Vulnerabilities > Inclusion of Functionality from Untrusted Control Sphere
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-05-24 | CVE-2021-4229 | Inclusion of Functionality from Untrusted Control Sphere vulnerability in Ua-Parser-Js Project Ua-Parser-Js 0.7.29/0.8.0/1.0.0 A vulnerability was found in ua-parser-js 0.7.29/0.8.0/1.0.0. | 8.8 |
| 2022-05-11 | CVE-2022-29845 | Inclusion of Functionality from Untrusted Control Sphere vulnerability in Progress Whatsup Gold 21.1.0/21.1.1/22.0.0 In Progress Ipswitch WhatsUp Gold 21.1.0 through 21.1.1, and 22.0.0, it is possible for an authenticated user to invoke an API transaction that would allow them to read the contents of a local file. | 6.5 |
| 2022-04-14 | CVE-2022-24824 | Inclusion of Functionality from Untrusted Control Sphere vulnerability in Discourse Discourse is an open source platform for community discussion. | 5.3 |
| 2022-04-11 | CVE-2022-1161 | Inclusion of Functionality from Untrusted Control Sphere vulnerability in Rockwellautomation products An attacker with the ability to modify a user program may change user program code on some ControlLogix, CompactLogix, and GuardLogix Control systems. | 9.8 |
| 2022-03-15 | CVE-2022-25485 | Inclusion of Functionality from Untrusted Control Sphere vulnerability in Cuppacms 1.0 CuppaCMS v1.0 was discovered to contain a local file inclusion via the url parameter in /alerts/alertLightbox.php. | 7.8 |
| 2022-03-15 | CVE-2022-25486 | Inclusion of Functionality from Untrusted Control Sphere vulnerability in Cuppacms 1.0 CuppaCMS v1.0 was discovered to contain a local file inclusion via the url parameter in /alerts/alertConfigField.php. | 7.8 |
| 2022-02-25 | CVE-2022-24329 | Inclusion of Functionality from Untrusted Control Sphere vulnerability in multiple products In JetBrains Kotlin before 1.6.0, it was not possible to lock dependencies for Multiplatform Gradle Projects. | 5.3 |
| 2022-02-24 | CVE-2022-24232 | Inclusion of Functionality from Untrusted Control Sphere vulnerability in Hospital'S Patient Records Management System Project Hospital'S Patient Records Management System 1.0 A local file inclusion in Hospital Patient Record Management System v1.0 allows attackers to execute arbitrary code via a crafted PHP file. | 7.8 |
| 2022-02-21 | CVE-2022-22308 | Inclusion of Functionality from Untrusted Control Sphere vulnerability in IBM Planning Analytics 2.0 IBM Planning Analytics 2.0 is vulnerable to a Remote File Include (RFI) attack. | 7.8 |
| 2022-02-10 | CVE-2022-23630 | Inclusion of Functionality from Untrusted Control Sphere vulnerability in Gradle Gradle is a build tool with a focus on build automation and support for multi-language development. | 7.5 |