CVE-2026-34327

Externally controlled reference to a resource in another sphere in Microsoft Partner Center allows an unauthorized attacker to perform spoofing over a network...

CVE-2026-34327

Externally controlled reference to a resource in another sphere in Microsoft Partner Center allows an unauthorized attacker to perform spoofing over a network...

CVE-2026-34327

Externally controlled reference to a resource in another sphere in Microsoft Partner Center allows an unauthorized attacker to perform spoofing over a network...

Microsoft Partner Center Spoofing Vulnerability

Externally controlled reference to a resource in another sphere in Microsoft Partner Center allows an unauthorized attacker to perform spoofing over a network...

PT-2026-38581

Name of the Vulnerable Software and Affected Versions Microsoft Partner Center affected versions not specified Description An externally controlled reference to a resource in another sphere allows an unauthorized attacker to perform spoofing over a network. Recommendations At the moment, there is...

CVE-2025-65011

In WODESYS WD-R608U router also known as WDR122B V2.0 and WDR28 an unauthorised user can view configuration files by directly referencing the resource in question. The vendor was notified early about this vulnerability, but didn't respond with the details of vulnerability or vulnerable version...

CVE-2025-65011

In WODESYS WD-R608U router also known as WDR122B V2.0 and WDR28 an unauthorised user can view configuration files by directly referencing the resource in question. The vendor was notified early about this vulnerability, but didn't respond with the details of vulnerability or vulnerable version...

CVE-2025-65009

In WODESYS WD-R608U router also known as WDR122B V2.0 and WDR28 admin password is stored in configuration file as plaintext and can be obtained by unauthorized user by direct references to the resource in question. The vendor was notified early about this vulnerability, but didn't respond with th...

EUVD-2008-3054

Malware in sbrugna...

CVE-2025-8057

Authorization Bypass Through User-Controlled Key, Externally Controlled Reference to a Resource in Another Sphere, Improper Authorization vulnerability in Patika Global Technologies HumanSuite allows Exploiting Trust in Client.This issue affects HumanSuite: before 53.21.0...

CVE-2025-8057

CVE-2025-8057 concerns an authorization bypass in Patika Global Technologies’ HumanSuite. The issue arises from a user‑controlled key that enables an externally controlled reference to a resource in another sphere, leading to improper authorization. Affected product/version: HumanSuite prior to 5...

OESA-2025-2071 microcode_ctl security update

Security Fixes: Improper buffer restrictions for some IntelR XeonR Processor firmware with SGX enabled may allow a privileged user to potentially enable escalation of privilege via local access.CVE-2025-20053 Improper Isolation or Compartmentalization in the stream cache mechanism for some IntelR...

Linux Distros Unpatched Vulnerability : CVE-2020-10673

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - FasterXML jackson-databind 2.x before 2.9.10.4 mishandles the interaction between serialization gadgets and typing, related to com.caucho.config.types.ResourceR...

DEBIAN-CVE-2025-21090

Missing reference to active allocated resource for some IntelR XeonR processors may allow an authenticated user to potentially enable denial of service via local access...

ALPINE-CVE-2025-21090

Missing reference to active allocated resource for some IntelR XeonR processors may allow an authenticated user to potentially enable denial of service via local access...

UBUNTU-CVE-2025-21090

Missing reference to active allocated resource for some IntelR XeonR processors may allow an authenticated user to potentially enable denial of service via local access...

PT-2025-32710

Name of the Vulnerable Software and Affected Versions: IntelR XeonR processors affected versions not specified Description: A missing reference to an active allocated resource in some IntelR XeonR processors may allow an authenticated user to potentially enable a denial of service via local acces...

Exploit for CVE-2022-30190

Follina-CVE-2022-...

CVE-2022-27593

An externally controlled reference to a resource vulnerability has been reported to affect QNAP NAS running Photo Station. If exploited, This could allow an attacker to modify system files. We have already fixed the vulnerability in the following versions: QTS 5.0.1: Photo Station 6.1.2 and later...

PT-2022-4657 · Qnap · Qnap Nas +1

Name of the Vulnerable Software and Affected Versions: QNAP NAS running Photo Station versions prior to 5.2.14 QNAP NAS running Photo Station versions prior to 5.4.15 QNAP NAS running Photo Station versions prior to 5.7.18 QNAP NAS running Photo Station versions prior to 6.0.22 QNAP NAS running...