Vulnerabilities > Use of Incorrectly-Resolved Name or Reference
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-04-30 | CVE-2021-31933 | Use of Incorrectly-Resolved Name or Reference vulnerability in Chamilo A remote code execution vulnerability exists in Chamilo through 1.11.14 due to improper input sanitization of a parameter used for file uploads, and improper file-extension filtering for certain filenames (e.g., .phar or .pht). | 7.2 |
| 2021-03-18 | CVE-2021-27306 | Use of Incorrectly-Resolved Name or Reference vulnerability in Konghq Kong Gateway An improper access control vulnerability in the JWT plugin in Kong Gateway prior to 2.3.2.0 allows unauthenticated users access to authenticated routes without a valid token JWT. | 7.5 |
| 2021-03-02 | CVE-2020-4719 | Use of Incorrectly-Resolved Name or Reference vulnerability in IBM Cloud Application Performance Management 8.1.4 The IBM Cloud APM 8.1.4 server will issue a DNS request to resolve any hostname specified in the Cloud Event Management Webhook URL configuration definition. | 4.9 |
| 2021-02-16 | CVE-2020-35566 | Use of Incorrectly-Resolved Name or Reference vulnerability in multiple products An issue was discovered in MB connect line mymbCONNECT24, mbCONNECT24 and Helmholz myREX24 and myREX24.virtual in all versions through v2.11.2. | 5.3 |
| 2021-01-26 | CVE-2020-23448 | Use of Incorrectly-Resolved Name or Reference vulnerability in Newbee-Mall Project Newbee-Mall newbee-mall all versions are affected by incorrect access control to remotely gain privileges through AdminLoginInterceptor.java. | 9.8 |
| 2021-01-14 | CVE-2021-24122 | Use of Incorrectly-Resolved Name or Reference vulnerability in multiple products When serving resources from a network location using the NTFS file system, Apache Tomcat versions 10.0.0-M1 to 10.0.0-M9, 9.0.0.M1 to 9.0.39, 8.5.0 to 8.5.59 and 7.0.0 to 7.0.106 were susceptible to JSP source code disclosure in some configurations. | 5.9 |
| 2020-12-31 | CVE-2020-35894 | Use of Incorrectly-Resolved Name or Reference vulnerability in Obstack Project Obstack 0.1.0/0.1.1/0.1.2 An issue was discovered in the obstack crate before 0.1.4 for Rust. | 7.5 |
| 2020-12-21 | CVE-2020-35623 | Use of Incorrectly-Resolved Name or Reference vulnerability in Mediawiki An issue was discovered in the CasAuth extension for MediaWiki through 1.35.1. | 7.5 |
| 2020-09-14 | CVE-2020-13311 | Use of Incorrectly-Resolved Name or Reference vulnerability in Gitlab A vulnerability was discovered in GitLab versions before 13.1.10, 13.2.8 and 13.3.4. | 4.3 |
| 2020-07-07 | CVE-2020-15505 | Use of Incorrectly-Resolved Name or Reference vulnerability in Mobileiron products A remote code execution vulnerability in MobileIron Core & Connector versions 10.3.0.3 and earlier, 10.4.0.0, 10.4.0.1, 10.4.0.2, 10.4.0.3, 10.5.1.0, 10.5.2.0 and 10.6.0.0; and Sentry versions 9.7.2 and earlier, and 9.8.0; and Monitor and Reporting Database (RDB) version 2.0.0.1 and earlier that allows remote attackers to execute arbitrary code via unspecified vectors. | 9.8 |