CWE-610
Externally Controlled Reference to a Resource in Another Sphere
The product uses an externally controlled name or reference that resolves to a resource that is outside of the intended control sphere.
220 vulnerabilities with CWE-610
CVE-2020-14057
CRITICAL
Monstaftp Monsta FTP < 2.10.1 - Remote Code Execution
CVSS 9.8
CVE-2020-0210
HIGH
Android - Privilege Escalation
CVSS 7.8
CVE-2020-5297
LOW
OctoberCMS <1.0.466 - File Upload
CVSS 3.4
CVE-2020-5296
MEDIUM
OctoberCMS <1.0.466 - Privilege Escalation
CVSS 6.2
CVE-2020-2009
HIGH
Palo Alto Networks PAN-OS <8.1.14, <9.0.7 - RCE
CVSS 7.2
CVE-2020-9752
CRITICAL
Naver Cloud Explorer <2.2.2.11 - Privilege Escalation
CVSS 9.8
CVE-2019-7290
CRITICAL
Shortcuts <2.1.3 - Info Disclosure
CVSS 10.0
CVE-2019-3996
MEDIUM
ELOG <3.1.4-57bea22 - SSRF
CVSS 6.5
CVE-2019-15744
LOW
Sony Xperia XZs - Privilege Escalation
CVSS 3.3
CVE-2019-15743
MEDIUM
Sony Xperia Touch - Privilege Escalation
CVSS 5.5
CVE-2019-15475
MEDIUM
Xiaomi Mi A3 - Info Disclosure
CVSS 5.5
CVE-2019-15474
MEDIUM
Xiaomi Cepheus Android - Info Disclosure
CVSS 5.5
CVE-2019-15473
MEDIUM
Xiaomi Mi A2 Lite - Privilege Escalation
CVSS 5.5
CVE-2019-15472
MEDIUM
Xiaomi Mi A2 Lite - Info Disclosure
CVSS 5.5
CVE-2019-15468
MEDIUM
Xiaomi Mi A2 Lite - Confused Deputy
CVSS 5.5
CVE-2019-15467
LOW
Xiaomi Mi Mix 2S - Info Disclosure
CVSS 3.3
CVE-2019-15466
LOW
Xiaomi Redmi 6 Pro - Confused Deputy
CVSS 3.3
CVE-2019-15429
HIGH
Panasonic ELUGA_I9 - Command Injection
CVSS 7.8
CVE-2019-15428
LOW
Xiaomi Mi Note 2 - Unauthorized Access
CVSS 3.3
CVE-2019-15427
LOW
Xiaomi Mi Mix <6.0.1 - Info Disclosure
CVSS 3.3
CVE-2019-15426
LOW
Xiaomi 5S Plus - Info Disclosure
CVSS 3.3
CVE-2019-15425
LOW
Kata M4s Android - Confused Deputy
CVSS 3.3
CVE-2019-15424
LOW
Doogee BL5000 - Confused Deputy
CVSS 3.3
CVE-2019-15423
LOW
Bluboo Bluboo_S1 - Confused Deputy
CVSS 3.3
CVE-2019-15422
LOW
Doogee Mix - Privilege Escalation
CVSS 3.3
Details
Vulnerabilities
220