CWE-706

Use of Incorrectly-Resolved Name or Reference

Parent: CWE-664 - Improper Control of a Resource Through its Lifetime

The product uses a name or reference to access a resource, but the name/reference resolves to a resource that is outside of the intended control sphere.

107 vulnerabilities with CWE-706
CVE-2019-7731 CRITICAL
MyWebSQL 3.7 - Remote Code Execution via Backup Database Function
CVSS 9.8
CVE-2019-6289 HIGH
DedeCMS V57_UTF8_SP2 - Remote Code Execution via Mixed-Case PHP Extension Bypass
CVSS 8.8
CVE-2019-0571 HIGH
Windows Data Sharing Service - Privilege Escalation
CVSS 7.8
CVE-2018-6112 MEDIUM
Google Chrome <66.0.3359.117 - Open Redirect
CVSS 4.3
CVE-2018-12020 HIGH
GnuPG <2.2.8 - Info Disclosure
CVSS 7.5
CVE-2018-0237 MEDIUM
Cisco Advanced Malware Protection for Endpoints - Malware Detection Bypass via DMG File Extension Spoofing
CVSS 5.8
CVE-2014-125125 HIGH
A10 Networks AX Loadbalancer <2.7.0 - Path Traversal
Details
Vulnerabilities 107
Links
MITRE CWE Entry Search this CWE With Exploits