Vulnerabilities > Incorrect Permission Assignment for Critical Resource
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-08-14 | CVE-2024-5915 | Incorrect Permission Assignment for Critical Resource vulnerability in Paloaltonetworks Globalprotect A privilege escalation (PE) vulnerability in the Palo Alto Networks GlobalProtect app on Windows devices enables a local user to execute programs with elevated privileges. | 7.8 |
| 2024-08-14 | CVE-2024-23908 | Incorrect Permission Assignment for Critical Resource vulnerability in Intel Flexlm License Daemons for Intel Fpga Insecure inherited permissions in some Flexlm License Daemons for Intel(R) FPGA software before version v11.19.5.0 may allow an authenticated user to potentially enable escalation of privilege via local access. | 7.8 |
| 2024-08-14 | CVE-2024-25561 | Incorrect Permission Assignment for Critical Resource vulnerability in Intel products Insecure inherited permissions in some Intel(R) HID Event Filter software installers before version 2.2.2.1 may allow an authenticated user to potentially enable escalation of privilege via local access. | 7.8 |
| 2024-08-07 | CVE-2024-43199 | Incorrect Permission Assignment for Critical Resource vulnerability in Nagios Ndoutils Nagios NDOUtils before 2.1.4 allows privilege escalation from nagios to root because certain executable files are owned by the nagios user. | 7.8 |
| 2024-08-05 | CVE-2024-41720 | Incorrect Permission Assignment for Critical Resource vulnerability in Zexelon Zwx-2000Csw2-Hn Firmware Incorrect permission assignment for critical resource issue exists in ZWX-2000CSW2-HN firmware versions prior to Ver.0.3.15, which may allow a network-adjacent authenticated attacker to alter the configuration of the device. | 8.0 |
| 2024-07-31 | CVE-2024-41954 | Incorrect Permission Assignment for Critical Resource vulnerability in Fogproject 1.5.10/1.5.10.15 FOG is a cloning/imaging/rescue suite/inventory management system. | 7.8 |
| 2024-07-31 | CVE-2024-31202 | Incorrect Permission Assignment for Critical Resource vulnerability in Proges Thermoscan IP 20211103 A “CWE-732: Incorrect Permission Assignment for Critical Resource” in the ThermoscanIP installation folder allows a local attacker to perform a Local Privilege Escalation. | 7.8 |
| 2024-07-30 | CVE-2022-33167 | Incorrect Permission Assignment for Critical Resource vulnerability in IBM products IBM Security Directory Integrator 7.2.0 and IBM Security Verify Directory Integrator 10.0.0 could allow a remote attacker to obtain sensitive information, caused by the failure to set the HTTPOnly flag. | 7.5 |
| 2024-07-26 | CVE-2024-41685 | Incorrect Permission Assignment for Critical Resource vulnerability in Syrotech Sy-Gpon-1110-Wdont Firmware 3.1.02231102 This vulnerability exists in SyroTech SY-GPON-1110-WDONT Router due to missing HTTPOnly flag for the session cookies associated with the router's web management interface. | 7.5 |
| 2024-07-25 | CVE-2024-1724 | Incorrect Permission Assignment for Critical Resource vulnerability in Canonical Snapd In snapd versions prior to 2.62, when using AppArmor for enforcement of sandbox permissions, snapd failed to restrict writes to the $HOME/bin path. | 8.2 |