Vulnerabilities > Incorrect Permission Assignment for Critical Resource

DATE CVE VULNERABILITY TITLE RISK
2022-11-29 CVE-2022-45307 Incorrect Permission Assignment for Critical Resource vulnerability in Chocolatey PHP
Insecure permissions in Chocolatey PHP package v8.1.12 and below grants all users in the Authenticated Users group write privileges for the subfolder C:\tools\php81 and all files located in that folder.
network
low complexity
chocolatey CWE-732
4.3
4.3
2022-11-25 CVE-2022-41926 Incorrect Permission Assignment for Critical Resource vulnerability in Nextcloud Talk
Nextcould talk android is the android OS implementation of the nextcloud talk chat system.
local
low complexity
nextcloud CWE-732
5.5
5.5
2022-11-17 CVE-2022-44725 Incorrect Permission Assignment for Critical Resource vulnerability in Opcfoundation Local Discovery Server
OPC Foundation Local Discovery Server (LDS) through 1.04.403.478 uses a hard-coded file path to a configuration file.
local
low complexity
opcfoundation CWE-732
7.8
7.8
2022-11-14 CVE-2022-34314 Incorrect Permission Assignment for Critical Resource vulnerability in IBM Cics TX 11.1
IBM CICS TX 11.1 could disclose sensitive information to a local user due to insecure permission settings.
local
low complexity
ibm CWE-732
3.3
3.3
2022-11-12 CVE-2022-45193 Incorrect Permission Assignment for Critical Resource vulnerability in Bruhn-Newtech Cbrn-Analysis
CBRN-Analysis before 22 has weak file permissions under Public Profile, leading to disclosure of file contents or privilege escalation.
network
low complexity
bruhn-newtech CWE-732
8.8
8.8
2022-11-07 CVE-2022-44746 Incorrect Permission Assignment for Critical Resource vulnerability in Acronis Cyber Protect Home Office
Sensitive information disclosure due to insecure folder permissions.
local
low complexity
acronis CWE-732
5.5
5.5
2022-11-07 CVE-2022-44732 Incorrect Permission Assignment for Critical Resource vulnerability in Acronis Cyber Protect Home Office
Local privilege escalation due to insecure folder permissions.
local
low complexity
acronis CWE-732
7.8
7.8
2022-11-07 CVE-2022-44733 Incorrect Permission Assignment for Critical Resource vulnerability in Acronis Cyber Protect Home Office
Local privilege escalation due to insecure folder permissions.
local
low complexity
acronis CWE-732
7.8
7.8
2022-11-07 CVE-2022-2188 Incorrect Permission Assignment for Critical Resource vulnerability in Mcafee Data Exchange Layer
Privilege escalation vulnerability in DXL Broker for Windows prior to 6.0.0.280 allows local users to gain elevated privileges by exploiting weak directory controls in the logs directory.
local
low complexity
mcafee CWE-732
5.5
5.5
2022-11-03 CVE-2022-3258 Incorrect Permission Assignment for Critical Resource vulnerability in Hypr Workforce Access
Incorrect Permission Assignment for Critical Resource vulnerability in HYPR Workforce Access on Windows allows Authentication Abuse.
low complexity
hypr CWE-732
8.8
8.8