Vulnerabilities > Incorrect Permission Assignment for Critical Resource
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-12-12 | CVE-2023-42924 | Incorrect Permission Assignment for Critical Resource vulnerability in Apple Macos A logic issue was addressed with improved checks. | 5.5 |
| 2023-12-10 | CVE-2023-50446 | Incorrect Permission Assignment for Critical Resource vulnerability in Mullvad VPN An issue was discovered in Mullvad VPN Windows app before 2023.6-beta1. | 7.8 |
| 2023-12-09 | CVE-2023-49797 | Incorrect Permission Assignment for Critical Resource vulnerability in Pyinstaller PyInstaller bundles a Python application and all its dependencies into a single package. | 7.8 |
| 2023-12-07 | CVE-2023-40302 | Incorrect Permission Assignment for Critical Resource vulnerability in Netscout Ngeniuspulse 3.8.00.2349.0 NETSCOUT nGeniusPULSE 3.8 has Weak File Permissions Vulnerability | 9.1 |
| 2023-12-03 | CVE-2023-49946 | Incorrect Permission Assignment for Critical Resource vulnerability in Forgejo In Forgejo before 1.20.5-1, certain endpoints do not check whether an object belongs to a repository for which permissions are being checked. | 9.1 |
| 2023-11-28 | CVE-2023-29065 | Incorrect Permission Assignment for Critical Resource vulnerability in BD Facschorus The FACSChorus software database can be accessed directly with the privileges of the currently logged-in user. | 4.3 |
| 2023-11-20 | CVE-2023-5651 | Incorrect Permission Assignment for Critical Resource vulnerability in Thimpress WP Hotel Booking The WP Hotel Booking WordPress plugin before 2.0.8 does not have authorisation and CSRF checks, as well as does not ensure that the package to be deleted is a package, allowing any authenticated users, such as subscriber to delete arbitrary posts | 5.4 |
| 2023-11-17 | CVE-2023-6179 | Incorrect Permission Assignment for Critical Resource vulnerability in Honeywell Prowatch 4.5 Honeywell ProWatch, 4.5, including all Service Pack versions, contain a Vulnerability in Application Server's executable folder(s). | 7.8 |
| 2023-11-15 | CVE-2023-48087 | Incorrect Permission Assignment for Critical Resource vulnerability in Xuxueli Xxl-Job 2.4.0 xxl-job-admin 2.4.0 is vulnerable to Insecure Permissions via /xxl-job-admin/joblog/clearLog and /xxl-job-admin/joblog/logDetailCat. | 5.4 |
| 2023-11-14 | CVE-2022-33898 | Incorrect Permission Assignment for Critical Resource vulnerability in Intel NUC Watchdog Timer Utility Insecure inherited permissions in some Intel(R) NUC Watchdog Timer installation software before version 2.0.21.0 may allow an authenticated user to potentially enable escalation of privilege via local access. | 7.8 |