Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CWE-610 (资源在另一范围的外部可控制索引) — Vulnerability Class 44

44 vulnerabilities classified as CWE-610 (资源在另一范围的外部可控制索引). AI Chinese analysis included.

CVE IDTitleCVSSSeverityPublished
CVE-2023-0045 Incorrect indirect branch prediction barrier in the Linux Kernel — Linux Kernel 4.7 Medium2023-04-25
CVE-2022-44747 Acronis Cyber Protect 后置链接漏洞 — Acronis Cyber Protect Home Office 7.8 -2022-11-07
CVE-2022-39206 CI/CD Docker Escape in OneDev — onedev 9.9 Critical2022-09-13
CVE-2022-27593 DeadBolt Ransomware — Photo Station 10.0 Critical2022-09-08
CVE-2021-3779 Ruby-MySQL Gem Client File Read — ruby-mysql 6.5 -2022-06-28
CVE-2022-24854 Database bypassing any permissions in Metabase via SQlite attach — metabase 8.0 High2022-04-14
CVE-2021-43844 Externally Controlled Reference to a Resource in Another Sphere in MSEdgeRedirect — MSEdgeRedirect 8.8 High2021-12-20
CVE-2021-43794 Anonymous user cache poisoning via development-mode header in Discourse — discourse 5.3 Medium2021-12-01
CVE-2021-41244 Cross organization admin control in Grafana — grafana 9.1 Critical2021-11-15
CVE-2021-27648 Synology Antivirus Essential 安全漏洞 — Synology Antivirus Essential 9.0 Critical2021-04-28
CVE-2018-12475 obs-service-download_files allows downloading from localhost or intranet hosts — Open Build Service 6.5 Medium2020-09-01
CVE-2020-8226 phpBB 代码问题漏洞 — https://github.com/phpbb/phpbb 5.8 -2020-08-17
CVE-2018-7824 Schneider Electric Modbus Serial Driver 资源管理错误漏洞 — Schneider Electric Modbus Serial Driver (For 64-bit Windows OS:V3.17 IE 37 and prior , For 32-bit Windows OS:V2.17 IE 27 and prior, and as part of the Driver Suite version:V14.12 and prior) 4.9 -2019-05-22
CVE-2017-16088 safe-eval模块安全漏洞 — safe-eval node module 10.0 -2018-06-07

Vulnerabilities classified as CWE-610 (资源在另一范围的外部可控制索引) represent 44 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.