Vulnerabilities > Inclusion of Functionality from Untrusted Control Sphere
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-03-02 | CVE-2023-26053 | Inclusion of Functionality from Untrusted Control Sphere vulnerability in Gradle Gradle is a build tool with a focus on build automation and support for multi-language development. | 9.8 |
| 2023-02-09 | CVE-2023-21440 | Inclusion of Functionality from Untrusted Control Sphere vulnerability in Samsung Android 13.0 Improper access control vulnerability in WindowManagerService prior to SMR Feb-2023 Release 1 allows attackers to take a screen capture. | 5.5 |
| 2022-12-26 | CVE-2022-24119 | Inclusion of Functionality from Untrusted Control Sphere vulnerability in GE products Certain General Electric Renewable Energy products have a hidden feature for unauthenticated remote access to the device configuration shell. | 9.8 |
| 2022-10-18 | CVE-2022-22246 | Inclusion of Functionality from Untrusted Control Sphere vulnerability in Juniper Junos A PHP Local File Inclusion (LFI) vulnerability in the J-Web component of Juniper Networks Junos OS may allow a low-privileged authenticated attacker to execute an untrusted PHP file. | 8.8 |
| 2022-09-13 | CVE-2022-37191 | Inclusion of Functionality from Untrusted Control Sphere vulnerability in Cuppacms 1.0 The component "cuppa/api/index.php" of CuppaCMS v1.0 is Vulnerable to LFI. | 6.5 |
| 2022-07-27 | CVE-2022-34121 | Inclusion of Functionality from Untrusted Control Sphere vulnerability in Cuppacms 1.0 Cuppa CMS v1.0 was discovered to contain a local file inclusion (LFI) vulnerability via the component /templates/default/html/windows/right.php. | 7.5 |
| 2022-07-20 | CVE-2022-33317 | Inclusion of Functionality from Untrusted Control Sphere vulnerability in multiple products Inclusion of Functionality from Untrusted Control Sphere vulnerability in ICONICS GENESIS64 versions 10.97.1 and prior and Mitsubishi Electric MC Works64 versions 4.04E (10.95.210.01) and prior allows an unauthenticated attacker to execute an arbitrary malicious code by leading a user to load a monitoring screen file including malicious script codes. | 7.8 |
| 2022-07-15 | CVE-2022-30243 | Inclusion of Functionality from Untrusted Control Sphere vulnerability in Honeywell Alterton Visual Logic Firmware Honeywell Alerton Visual Logic through 2022-05-04 allows unauthenticated programming writes from remote users. | 8.8 |
| 2022-07-15 | CVE-2022-30244 | Inclusion of Functionality from Untrusted Control Sphere vulnerability in Honeywell Alerton Ascent Control Module Firmware Honeywell Alerton Ascent Control Module (ACM) through 2022-05-04 allows unauthenticated programming writes from remote users. | 8.0 |
| 2022-07-08 | CVE-2021-41037 | Inclusion of Functionality from Untrusted Control Sphere vulnerability in Eclipse Equinox P2 In Eclipse p2, installable units are able to alter the Eclipse Platform installation and the local machine via touchpoints during installation. | 8.0 |