Vulnerabilities > Incorrect Permission Assignment for Critical Resource

DATE CVE VULNERABILITY TITLE RISK
2024-01-11 CVE-2023-6883 Incorrect Permission Assignment for Critical Resource vulnerability in Easysocialfeed Easy Social Feed
The Easy Social Feed plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on multiple AJAX functions in all versions up to, and including, 6.5.2.
network
low complexity
easysocialfeed CWE-732
4.3
4.3
2023-12-22 CVE-2023-7055 Incorrect Permission Assignment for Critical Resource vulnerability in PHPgurukul Online Notes Sharing System 1.0
A vulnerability classified as problematic has been found in PHPGurukul Online Notes Sharing System 1.0.
network
low complexity
phpgurukul CWE-732
5.4
5.4
2023-12-14 CVE-2023-25648 Incorrect Permission Assignment for Critical Resource vulnerability in ZTE Zxcloud Irai Firmware 6.03.04/7.23.20
There is a weak folder permission vulnerability in ZTE's ZXCLOUD iRAI product.
local
low complexity
zte CWE-732
7.8
7.8
2023-12-12 CVE-2023-6593 Incorrect Permission Assignment for Critical Resource vulnerability in Devolutions Remote Desktop Manager
Client side permission bypass in Devolutions Remote Desktop Manager 2023.3.4.0 and earlier on iOS allows an attacker that has access to the application to execute entries in a SQL data source without restriction.
network
low complexity
devolutions CWE-732
critical
 9.8
9.8
2023-12-12 CVE-2023-42924 Incorrect Permission Assignment for Critical Resource vulnerability in Apple Macos
A logic issue was addressed with improved checks.
local
low complexity
apple CWE-732
5.5
5.5
2023-12-10 CVE-2023-50446 Incorrect Permission Assignment for Critical Resource vulnerability in Mullvad VPN
An issue was discovered in Mullvad VPN Windows app before 2023.6-beta1.
local
low complexity
mullvad CWE-732
7.8
7.8
2023-12-09 CVE-2023-49797 Incorrect Permission Assignment for Critical Resource vulnerability in Pyinstaller
PyInstaller bundles a Python application and all its dependencies into a single package.
local
low complexity
pyinstaller CWE-732
7.8
7.8
2023-12-07 CVE-2023-40302 Incorrect Permission Assignment for Critical Resource vulnerability in Netscout Ngeniuspulse 3.8.00.2349.0
NETSCOUT nGeniusPULSE 3.8 has Weak File Permissions Vulnerability
network
low complexity
netscout CWE-732
critical
 9.1
9.1
2023-12-03 CVE-2023-49946 Incorrect Permission Assignment for Critical Resource vulnerability in Forgejo
In Forgejo before 1.20.5-1, certain endpoints do not check whether an object belongs to a repository for which permissions are being checked.
network
low complexity
forgejo CWE-732
critical
 9.1
9.1
2023-11-28 CVE-2023-29065 Incorrect Permission Assignment for Critical Resource vulnerability in BD Facschorus
The FACSChorus software database can be accessed directly with the privileges of the currently logged-in user.
low complexity
bd CWE-732
4.3
4.3