VUMETRIC
CYBER PORTAL
Dashboard
Security News
Latest Vulnerabilities
Browse Vulnerabilities
by Vendors
by Products
by Categories
Weekly Reports
Vulnerabilities
> Incorrect Permission Assignment for Critical Resource
Exclude new CVEs:
DATE
CVE
VULNERABILITY TITLE
RISK
2025-02-24
CVE-2025-27141
Incorrect Permission Assignment for Critical Resource vulnerability in Metabase
Metabase Enterprise Edition is the enterprise version of Metabase business intelligence and data analytics software.
network
low complexity
metabase
CWE-732
6.5
6.5
2025-02-11
CVE-2024-13813
Incorrect Permission Assignment for Critical Resource vulnerability in Ivanti Secure Access Client
Insufficient permissions in Ivanti Secure Access Client before version 22.8R1 allows a local authenticated attacker to delete arbitrary files.
local
low complexity
ivanti
CWE-732
7.1
7.1
2025-02-11
CVE-2025-23403
A vulnerability has been identified in SIMATIC IPC DiagBase (All versions), SIMATIC IPC DiagMonitor (All versions).
local
high complexity
CWE-732
7.0
7.0
2025-02-04
CVE-2024-45657
IBM Security Verify Access Appliance and Container 10.0.0 through 10.0.8 could allow a local privileged user to perform unauthorized actions due to incorrect permissions assignment.
local
high complexity
CWE-732
5.0
5.0
2025-01-19
CVE-2024-38337
IBM Sterling Secure Proxy 6.0.0.0, 6.0.0.1, 6.0.0.2, 6.0.0.3, 6.1.0.0, and 6.2.0.0 could allow an unauthorized attacker to retrieve or alter sensitive information contents due to incorrect permission assignments.
network
low complexity
CWE-732
critical
9.1
9.1
2025-01-14
CVE-2024-11497
An authenticated attacker can use this vulnerability to perform a privilege escalation to gain root access.
network
low complexity
CWE-732
8.8
8.8
2025-01-06
CVE-2024-47475
Incorrect Permission Assignment for Critical Resource vulnerability in Dell Powerscale Onefs
Dell PowerScale OneFS 8.2.2.x through 9.8.0.x contains an incorrect permission assignment for critical resource vulnerability.
local
low complexity
dell
CWE-732
5.5
5.5
2024-12-31
CVE-2024-45497
A flaw was found in the OpenShift build process, where the docker-build container is configured with a hostPath volume mount that maps the node's /var/lib/kubelet/config.json file into the build pod.
network
low complexity
CWE-732
7.6
7.6
2024-12-18
CVE-2024-47104
IBM i 7.4 and 7.5 is vulnerable to an authenticated user gaining elevated privilege to a physical file.
network
high complexity
CWE-732
6.8
6.8
2024-12-06
CVE-2024-11220
Incorrect Permission Assignment for Critical Resource vulnerability in Openautomationsoftware Open Automation Software
A local low-level user on the server machine with credentials to the running OAS services can create and execute a report with an rdlx file on the server system itself.
local
low complexity
openautomationsoftware
CWE-732
7.8
7.8
«
1
(current)
2
3
4
5
...
112
113
»
Next