Vulnerabilities > Incorrect Permission Assignment for Critical Resource
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-06-14 | CVE-2023-35147 | Incorrect Permission Assignment for Critical Resource vulnerability in Jenkins AWS Codecommit Trigger 3.0.12 Jenkins AWS CodeCommit Trigger Plugin 3.0.12 and earlier does not restrict the AWS SQS queue name path parameter in an HTTP endpoint, allowing attackers with Item/Read permission to obtain the contents of arbitrary files on the Jenkins controller file system. | 6.5 |
| 2023-06-13 | CVE-2023-31142 | Incorrect Permission Assignment for Critical Resource vulnerability in Discourse Discourse is an open source discussion platform. | 5.3 |
| 2023-06-13 | CVE-2023-33695 | Incorrect Permission Assignment for Critical Resource vulnerability in Hutool Hutool v5.8.17 and below was discovered to contain an information disclosure vulnerability via the File.createTempFile() function at /core/io/FileUtil.java. | 7.1 |
| 2023-06-13 | CVE-2023-30897 | Incorrect Permission Assignment for Critical Resource vulnerability in Siemens Wincc A vulnerability has been identified in SIMATIC WinCC (All versions < V7.5.2.13). | 7.8 |
| 2023-06-13 | CVE-2023-31238 | Incorrect Permission Assignment for Critical Resource vulnerability in Siemens Q200 Firmware A vulnerability has been identified in POWER METER SICAM Q100 (All versions < V2.60), POWER METER SICAM Q100 (All versions < V2.60), POWER METER SICAM Q100 (All versions < V2.60), POWER METER SICAM Q100 (All versions < V2.60). | 4.8 |
| 2023-06-13 | CVE-2023-2876 | Incorrect Permission Assignment for Critical Resource vulnerability in ABB products Sensitive Cookie Without 'HttpOnly' Flag vulnerability in ABB REX640 PCL1 (firmware modules), ABB REX640 PCL2 (Firmware modules), ABB REX640 PCL3 (firmware modules) allows Cross-Site Scripting (XSS).This issue affects REX640 PCL1: from 1.0;0 before 1.0.8; REX640 PCL2: from 1.0;0 before 1.1.4; REX640 PCL3: from 1.0;0 before 1.2.1. | 6.1 |
| 2023-06-01 | CVE-2023-28399 | Incorrect Permission Assignment for Critical Resource vulnerability in Contec Conprosys HMI System Incorrect permission assignment for critical resource exists in CONPROSYS HMI System (CHS) versions prior to 3.5.3. | 7.8 |
| 2023-05-31 | CVE-2023-28346 | Incorrect Permission Assignment for Critical Resource vulnerability in Faronics Insight 10.0.19045 An issue was discovered in Faronics Insight 10.0.19045 on Windows. | 7.3 |
| 2023-05-29 | CVE-2022-41766 | Incorrect Permission Assignment for Critical Resource vulnerability in Mediawiki An issue was discovered in MediaWiki before 1.35.8, 1.36.x and 1.37.x before 1.37.5, and 1.38.x before 1.38.3. | 4.3 |
| 2023-05-29 | CVE-2023-31874 | Incorrect Permission Assignment for Critical Resource vulnerability in Yank-Note Yank Note 3.52.1 Yank Note (YN) 3.52.1 allows execution of arbitrary code when a crafted file is opened, e.g., via nodeRequire('child_process'). | 8.8 |