Vulnerabilities > Incorrect Permission Assignment for Critical Resource
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2023-08-09 | CVE-2023-39004 | Incorrect Permission Assignment for Critical Resource vulnerability in Opnsense Insecure permissions in the configuration directory (/conf/) of OPNsense Community Edition before 23.7 and Business Edition before 23.4.2 allow attackers to access sensitive information (e.g., hashed root password) which could lead to privilege escalation. | 9.8 |
2023-08-09 | CVE-2023-39005 | Incorrect Permission Assignment for Critical Resource vulnerability in Opnsense Insecure permissions exist for configd.socket in OPNsense Community Edition before 23.7 and Business Edition before 23.4.2. | 7.5 |
2023-08-08 | CVE-2022-39062 | Incorrect Permission Assignment for Critical Resource vulnerability in Siemens Sicam Toolbox II 07.00/07.01 A vulnerability has been identified in SICAM TOOLBOX II (All versions < V07.10). | 7.8 |
2023-08-04 | CVE-2023-38991 | Incorrect Permission Assignment for Critical Resource vulnerability in Jeesite 1.2.6 An issue in the delete function in the ActModelController class of jeesite v1.2.6 allows authenticated attackers to arbitrarily delete models created by the Administrator. | 5.4 |
2023-08-03 | CVE-2023-20216 | Incorrect Permission Assignment for Critical Resource vulnerability in Cisco products A vulnerability in the privilege management functionality of all Cisco BroadWorks server types could allow an authenticated, local attacker to elevate privileges to root on an affected system. | 7.8 |
2023-07-23 | CVE-2023-28133 | Incorrect Permission Assignment for Critical Resource vulnerability in Checkpoint Endpoint Security E87.30 Local privilege escalation in Check Point Endpoint Security Client (version E87.30) via crafted OpenSSL configuration file | 7.8 |
2023-06-29 | CVE-2022-44719 | Incorrect Permission Assignment for Critical Resource vulnerability in Ucopia Wireless Appliance Firmware An issue was discovered in Weblib Ucopia before 6.0.13. | 7.5 |
2023-06-29 | CVE-2023-37237 | Incorrect Permission Assignment for Critical Resource vulnerability in Veritas Netbackup Appliance In Veritas NetBackup Appliance before 4.1.0.1 MR3, insecure permissions may allow an authenticated Admin to bypass shell restrictions and execute arbitrary operating system commands via SSH. | 7.2 |
2023-06-27 | CVE-2023-35799 | Incorrect Permission Assignment for Critical Resource vulnerability in Stormshield Endpoint Security Stormshield Endpoint Security Evolution 2.0.0 through 2.3.2 has Insecure Permissions. | 5.5 |
2023-06-27 | CVE-2023-35800 | Incorrect Permission Assignment for Critical Resource vulnerability in Stormshield Endpoint Security Stormshield Endpoint Security Evolution 2.0.0 through 2.4.2 has Insecure Permissions. | 4.3 |