Vulnerabilities > Incorrect Permission Assignment for Critical Resource
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-08-09 | CVE-2023-39003 | Incorrect Permission Assignment for Critical Resource vulnerability in Opnsense OPNsense Community Edition before 23.7 and Business Edition before 23.4.2 was discovered to contain insecure permissions in the directory /tmp. | 7.5 |
| 2023-08-09 | CVE-2023-39004 | Incorrect Permission Assignment for Critical Resource vulnerability in Opnsense Insecure permissions in the configuration directory (/conf/) of OPNsense Community Edition before 23.7 and Business Edition before 23.4.2 allow attackers to access sensitive information (e.g., hashed root password) which could lead to privilege escalation. | 9.8 |
| 2023-08-09 | CVE-2023-39005 | Incorrect Permission Assignment for Critical Resource vulnerability in Opnsense Insecure permissions exist for configd.socket in OPNsense Community Edition before 23.7 and Business Edition before 23.4.2. | 7.5 |
| 2023-08-08 | CVE-2022-39062 | Incorrect Permission Assignment for Critical Resource vulnerability in Siemens Sicam Toolbox II 07.00/07.01 A vulnerability has been identified in SICAM TOOLBOX II (All versions < V07.10). | 7.8 |
| 2023-08-04 | CVE-2023-38991 | Incorrect Permission Assignment for Critical Resource vulnerability in Jeesite 1.2.6 An issue in the delete function in the ActModelController class of jeesite v1.2.6 allows authenticated attackers to arbitrarily delete models created by the Administrator. | 5.4 |
| 2023-08-03 | CVE-2023-20216 | Incorrect Permission Assignment for Critical Resource vulnerability in Cisco products A vulnerability in the privilege management functionality of all Cisco BroadWorks server types could allow an authenticated, local attacker to elevate privileges to root on an affected system. | 7.8 |
| 2023-07-24 | CVE-2023-3322 | Incorrect Permission Assignment for Critical Resource vulnerability in ABB Zenon A vulnerability exists by allowing low-privileged users to read and update the data in various directories used by the Zenon system. | 8.1 |
| 2023-07-23 | CVE-2023-28133 | Incorrect Permission Assignment for Critical Resource vulnerability in Checkpoint Endpoint Security E87.30 Local privilege escalation in Check Point Endpoint Security Client (version E87.30) via crafted OpenSSL configuration file | 7.8 |
| 2023-07-11 | CVE-2023-33990 | Incorrect Permission Assignment for Critical Resource vulnerability in SAP SQL Anywhere 17.0 SAP SQL Anywhere - version 17.0, allows an attacker to prevent legitimate users from accessing the service by crashing the service. | 7.1 |
| 2023-07-11 | CVE-2023-35870 | Incorrect Permission Assignment for Critical Resource vulnerability in SAP S4Core When creating a journal entry template in SAP S/4HANA (Manage Journal Entry Template) - versions S4CORE 104, 105, 106, 107, an attacker could intercept the save request and change the template, leading to an impact on confidentiality and integrity of the resource. | 7.3 |