CWE-829
Inclusion of Functionality from Untrusted Control Sphere
The product imports, requires, or includes executable functionality (such as a library) from a source that is outside of the intended control sphere.
230 vulnerabilities with CWE-829
CVE-2022-25485
HIGH
CuppaCMS v1.0 - Local File Inclusion
CVSS 7.8
CVE-2022-24329
MEDIUM
JetBrains Kotlin <1.6.0 - Info Disclosure
CVSS 5.3
CVE-2022-24232
HIGH
Hospital Patient Record Management System v1.0 - RCE
CVSS 7.8
CVE-2022-22308
HIGH
IBM Planning Analytics 2.0 - RFI
CVSS 7.8
CVE-2022-23630
HIGH
Gradle - Info Disclosure
CVSS 7.5
CVE-2021-41037
CRITICAL
Eclipse p2 - Info Disclosure
CVSS 10.0
CVE-2021-4229
MEDIUM
ua-parser-js <1.0.0 - RCE
CVSS 5.0
CVE-2021-41841
HIGH
InsydeH2O kernel 5.0-5.5 - RCE
CVSS 8.2
CVE-2021-42133
HIGH
Ivanti Avalanche <6.3.3 - Privilege Escalation
CVSS 8.1
CVE-2021-29113
MEDIUM
ArcGIS Server - XSS
CVSS 4.7
CVE-2021-41256
MEDIUM
Nextcloud News <0.9.9.62 - SSRF
CVSS 5.8
CVE-2021-20843
MEDIUM
RTX830 <15.02.17-RTX1210 <14.01.38 - XSS
CVSS 5.4
CVE-2021-41569
HIGH
SAS/Intrnet <9.4 build 1520 - Local File Inclusion
CVSS 7.5
CVE-2021-33626
HIGH
SMM - Buffer Overflow
CVSS 7.8
CVE-2021-38360
HIGH
wp-publications <0.0 - RCE
CVSS 8.3
CVE-2021-32802
CRITICAL
Nextcloud - SSRF
CVSS 9.3
CVE-2021-34398
HIGH
Nvidia Data Center Gpu Manager < 2.2.9 - Denial of Service
CVSS 7.8
CVE-2021-21804
CRITICAL
Advantech R-SeeNet <2.4.12 - Code Injection
CVSS 9.8
CVE-2021-34692
HIGH
Idrive Remotepc < 7.6.48 - Privilege Escalation
CVSS 7.8
CVE-2021-30121
MEDIUM
Semi-authenticated local file inclusion - Path Traversal
CVSS 6.5
CVE-2021-29777
MEDIUM
IBM Db2 - DoS
CVSS 6.5
CVE-2021-3603
HIGH
PHPMailer <6.4.1 - Code Injection
CVSS 8.1
CVE-2021-30507
HIGH
Google Chrome <90.0.4430.212 - Info Disclosure
CVSS 8.8
CVE-2021-29427
HIGH
Gradle < 7.0 - Information Disclosure
CVSS 8.0
CVE-2021-28162
MEDIUM
Eclipse Theia <=0.16.0 - XSS
CVSS 6.1
Details
Vulnerabilities
230