Vulnerabilities > Incorrect Permission Assignment for Critical Resource
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-05-04 | CVE-2023-30399 | Incorrect Permission Assignment for Critical Resource vulnerability in Garo products Insecure permissions in the settings page of GARO Wallbox GLB/GTB/GTC before v189 allows attackers to redirect users to a crafted update package link via a man-in-the-middle attack. | 8.1 |
| 2023-05-04 | CVE-2023-25438 | Incorrect Permission Assignment for Critical Resource vulnerability in Genomedics Millegpg 5.9.2 An issue was discovered in Genomedics MilleGP5 5.9.2, allows remote attackers to execute arbitrary code and gain escalated privileges via modifying specific files. | 7.8 |
| 2023-04-28 | CVE-2023-0834 | Incorrect Permission Assignment for Critical Resource vulnerability in Hypr Workforce Access Incorrect Permission Assignment for Critical Resource vulnerability in HYPR Workforce Access on MacOS allows Privilege Escalation.This issue affects Workforce Access: from 6.12 before 8.1. | 9.8 |
| 2023-04-22 | CVE-2023-0207 | Incorrect Permission Assignment for Critical Resource vulnerability in Nvidia Sbios NVIDIA DGX-2 SBIOS contains a vulnerability where an attacker may modify the ServerSetup NVRAM variable at runtime by executing privileged code. | 4.4 |
| 2023-04-19 | CVE-2023-28123 | Incorrect Permission Assignment for Critical Resource vulnerability in UI Desktop 0.55.1.2/0.55.3.17/0.59.1.71 A permission misconfiguration in UI Desktop for Windows (Version 0.59.1.71 and earlier) could allow an user to hijack VPN credentials while UID VPN is starting.This vulnerability is fixed in Version 0.62.3 and later. | 5.5 |
| 2023-04-18 | CVE-2023-30606 | Incorrect Permission Assignment for Critical Resource vulnerability in Discourse Discourse is an open source platform for community discussion. | 4.9 |
| 2023-04-18 | CVE-2023-22294 | Incorrect Permission Assignment for Critical Resource vulnerability in Tribe29 Checkmk Privilege escalation in Tribe29 Checkmk Appliance before 1.6.4 allows authenticated site users to escalate privileges via incorrectly set permissions. | 8.8 |
| 2023-04-12 | CVE-2023-30512 | Incorrect Permission Assignment for Critical Resource vulnerability in Linuxfoundation Cubefs CubeFS through 3.2.1 allows Kubernetes cluster-level privilege escalation. | 6.5 |
| 2023-04-11 | CVE-2023-1939 | Incorrect Permission Assignment for Critical Resource vulnerability in Devolutions Remote Desktop Manager No access control for the OTP key on OTP entries in Devolutions Remote Desktop Manager Windows 2022.3.33.0 and prior versions and Remote Desktop Manager Linux 2022.3.2.0 and prior versions allows non admin users to see OTP keys via the user interface. | 4.3 |
| 2023-04-11 | CVE-2022-43946 | Incorrect Permission Assignment for Critical Resource vulnerability in Fortinet Forticlient Multiple vulnerabilities including an incorrect permission assignment for critical resource [CWE-732] vulnerability and a time-of-check time-of-use (TOCTOU) race condition [CWE-367] vulnerability in Fortinet FortiClientWindows before 7.0.7 allows attackers on the same file sharing network to execute commands via writing data into a windows pipe. | 8.1 |