CWE-610
Externally Controlled Reference to a Resource in Another Sphere
The product uses an externally controlled name or reference that resolves to a resource that is outside of the intended control sphere.
220 vulnerabilities with CWE-610
CVE-2024-7625
MEDIUM
HashiCorp Nomad <1.6.13-1.8.2 - Write Outside Allocation Directory
CVSS 5.8
CVE-2024-6079
MEDIUM
Rockwell Automation Emulate3D - DLL Hijacking
CVE-2024-28962
MEDIUM
Dell Alienware Update < 5.4 - Denial of Service
CVSS 6.5
CVE-2024-29069
MEDIUM
snapd <2.62 - Path Traversal
CVSS 4.8
CVE-2024-6717
HIGH
HashiCorp Nomad <1.7.9 - Path Traversal
CVSS 7.7
CVE-2024-31319
HIGH
Java - Info Disclosure
CVSS 7.8
CVE-2024-38049
MEDIUM
Windows Distributed Transaction Coordinator - RCE
CVSS 6.6
CVE-2024-28826
HIGH
Checkmk <2.3.0p4, <2.2.0p27, <2.1.0p44, 2.0.0 - Path Traversal
CVSS 8.8
CVE-2024-32980
CRITICAL
Spin <2.4.3 - SSRF
CVSS 9.1
CVE-2024-24818
MEDIUM
EspoCRM - Open Redirect
CVSS 5.9
CVE-2024-25117
MEDIUM
php-svg-lib <0.5.2 - RCE
CVSS 6.8
CVE-2024-23639
MEDIUM
Micronaut Framework - Info Disclosure
CVSS 5.1
CVE-2024-1329
HIGH
Hashicorp Nomad < 1.5.14 - Symlink Following
CVSS 7.7
CVE-2024-24760
HIGH
mailcow <2024-01c - Info Disclosure
CVSS 8.8
CVE-2024-0728
MEDIUM
ForU CMS <2020-06-23 - File Inclusion
CVSS 4.7
CVE-2023-6154
HIGH
Bitdefender - Code Injection
CVSS 7.8
CVE-2023-49864
MEDIUM
Wwbn Avideo - Information Disclosure
CVSS 6.5
CVE-2023-49863
MEDIUM
Wwbn Avideo - Information Disclosure
CVSS 6.5
CVE-2023-49862
MEDIUM
Wwbn Avideo - Information Disclosure
CVSS 6.5
CVE-2023-6569
HIGH
h2o-3 - Path Traversal
CVSS 8.2
CVE-2023-6618
MEDIUM
SourceCodester Simple Student Attendance System 1.0 - File Inclusion
CVSS 5.5
CVE-2023-5247
HIGH
Mitsubishielectric GX Works3 - Denial of Service
CVSS 7.8
CVE-2023-40194
HIGH
Foxit Reader 12.1.3.15356 - Code Injection
CVSS 8.8
CVE-2023-39542
HIGH
Foxitsoftware Foxit Reader - Remote Code Execution
CVSS 8.8
CVE-2023-35985
HIGH
Foxit Reader 12.1.3.15356 - Code Injection
CVSS 8.8
Details
Vulnerabilities
220