Vulnerabilities > Incorrect Permission Assignment for Critical Resource
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-01-23 | CVE-2023-48714 | Incorrect Permission Assignment for Critical Resource vulnerability in Silverstripe Framework Silverstripe Framework is the framework that forms the base of the Silverstripe content management system. | 4.3 |
| 2024-01-19 | CVE-2023-38541 | Incorrect Permission Assignment for Critical Resource vulnerability in Intel HID Event Filter Driver 2.2.1.372/2.2.2.1 Insecure inherited permissions in some Intel HID Event Filter drivers for Windows 10 for some Intel NUC laptop software installers before version 2.2.2.1 may allow an authenticated user to potentially enable escalation of privilege via local access. | 7.8 |
| 2024-01-16 | CVE-2023-52107 | Incorrect Permission Assignment for Critical Resource vulnerability in Huawei Emui and Harmonyos Vulnerability of permissions being not strictly verified in the WMS module. | 7.5 |
| 2024-01-16 | CVE-2023-52116 | Incorrect Permission Assignment for Critical Resource vulnerability in Huawei Emui and Harmonyos Permission management vulnerability in the multi-screen interaction module. | 7.5 |
| 2024-01-12 | CVE-2023-49257 | Incorrect Permission Assignment for Critical Resource vulnerability in Hongdian H8951-4G-Esp Firmware An authenticated user is able to upload an arbitrary CGI-compatible file using the certificate upload utility and execute it with the root user privileges. | 8.8 |
| 2024-01-11 | CVE-2023-6506 | Incorrect Permission Assignment for Critical Resource vulnerability in Wpwhitesecurity WP 2FA The WP 2FA – Two-factor authentication for WordPress plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 2.5.0 via the send_backup_codes_email due to missing validation on a user controlled key. | 4.3 |
| 2024-01-11 | CVE-2023-6883 | Incorrect Permission Assignment for Critical Resource vulnerability in Easysocialfeed Easy Social Feed The Easy Social Feed plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on multiple AJAX functions in all versions up to, and including, 6.5.2. | 4.3 |
| 2024-01-09 | CVE-2023-44120 | Incorrect Permission Assignment for Critical Resource vulnerability in Siemens Spectrum Power 7 2.20/2.30/23Q3 A vulnerability has been identified in Spectrum Power 7 (All versions < V23Q4). | 7.8 |
| 2023-12-22 | CVE-2023-7055 | Incorrect Permission Assignment for Critical Resource vulnerability in PHPgurukul Online Notes Sharing System 1.0 A vulnerability classified as problematic has been found in PHPGurukul Online Notes Sharing System 1.0. | 5.4 |
| 2023-12-14 | CVE-2023-0757 | Incorrect Permission Assignment for Critical Resource vulnerability in Phoenixcontact Multiprog and Proconos Eclr Incorrect Permission Assignment for Critical Resource vulnerability in PHOENIX CONTACT MULTIPROG, PHOENIX CONTACT ProConOS eCLR (SDK) allows an unauthenticated remote attacker to upload arbitrary malicious code and gain full access on the affected device. | 9.8 |