Vulnerabilities > Exposure of Resource to Wrong Sphere
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-03-23 | CVE-2023-28336 | Exposure of Resource to Wrong Sphere vulnerability in multiple products Insufficient filtering of grade report history made it possible for teachers to access the names of users they could not otherwise access. | 4.3 |
| 2023-03-22 | CVE-2023-1562 | Exposure of Resource to Wrong Sphere vulnerability in Mattermost Mattermost fails to check the "Show Full Name" setting when rendering the result for the /plugins/focalboard/api/v2/users API call, allowing an attacker to learn the full name of a board owner. | 4.3 |
| 2023-03-16 | CVE-2020-22647 | Exposure of Resource to Wrong Sphere vulnerability in Smartconrtactgames Project Smartconrtactgames An issue found in DepositGame v.1.0 allows an attacker to gain sensitive information via the GetBonusWithdraw and withdraw functions. | 9.1 |
| 2023-03-13 | CVE-2023-25802 | Exposure of Resource to Wrong Sphere vulnerability in Roxy-Wi Roxy-WI is a Web interface for managing Haproxy, Nginx, Apache, and Keepalived servers. | 7.5 |
| 2023-03-08 | CVE-2023-22892 | Exposure of Resource to Wrong Sphere vulnerability in Smartbear Zephyr Enterprise There exists an information disclosure vulnerability in SmartBear Zephyr Enterprise through 7.15.0 that could be exploited by unauthenticated users to read arbitrary files from Zephyr instances. | 7.5 |
| 2023-03-07 | CVE-2022-46257 | Exposure of Resource to Wrong Sphere vulnerability in Github Enterprise Server An information disclosure vulnerability was identified in GitHub Enterprise Server that allowed private repositories to be added to a GitHub Actions runner group via the API by a user who did not have access to those repositories, resulting in the repository names being shown in the UI. | 4.3 |
| 2023-03-03 | CVE-2023-20061 | Exposure of Resource to Wrong Sphere vulnerability in Cisco products Multiple vulnerabilities in Cisco Unified Intelligence Center could allow an authenticated, remote attacker to collect sensitive information or perform a server-side request forgery (SSRF) attack on an affected system. | 6.5 |
| 2023-03-02 | CVE-2023-25536 | Exposure of Resource to Wrong Sphere vulnerability in Dell Powerscale Onefs Dell PowerScale OneFS 9.4.0.x contains exposure of sensitive information to an unauthorized actor. | 6.7 |
| 2023-03-01 | CVE-2023-24567 | Exposure of Resource to Wrong Sphere vulnerability in Dell EMC Networker Dell NetWorker versions 19.5 and earlier contain 'RabbitMQ' version disclosure vulnerability. | 6.5 |
| 2023-03-01 | CVE-2023-25544 | Exposure of Resource to Wrong Sphere vulnerability in Dell EMC Networker Dell NetWorker versions 19.5 and earlier contain 'Apache Tomcat' version disclosure vulnerability. | 6.5 |