Vulnerabilities > Exposure of Resource to Wrong Sphere
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-04-15 | CVE-2021-30153 | Exposure of Resource to Wrong Sphere vulnerability in Mediawiki An issue was discovered in the VisualEditor extension in MediaWiki before 1.31.13, and 1.32.x through 1.35.x before 1.35.2. | 4.3 |
| 2023-04-15 | CVE-2023-29203 | Exposure of Resource to Wrong Sphere vulnerability in Xwiki XWiki Commons are technical libraries common to several other top level XWiki projects. | 5.3 |
| 2023-04-13 | CVE-2023-25954 | Exposure of Resource to Wrong Sphere vulnerability in multiple products KYOCERA Mobile Print' v3.2.0.230119 and earlier, 'UTAX/TA MobilePrint' v3.2.0.230119 and earlier, and 'Olivetti Mobile Print' v3.2.0.230119 and earlier are vulnerable to improper intent handling. | 5.5 |
| 2023-04-11 | CVE-2023-25409 | Exposure of Resource to Wrong Sphere vulnerability in Aten Pe8108 Firmware 2.4.232 Aten PE8108 2.4.232 is vulnerable to Incorrect Access Control. | 8.1 |
| 2023-04-11 | CVE-2022-47338 | Exposure of Resource to Wrong Sphere vulnerability in Google Android 10.0/11.0 In telecom service, there is a missing permission check. | 7.1 |
| 2023-04-11 | CVE-2023-26588 | Exposure of Resource to Wrong Sphere vulnerability in Buffalo products Use of hard-coded credentials vulnerability in Buffalo network devices allows an attacker to access the debug function of the product. | 7.5 |
| 2023-04-10 | CVE-2023-29192 | Exposure of Resource to Wrong Sphere vulnerability in Silverwaregames 1.1.34/1.1.8/1.1.9 SilverwareGames.io versions before 1.2.19 allow users with access to the game upload panel to edit download links for games uploaded by other developers. | 4.3 |
| 2023-03-31 | CVE-2023-1775 | Exposure of Resource to Wrong Sphere vulnerability in Mattermost Server When running in a High Availability configuration, Mattermost fails to sanitize some of the user_updated and post_deleted events broadcast to all users, leading to disclosure of sensitive information to some of the users with currently connected Websocket clients. | 6.5 |
| 2023-03-31 | CVE-2023-1777 | Exposure of Resource to Wrong Sphere vulnerability in Mattermost Server Mattermost allows an attacker to request a preview of an existing message when creating a new message via the createPost API call, disclosing the contents of the linked message. | 5.3 |
| 2023-03-23 | CVE-2023-1402 | Exposure of Resource to Wrong Sphere vulnerability in Moodle The course participation report required additional checks to prevent roles being displayed which the user did not have access to view. | 4.3 |