Vulnerabilities > Exposure of Resource to Wrong Sphere
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-04-18 | CVE-2023-22307 | Exposure of Resource to Wrong Sphere vulnerability in Tribe29 Checkmk Appliance Firmware Sensitive data exposure in Webconf in Tribe29 Checkmk Appliance before 1.6.4 allows local attacker to retrieve passwords via reading log files. | 5.5 |
| 2023-04-15 | CVE-2021-30153 | Exposure of Resource to Wrong Sphere vulnerability in Mediawiki An issue was discovered in the VisualEditor extension in MediaWiki before 1.31.13, and 1.32.x through 1.35.x before 1.35.2. | 4.3 |
| 2023-04-15 | CVE-2023-29203 | Exposure of Resource to Wrong Sphere vulnerability in Xwiki XWiki Commons are technical libraries common to several other top level XWiki projects. | 5.3 |
| 2023-04-13 | CVE-2023-25954 | Exposure of Resource to Wrong Sphere vulnerability in multiple products KYOCERA Mobile Print' v3.2.0.230119 and earlier, 'UTAX/TA MobilePrint' v3.2.0.230119 and earlier, and 'Olivetti Mobile Print' v3.2.0.230119 and earlier are vulnerable to improper intent handling. | 5.5 |
| 2023-04-11 | CVE-2023-25409 | Exposure of Resource to Wrong Sphere vulnerability in Aten Pe8108 Firmware 2.4.232 Aten PE8108 2.4.232 is vulnerable to Incorrect Access Control. | 8.1 |
| 2023-04-11 | CVE-2022-47338 | Exposure of Resource to Wrong Sphere vulnerability in Google Android 10.0/11.0 In telecom service, there is a missing permission check. | 7.1 |
| 2023-04-11 | CVE-2023-26588 | Exposure of Resource to Wrong Sphere vulnerability in Buffalo products Use of hard-coded credentials vulnerability in Buffalo network devices allows an attacker to access the debug function of the product. | 7.5 |
| 2023-04-10 | CVE-2023-29192 | Exposure of Resource to Wrong Sphere vulnerability in Silverwaregames 1.1.34/1.1.8/1.1.9 SilverwareGames.io versions before 1.2.19 allow users with access to the game upload panel to edit download links for games uploaded by other developers. | 4.3 |
| 2023-03-31 | CVE-2023-1775 | Exposure of Resource to Wrong Sphere vulnerability in Mattermost Server When running in a High Availability configuration, Mattermost fails to sanitize some of the user_updated and post_deleted events broadcast to all users, leading to disclosure of sensitive information to some of the users with currently connected Websocket clients. | 6.5 |
| 2023-03-31 | CVE-2023-1777 | Exposure of Resource to Wrong Sphere vulnerability in Mattermost Server Mattermost allows an attacker to request a preview of an existing message when creating a new message via the createPost API call, disclosing the contents of the linked message. | 5.3 |