Vulnerabilities > Incorrect Permission Assignment for Critical Resource

DATE CVE VULNERABILITY TITLE RISK
2024-08-26 CVE-2023-49582 Incorrect Permission Assignment for Critical Resource vulnerability in Apache Portable Runtime
Lax permissions set by the Apache Portable Runtime library on Unix platforms would allow local users read access to named shared memory segments, potentially revealing sensitive application data.
local
low complexity
apache CWE-732
5.5
5.5
2024-08-24 CVE-2022-43915 Incorrect Permission Assignment for Critical Resource vulnerability in IBM APP Connect Enterprise Certified Container
IBM App Connect Enterprise Certified Container 5.0, 7.1, 7.2, 8.0, 8.1, 8.2, 9.0, 9.1, 9.2, 10.0, 10.1, 11.0, 11.1, 11.2, 11.3, 11.4, 11.5, 11.6, 12.0, and 12.1 does not limit calls to unshare in running Pods.
network
low complexity
ibm CWE-732
8.1
8.1
2024-08-21 CVE-2024-5930 Incorrect Permission Assignment for Critical Resource vulnerability in Vipre Advanced Security 12.0.1.214
VIPRE Advanced Security Incorrect Permission Assignment Local Privilege Escalation Vulnerability.
local
low complexity
vipre CWE-732
7.8
7.8
2024-08-14 CVE-2024-5915 Incorrect Permission Assignment for Critical Resource vulnerability in Paloaltonetworks Globalprotect
A privilege escalation (PE) vulnerability in the Palo Alto Networks GlobalProtect app on Windows devices enables a local user to execute programs with elevated privileges.
local
low complexity
paloaltonetworks CWE-732
7.8
7.8
2024-08-14 CVE-2024-23908 Incorrect Permission Assignment for Critical Resource vulnerability in Intel Flexlm License Daemons for Intel Fpga
Insecure inherited permissions in some Flexlm License Daemons for Intel(R) FPGA software before version v11.19.5.0 may allow an authenticated user to potentially enable escalation of privilege via local access.
local
low complexity
intel CWE-732
7.8
7.8
2024-08-14 CVE-2024-25561 Incorrect Permission Assignment for Critical Resource vulnerability in Intel products
Insecure inherited permissions in some Intel(R) HID Event Filter software installers before version 2.2.2.1 may allow an authenticated user to potentially enable escalation of privilege via local access.
local
low complexity
intel CWE-732
7.8
7.8
2024-08-07 CVE-2024-43199 Incorrect Permission Assignment for Critical Resource vulnerability in Nagios Ndoutils
Nagios NDOUtils before 2.1.4 allows privilege escalation from nagios to root because certain executable files are owned by the nagios user.
local
low complexity
nagios CWE-732
7.8
7.8
2024-08-05 CVE-2024-41720 Incorrect Permission Assignment for Critical Resource vulnerability in Zexelon Zwx-2000Csw2-Hn Firmware
Incorrect permission assignment for critical resource issue exists in ZWX-2000CSW2-HN firmware versions prior to Ver.0.3.15, which may allow a network-adjacent authenticated attacker to alter the configuration of the device.
low complexity
zexelon CWE-732
8.0
8.0
2024-07-31 CVE-2024-41954 Incorrect Permission Assignment for Critical Resource vulnerability in Fogproject 1.5.10/1.5.10.15
FOG is a cloning/imaging/rescue suite/inventory management system.
local
low complexity
fogproject CWE-732
7.8
7.8
2024-07-31 CVE-2024-31202 Incorrect Permission Assignment for Critical Resource vulnerability in Proges Thermoscan IP 20211103
A “CWE-732: Incorrect Permission Assignment for Critical Resource” in the ThermoscanIP installation folder allows a local attacker to perform a Local Privilege Escalation.
local
low complexity
proges CWE-732
7.8
7.8