Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-706

CWE-706

Use of Incorrectly-Resolved Name or Reference

Parent: CWE-664 - Improper Control of a Resource Through its Lifetime

The product uses a name or reference to access a resource, but the name/reference resolves to a resource that is outside of the intended control sphere.

107 vulnerabilities with CWE-706

CVE-2023-27561 HIGH

runc < 1.1.5 - Privilege Escalation via Custom Volume-Mount Configurations

CVE-2022-30258 CRITICAL

Technitium DNS Server <8.0.2 - Info Disclosure

CVE-2022-30257 CRITICAL

Technitium DNS Server <8.0.2 - Info Disclosure

CVE-2022-41874 LOW

Tauri <1.0.7-1.1.2 - Info Disclosure

CVE-2022-30621 HIGH

Cellinx NVT IP PTZ Camera Firmware - Unauthenticated Arbitrary File Read via GetFileContent.cgi

CVE-2022-31089 HIGH

Parse Server <4.10.12, <5.2.3 - DoS

CVE-2022-27778 HIGH

cURL - Use of Incorrectly Resolved Name

CVE-2022-29448 MEDIUM

Herd Effects WordPress Plugin <= 5.2 - Authenticated Local File Inclusion

CVE-2022-29445 MEDIUM

Wow-Company's Popup Box <2.1.2 - LFI

CVE-2022-28198 MEDIUM

NVIDIA Omniverse Nucleus and Cache - Remote Code Execution via OpenSSL Configuration

CVE-2022-0855 MEDIUM

microweber-dev/whmcs_plugin <0.0.4 - Path Traversal

CVE-2021-47276 MEDIUM

Linux Kernel 2.6.28-4.4.273 - Denial of Service via Ftrace IP Address Handling

CVE-2021-47261 HIGH

Linux Kernel 4.17-4.19.195 - Denial of Service via CQ Resize Buffer Initialization

CVE-2021-37315 CRITICAL

ASUS RT-AC68U <3.0.0.4.386.41634 - Info Disclosure

CVE-2021-40856 HIGH

Auerswald COMfortel <2.8G - Auth Bypass

CVE-2021-40539 CRITICAL KEV

ManageEngine ADSelfService Plus CVE-2021-40539

CVE-2021-39156 HIGH

Istio < 1.9.8 - Authorization Bypass via URI Fragment

CVE-2021-37215 MEDIUM

Flygo < 1.91.1 - Authenticated Insecure Direct Object Reference via Employee ID Parameter

CVE-2021-37214 HIGH

Flygo < 1.91.1 - Authenticated Authorization Bypass and Remote Code Execution via Employee ID Parameter

CVE-2021-37213 MEDIUM

Flygo < 1.91.1 - Authenticated Insecure Direct Object Reference via Check-in Record Parameters

CVE-2021-37212 MEDIUM

larvata flygo < 1.91.1 - Authenticated Insecure Direct Object Reference via Bulletin ID Parameter

CVE-2021-22924 LOW

libcurl 7.10.4-7.76.1 - Connection Reuse via Case-Insensitive Path Matching

CVE-2021-37144 CRITICAL

CSZ CMS 1.2.9 - Privilege Escalation

CVE-2021-31920 MEDIUM

Istio < 1.8.6 and 1.9.x < 1.9.5 - Authorization Policy Bypass via Path Manipulation

CVE-2021-32054 MEDIUM

Firely/Incendi Spark <1.5.5-r4 - XSS

Previous Page 3 of 5 Next

Details

Vulnerabilities 107

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy