Vulnerabilities > Incorrect Permission Assignment for Critical Resource
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-05-16 | CVE-2024-21835 | Incorrect Permission Assignment for Critical Resource vulnerability in Intel Extreme Tuning Utility Insecure inherited permissions in some Intel(R) XTU software before version 7.14.0.15 may allow an authenticated user to potentially enable escalation of privilege via local access. | 7.8 |
| 2024-04-19 | CVE-2024-29964 | Incorrect Permission Assignment for Critical Resource vulnerability in Broadcom Brocade Sannav Brocade SANnav versions before v2.3.0a do not correctly set permissions on files, including docker files. | 6.5 |
| 2024-03-12 | CVE-2024-28163 | Incorrect Permission Assignment for Critical Resource vulnerability in SAP Netweaver Process Integration 7.50 Under certain conditions, Support Web Pages of SAP NetWeaver Process Integration (PI) - versions 7.50, allows an attacker to access information which would otherwise be restricted, causing low impact on Confidentiality with no impact on Integrity and Availability of the application. | 5.3 |
| 2024-02-16 | CVE-2024-21915 | Incorrect Permission Assignment for Critical Resource vulnerability in Rockwellautomation Factorytalk Services Platform A privilege escalation vulnerability exists in Rockwell Automation FactoryTalk® Service Platform (FTSP). | 8.8 |
| 2024-02-14 | CVE-2023-33870 | Incorrect Permission Assignment for Critical Resource vulnerability in Intel products Insecure inherited permissions in some Intel(R) Ethernet tools and driver install software may allow an authenticated user to potentially enable escalation of privilege via local access. | 7.8 |
| 2024-02-05 | CVE-2023-34042 | Incorrect Permission Assignment for Critical Resource vulnerability in VMWare Spring Security The spring-security.xsd file inside the spring-security-config jar is world writable which means that if it were extracted it could be written by anyone with access to the file system. While there are no known exploits, this is an example of “CWE-732: Incorrect Permission Assignment for Critical Resource” and could result in an exploit. | 5.5 |
| 2024-02-02 | CVE-2024-22016 | Incorrect Permission Assignment for Critical Resource vulnerability in Rapidscada Rapid Scada In Rapid Software LLC's Rapid SCADA versions prior to Version 5.8.4, an authorized user can write directly to the Scada directory. | 7.8 |
| 2024-01-31 | CVE-2024-22236 | Incorrect Permission Assignment for Critical Resource vulnerability in VMWare Spring Cloud Contract In Spring Cloud Contract, versions 4.1.x prior to 4.1.1, versions 4.0.x prior to 4.0.5, and versions 3.1.x prior to 3.1.10, test execution is vulnerable to local information disclosure via temporary directory created with unsafe permissions through the shaded com.google.guava:guava dependency in the org.springframework.cloud:spring-cloud-contract-shade dependency. | 5.5 |
| 2024-01-23 | CVE-2023-48714 | Incorrect Permission Assignment for Critical Resource vulnerability in Silverstripe Framework Silverstripe Framework is the framework that forms the base of the Silverstripe content management system. | 4.3 |
| 2024-01-19 | CVE-2023-38541 | Incorrect Permission Assignment for Critical Resource vulnerability in Intel HID Event Filter Driver 2.2.1.372/2.2.2.1 Insecure inherited permissions in some Intel HID Event Filter drivers for Windows 10 for some Intel NUC laptop software installers before version 2.2.2.1 may allow an authenticated user to potentially enable escalation of privilege via local access. | 7.8 |