34 matches found
CVE-2026-34327
Externally controlled reference to a resource in another sphere in Microsoft Partner Center allows an unauthorized attacker to perform spoofing over a network...
CVE-2026-34327
Externally controlled reference to a resource in another sphere in Microsoft Partner Center allows an unauthorized attacker to perform spoofing over a network...
CVE-2026-34327
Externally controlled reference to a resource in another sphere in Microsoft Partner Center allows an unauthorized attacker to perform spoofing over a network...
Microsoft Partner Center Spoofing Vulnerability
Externally controlled reference to a resource in another sphere in Microsoft Partner Center allows an unauthorized attacker to perform spoofing over a network...
PT-2026-38581
Name of the Vulnerable Software and Affected Versions Microsoft Partner Center affected versions not specified Description An externally controlled reference to a resource in another sphere allows an unauthorized attacker to perform spoofing over a network. Recommendations At the moment, there is...
CVE-2025-65011
In WODESYS WD-R608U router also known as WDR122B V2.0 and WDR28 an unauthorised user can view configuration files by directly referencing the resource in question. The vendor was notified early about this vulnerability, but didn't respond with the details of vulnerability or vulnerable version...
CVE-2025-65011
In WODESYS WD-R608U router also known as WDR122B V2.0 and WDR28 an unauthorised user can view configuration files by directly referencing the resource in question. The vendor was notified early about this vulnerability, but didn't respond with the details of vulnerability or vulnerable version...
CVE-2025-65009
In WODESYS WD-R608U router also known as WDR122B V2.0 and WDR28 admin password is stored in configuration file as plaintext and can be obtained by unauthorized user by direct references to the resource in question. The vendor was notified early about this vulnerability, but didn't respond with th...
EUVD-2008-3054
Malware in sbrugna...
CVE-2025-8057
Authorization Bypass Through User-Controlled Key, Externally Controlled Reference to a Resource in Another Sphere, Improper Authorization vulnerability in Patika Global Technologies HumanSuite allows Exploiting Trust in Client. This issue affects HumanSuite: before 53.21.0...
CVE-2025-8057
CVE-2025-8057 concerns an authorization bypass in Patika Global Technologies’ HumanSuite. The issue arises from a user‑controlled key that enables an externally controlled reference to a resource in another sphere, leading to improper authorization. Affected product/version: HumanSuite prior to 5...
OESA-2025-2071 microcode_ctl security update
Security Fixes: Improper buffer restrictions for some IntelR XeonR Processor firmware with SGX enabled may allow a privileged user to potentially enable escalation of privilege via local access.CVE-2025-20053 Improper Isolation or Compartmentalization in the stream cache mechanism for some IntelR...
Linux Distros Unpatched Vulnerability : CVE-2020-10673
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - FasterXML jackson-databind 2.x before 2.9.10.4 mishandles the interaction between serialization gadgets and typing, related to com.caucho.config.types.ResourceR...
DEBIAN-CVE-2025-21090
Missing reference to active allocated resource for some IntelR XeonR processors may allow an authenticated user to potentially enable denial of service via local access...
ALPINE-CVE-2025-21090
Missing reference to active allocated resource for some IntelR XeonR processors may allow an authenticated user to potentially enable denial of service via local access...
UBUNTU-CVE-2025-21090
Missing reference to active allocated resource for some IntelR XeonR processors may allow an authenticated user to potentially enable denial of service via local access...
PT-2025-32710
Name of the Vulnerable Software and Affected Versions: IntelR XeonR processors affected versions not specified Description: A missing reference to an active allocated resource in some IntelR XeonR processors may allow an authenticated user to potentially enable a denial of service via local acces...
The vulnerability of the IBM Verify Identity Access Digital Credentials access control system lies in the absence of a reference to an active, allocated resource. This allows attackers to trigger a service failure.
The vulnerability of the IBM Verify Identity Access Digital Credentials access control system lies in the absence of a reference to an active, allocated resource. Exploiting this vulnerability could allow a malicious actor, operating remotely, to trigger a service failure using a specially create...
CLSA-2025-1747849358 Fix CVE(s): CVE-2024-10979
SECURITY UPDATE: Externally controlled reference to resources. - debian/patches/CVE-2024-10979.patch: Remove magic property of ENV in ./src/pl/plperl/plctrusted.pl. Add getenviron to ./src/test/regress/regress.c. - CVE-2024-10979...
Exploit for CVE-2022-30190
Follina-CVE-2022-...