CWE-15
External Control of System or Configuration Setting
One or more system settings or configuration elements can be externally controlled by a user.
65 vulnerabilities with CWE-15
CVE-2023-6154
HIGH
Bitdefender Antivirus 27.0.25.114 - Uncontrolled Search Path Element in seccenter.exe
CVSS 7.8
CVE-2023-50252
HIGH
php-svg-lib < 0.5.1 - PHAR Deserialization via Unsanitized href Attribute in SVG use Tag
CVSS 8.3
CVE-2023-46764
MEDIUM
Huawei EMUI and HarmonyOS - Unauthorized Background App Startup
CVSS 5.3
CVE-2023-46248
CRITICAL
Cody AI VSCode Extension <0.14.0 - RCE
CVSS 9.0
CVE-2023-43323
MEDIUM
mooSocial 3.1.8 - Server-Side Request Forgery via Post Function Parameters
CVSS 6.5
CVE-2023-4704
MEDIUM
instantsoft/icms2 <2.16.1 - Elevation of Privilege
CVSS 4.9
CVE-2023-3321
HIGH
ABB Ability zenon <11.106404 - Info Disclosure
CVSS 7.0
CVE-2023-32349
HIGH
Teltonika RUT Router < 00.07.03.4 - Authenticated Code Execution via Packet Dump
CVSS 8.0
CVE-2023-32076
MEDIUM
in-toto < 1.4.0 - Configuration Manipulation via .in_totorc File
CVSS 5.5
CVE-2022-41582
HIGH
Huawei EMUI and HarmonyOS - Denial of Service via Security Module Configuration Defects
CVSS 7.5
CVE-2021-27406
HIGH
PerFact OpenVPN-Client <1.4.1.0 - Privilege Escalation
CVSS 8.8
CVE-2021-38453
CRITICAL
Registry Interaction - Info Disclosure
CVSS 9.1
CVE-2021-31338
HIGH
SINEMA Remote Connect Client <V3.0 SP1 - Privilege Escalation
CVSS 7.8
CVE-2021-3707
MEDIUM
D-Link router DSL-2750U <vME1.16 - RCE
CVSS 5.5
CVE-2019-25716
MEDIUM
Drger Infinity Delta, Delta XL, and Kappa - Denial of Service via Malformed Network Packet
CVSS 6.5
Details
Vulnerabilities
65