CWE-706
Use of Incorrectly-Resolved Name or Reference
The product uses a name or reference to access a resource, but the name/reference resolves to a resource that is outside of the intended control sphere.
105 vulnerabilities with CWE-706
CVE-2021-24122
MEDIUM
Apache Tomcat < 7.0.106 - Information Disclosure
CVSS 5.9
CVE-2020-4719
MEDIUM
IBM Cloud APM 8.1.4 - SSRF
CVSS 4.9
CVE-2020-35566
MEDIUM
MymbCONNECT24 <v2.11.2 - Info Disclosure
CVSS 5.3
CVE-2020-23448
CRITICAL
newbee-mall - Privilege Escalation
CVSS 9.8
CVE-2020-35894
HIGH
obstack <0.1.4 - Memory Corruption
CVSS 7.5
CVE-2020-35623
HIGH
MediaWiki <1.35.1 - Privilege Escalation
CVSS 7.5
CVE-2020-26233
HIGH
Git Credential Manager Core <2.0.289 - RCE
CVSS 7.3
CVE-2020-13311
MEDIUM
GitLab <13.1.10-13.3.4 - XSS
CVSS 4.3
CVE-2020-15505
CRITICAL
KEV
MobileIron MDM Hessian-Based Java Deserialization RCE
CVSS 9.8
CVE-2020-12279
CRITICAL
Libgit2 < 0.28.4 - Remote Code Execution
CVSS 9.8
CVE-2020-12278
CRITICAL
Libgit2 < 0.28.4 - Remote Code Execution
CVSS 9.8
CVE-2020-10574
CRITICAL
Janus <0.9.1 - Info Disclosure
CVSS 9.8
CVE-2019-19921
HIGH
runc <1.0.0-rc9 - Privilege Escalation
CVSS 7.0
CVE-2019-1351
HIGH
Git for Visual Studio - Path Traversal
CVSS 7.5
CVE-2019-12837
MEDIUM
Gencat Portal D'acces A LA Universitat - Incorrect Authorization
CVSS 4.3
CVE-2019-19493
MEDIUM
Kentico <12.0.50 - XSS
CVSS 5.4
CVE-2019-17575
HIGH
WBCE CMS <1.4.0 - Command Injection
CVSS 7.2
CVE-2019-0220
MEDIUM
Apache HTTP Server <2.4.39 - Path Traversal
CVSS 5.3
CVE-2019-9901
MEDIUM
Envoy <1.9.0 - SSRF
CVSS 6.5
CVE-2019-0816
MEDIUM
Azure SSH Keypairs - Auth Bypass
CVSS 5.1
CVE-2019-9616
HIGH
OFCMS <1.1.3 - RCE
CVSS 7.2
CVE-2019-8908
CRITICAL
WTCMS 1.0 - RCE
CVSS 9.8
CVE-2019-8395
CRITICAL
Zohocorp Manageengine Servicedesk Plus < 10.0 - Path Traversal
CVSS 9.8
CVE-2019-7731
CRITICAL
MyWebSQL 3.7 - RCE
CVSS 9.8
CVE-2019-6289
HIGH
DedeCMS V57_UTF8_SP2 - RCE
CVSS 8.8
Details
Vulnerabilities
105