Vulnerabilities > Incorrect Permission Assignment for Critical Resource

DATE	CVE	VULNERABILITY TITLE	RISK
2024-01-23	CVE-2023-48714	Incorrect Permission Assignment for Critical Resource vulnerability in Silverstripe Framework Silverstripe Framework is the framework that forms the base of the Silverstripe content management system. network low complexity silverstripe CWE-732	4.3
2024-01-19	CVE-2023-38541	Incorrect Permission Assignment for Critical Resource vulnerability in Intel HID Event Filter Driver 2.2.1.372/2.2.2.1 Insecure inherited permissions in some Intel HID Event Filter drivers for Windows 10 for some Intel NUC laptop software installers before version 2.2.2.1 may allow an authenticated user to potentially enable escalation of privilege via local access. local low complexity intel CWE-732	7.8
2024-01-16	CVE-2023-52107	Incorrect Permission Assignment for Critical Resource vulnerability in Huawei Emui and Harmonyos Vulnerability of permissions being not strictly verified in the WMS module. network low complexity huawei CWE-732	7.5
2024-01-16	CVE-2023-52116	Incorrect Permission Assignment for Critical Resource vulnerability in Huawei Emui and Harmonyos Permission management vulnerability in the multi-screen interaction module. network low complexity huawei CWE-732	7.5
2024-01-12	CVE-2023-49257	Incorrect Permission Assignment for Critical Resource vulnerability in Hongdian H8951-4G-Esp Firmware An authenticated user is able to upload an arbitrary CGI-compatible file using the certificate upload utility and execute it with the root user privileges. network low complexity hongdian CWE-732	8.8
2024-01-11	CVE-2023-6506	Incorrect Permission Assignment for Critical Resource vulnerability in Wpwhitesecurity WP 2FA The WP 2FA – Two-factor authentication for WordPress plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 2.5.0 via the send_backup_codes_email due to missing validation on a user controlled key. network low complexity wpwhitesecurity CWE-732	4.3
2024-01-11	CVE-2023-6883	Incorrect Permission Assignment for Critical Resource vulnerability in Easysocialfeed Easy Social Feed The Easy Social Feed plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on multiple AJAX functions in all versions up to, and including, 6.5.2. network low complexity easysocialfeed CWE-732	4.3
2023-12-22	CVE-2023-7055	Incorrect Permission Assignment for Critical Resource vulnerability in PHPgurukul Online Notes Sharing System 1.0 A vulnerability classified as problematic has been found in PHPGurukul Online Notes Sharing System 1.0. network low complexity phpgurukul CWE-732	5.4
2023-12-14	CVE-2023-25648	Incorrect Permission Assignment for Critical Resource vulnerability in ZTE Zxcloud Irai Firmware 6.03.04/7.23.20 There is a weak folder permission vulnerability in ZTE's ZXCLOUD iRAI product. local low complexity zte CWE-732	7.8
2023-12-12	CVE-2023-6593	Incorrect Permission Assignment for Critical Resource vulnerability in Devolutions Remote Desktop Manager Client side permission bypass in Devolutions Remote Desktop Manager 2023.3.4.0 and earlier on iOS allows an attacker that has access to the application to execute entries in a SQL data source without restriction. network low complexity devolutions CWE-732 critical	9.8