Vulnerabilities > Exposure of Resource to Wrong Sphere
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-04-11 | CVE-2023-26588 | Exposure of Resource to Wrong Sphere vulnerability in Buffalo products Use of hard-coded credentials vulnerability in Buffalo network devices allows an attacker to access the debug function of the product. | 7.5 |
| 2023-04-11 | CVE-2023-26458 | Exposure of Resource to Wrong Sphere vulnerability in SAP Landscape Management 3.0 An information disclosure vulnerability exists in SAP Landscape Management - version 3.0, enterprise edition. | 8.7 |
| 2023-04-10 | CVE-2023-29192 | Exposure of Resource to Wrong Sphere vulnerability in Silverwaregames 1.1.34/1.1.8/1.1.9 SilverwareGames.io versions before 1.2.19 allow users with access to the game upload panel to edit download links for games uploaded by other developers. | 4.3 |
| 2023-03-31 | CVE-2023-1775 | Exposure of Resource to Wrong Sphere vulnerability in Mattermost Server When running in a High Availability configuration, Mattermost fails to sanitize some of the user_updated and post_deleted events broadcast to all users, leading to disclosure of sensitive information to some of the users with currently connected Websocket clients. | 6.5 |
| 2023-03-31 | CVE-2023-1777 | Exposure of Resource to Wrong Sphere vulnerability in Mattermost Server Mattermost allows an attacker to request a preview of an existing message when creating a new message via the createPost API call, disclosing the contents of the linked message. | 5.3 |
| 2023-03-23 | CVE-2023-1402 | Exposure of Resource to Wrong Sphere vulnerability in Moodle The course participation report required additional checks to prevent roles being displayed which the user did not have access to view. | 4.3 |
| 2023-03-23 | CVE-2023-28336 | Exposure of Resource to Wrong Sphere vulnerability in multiple products Insufficient filtering of grade report history made it possible for teachers to access the names of users they could not otherwise access. | 4.3 |
| 2023-03-22 | CVE-2023-1562 | Exposure of Resource to Wrong Sphere vulnerability in Mattermost Mattermost fails to check the "Show Full Name" setting when rendering the result for the /plugins/focalboard/api/v2/users API call, allowing an attacker to learn the full name of a board owner. | 4.3 |
| 2023-03-16 | CVE-2020-22647 | Exposure of Resource to Wrong Sphere vulnerability in Smartconrtactgames Project Smartconrtactgames An issue found in DepositGame v.1.0 allows an attacker to gain sensitive information via the GetBonusWithdraw and withdraw functions. | 9.1 |
| 2023-03-14 | CVE-2023-23394 | Exposure of Resource to Wrong Sphere vulnerability in Microsoft products Client Server Run-Time Subsystem (CSRSS) Information Disclosure Vulnerability | 5.5 |