php. | 7.8 |
| 2022-02-25 | CVE-2022-24329 | Inclusion of Functionality from Untrusted Control Sphere vulnerability in multiple products In JetBrains Kotlin before 1.6.0, it was not possible to lock dependencies for Multiplatform Gradle Projects. | 5.3 |
| 2022-02-24 | CVE-2022-24232 | Inclusion of Functionality from Untrusted Control Sphere vulnerability in Hospital'S Patient Records Management System Project Hospital'S Patient Records Management System 1.0 A local file inclusion in Hospital Patient Record Management System v1.0 allows attackers to execute arbitrary code via a crafted PHP file. | 7.8 |