Vulnerabilities > Incorrect Permission Assignment for Critical Resource
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2024-06-11 | CVE-2024-36821 | Incorrect Permission Assignment for Critical Resource vulnerability in Linksys Velop Whw0101 Firmware 1.1.13.202617 Insecure permissions in Linksys Velop WiFi 5 (WHW01v1) 1.1.13.202617 allows attackers to escalate privileges from Guest to root. | 6.8 |
2024-06-08 | CVE-2024-3668 | Incorrect Permission Assignment for Critical Resource vulnerability in Ideabox Powerpack Addons for Elementor The PowerPack Pro for Elementor plugin for WordPress is vulnerable to privilege escalation in all versions up to, and including, 2.10.17. | 8.8 |
2024-06-06 | CVE-2024-30369 | Incorrect Permission Assignment for Critical Resource vulnerability in A10Networks Advanced Core Operating System A10 Thunder ADC Incorrect Permission Assignment Local Privilege Escalation Vulnerability. | 7.8 |
2024-05-16 | CVE-2024-21835 | Incorrect Permission Assignment for Critical Resource vulnerability in Intel Extreme Tuning Utility Insecure inherited permissions in some Intel(R) XTU software before version 7.14.0.15 may allow an authenticated user to potentially enable escalation of privilege via local access. | 7.8 |
2024-04-19 | CVE-2024-29964 | Incorrect Permission Assignment for Critical Resource vulnerability in Broadcom Brocade Sannav Brocade SANnav versions before v2.3.0a do not correctly set permissions on files, including docker files. | 6.5 |
2024-03-12 | CVE-2024-25644 | Incorrect Permission Assignment for Critical Resource vulnerability in SAP Netweaver 7.50 Under certain conditions SAP NetWeaver WSRM - version 7.50, allows an attacker to access information which would otherwise be restricted, causing low impact on Confidentiality with no impact on Integrity and Availability of the application. | 5.3 |
2024-03-12 | CVE-2024-28163 | Incorrect Permission Assignment for Critical Resource vulnerability in SAP Netweaver Process Integration 7.50 Under certain conditions, Support Web Pages of SAP NetWeaver Process Integration (PI) - versions 7.50, allows an attacker to access information which would otherwise be restricted, causing low impact on Confidentiality with no impact on Integrity and Availability of the application. | 5.3 |
2024-02-29 | CVE-2024-27294 | Incorrect Permission Assignment for Critical Resource vulnerability in Danielparks Dp-Golang dp-golang is a Puppet module for Go installations. | 7.8 |
2024-02-16 | CVE-2024-21915 | Incorrect Permission Assignment for Critical Resource vulnerability in Rockwellautomation Factorytalk Services Platform A privilege escalation vulnerability exists in Rockwell Automation FactoryTalk® Service Platform (FTSP). | 8.8 |
2024-02-14 | CVE-2023-33870 | Incorrect Permission Assignment for Critical Resource vulnerability in Intel products Insecure inherited permissions in some Intel(R) Ethernet tools and driver install software may allow an authenticated user to potentially enable escalation of privilege via local access. | 7.8 |