Vulnerabilities > Incorrect Permission Assignment for Critical Resource

DATE	CVE	VULNERABILITY TITLE	RISK
2024-12-18	CVE-2024-47104	IBM i 7.4 and 7.5 is vulnerable to an authenticated user gaining elevated privilege to a physical file. network high complexity CWE-732	6.8
2024-11-18	CVE-2024-41970	A low privileged remote attacker may gain access to forbidden diagnostic data due to incorrect permission assignment for critical resources. network low complexity CWE-732	5.7
2024-11-18	CVE-2024-41974	A low privileged remote attacker may modify the BACNet service properties due to incorrect permission assignment for critical resources which may lead to a DoS limited to BACNet communication. network low complexity CWE-732	7.1
2024-11-12	CVE-2024-47783	Incorrect Permission Assignment for Critical Resource vulnerability in Siemens Siport A vulnerability has been identified in SIPORT (All versions < V3.4.0). local low complexity siemens CWE-732	7.8
2024-11-12	CVE-2024-47808	Incorrect Permission Assignment for Critical Resource vulnerability in Siemens Sinec NMS A vulnerability has been identified in SINEC NMS (All versions < V3.0 SP1). local low complexity siemens CWE-732	6.5
2024-10-29	CVE-2024-10228	Incorrect Permission Assignment for Critical Resource vulnerability in Hashicorp Vagrant VMWare Utility The Vagrant VMWare Utility Windows installer targeted a custom location with a non-protected path that could be modified by an unprivileged user, introducing potential for unauthorized file system writes. local low complexity hashicorp CWE-732	3.3
2024-10-18	CVE-2024-46897	Incorrect Permission Assignment for Critical Resource vulnerability in Exceedone Exment Incorrect permission assignment for critical resource issue exists in Exment v6.1.4 and earlier and Exment v5.0.11 and earlier. network low complexity exceedone CWE-732	3.8
2024-10-09	CVE-2024-47833	Incorrect Permission Assignment for Critical Resource vulnerability in Avaiga Taipy Taipy is an open-source Python library for easy, end-to-end application development for data scientists and machine learning engineers. network low complexity avaiga CWE-732	6.5
2024-10-08	CVE-2024-7612	Incorrect Permission Assignment for Critical Resource vulnerability in Ivanti Endpoint Manager Mobile Insecure permissions in Ivanti EPMM before 12.1.0.4 allow a local authenticated attacker to modify sensitive application components. local low complexity ivanti CWE-732	7.8
2024-10-02	CVE-2024-24117	Incorrect Permission Assignment for Critical Resource vulnerability in Ruijie Rg-Nbs2009G-P Firmware 10.4(1)P2Release(9736) Insecure Permissions vulnerability in Ruijie RG-NBS2009G-P RGOS v.10.4(1)P2 Release (9736) allows a remote attacker to gain privileges via the login check state component. network low complexity ruijie CWE-732 critical	9.8