Vulnerabilities > Incorrect Permission Assignment for Critical Resource
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2023-11-20 | CVE-2023-5651 | Incorrect Permission Assignment for Critical Resource vulnerability in Thimpress WP Hotel Booking The WP Hotel Booking WordPress plugin before 2.0.8 does not have authorisation and CSRF checks, as well as does not ensure that the package to be deleted is a package, allowing any authenticated users, such as subscriber to delete arbitrary posts | 5.4 |
2023-11-17 | CVE-2023-6179 | Incorrect Permission Assignment for Critical Resource vulnerability in Honeywell Prowatch 4.5 Honeywell ProWatch, 4.5, including all Service Pack versions, contain a Vulnerability in Application Server's executable folder(s). | 7.8 |
2023-11-15 | CVE-2023-48087 | Incorrect Permission Assignment for Critical Resource vulnerability in Xuxueli Xxl-Job 2.4.0 xxl-job-admin 2.4.0 is vulnerable to Insecure Permissions via /xxl-job-admin/joblog/clearLog and /xxl-job-admin/joblog/logDetailCat. | 5.4 |
2023-11-14 | CVE-2022-33898 | Incorrect Permission Assignment for Critical Resource vulnerability in Intel NUC Watchdog Timer Utility Insecure inherited permissions in some Intel(R) NUC Watchdog Timer installation software before version 2.0.21.0 may allow an authenticated user to potentially enable escalation of privilege via local access. | 7.8 |
2023-11-14 | CVE-2022-41700 | Incorrect Permission Assignment for Critical Resource vulnerability in Intel NUC PRO Software Suite 2.0.0.3 Insecure inherited permissions in some Intel(R) NUC Pro Software Suite installation software before version 2.0.0.9 may allow an authenticated user to potentially enable escalation of privilege via local access. | 7.8 |
2023-11-14 | CVE-2023-34314 | Incorrect Permission Assignment for Critical Resource vulnerability in Intel Simics Simulator Insecure inherited permissions in some Intel(R) Simics Simulator software before version 1.7.2 may allow an authenticated user to potentially enable escalation of privilege via local access. | 7.8 |
2023-11-14 | CVE-2023-34997 | Incorrect Permission Assignment for Critical Resource vulnerability in Intel Server Configuration Utility 16.0.7/16.0.8 Insecure inherited permissions in the installer for some Intel Server Configuration Utility software before version 16.0.9 may allow an authenticated user to potentially enable escalation of privilege via local access. | 7.8 |
2023-11-14 | CVE-2023-39230 | Incorrect Permission Assignment for Critical Resource vulnerability in Intel Rapid Storage Technology Insecure inherited permissions in some Intel Rapid Storage Technology software before version 16.8.5.1014.9 may allow an authenticated user to potentially enable escalation of privilege via local access. | 7.8 |
2023-11-14 | CVE-2023-36633 | Incorrect Permission Assignment for Critical Resource vulnerability in Fortinet Fortimail An improper authorization vulnerability [CWE-285] in FortiMail webmail version 7.2.0 through 7.2.2 and before 7.0.5 allows an authenticated attacker to see and modify the title of address book folders of other users via crafted HTTP or HTTPs requests. | 5.4 |
2023-11-13 | CVE-2023-47801 | Incorrect Permission Assignment for Critical Resource vulnerability in Clickstudios Passwordstate 9.5/9.6/9.7 An issue was discovered in Click Studios Passwordstate before 9811. | 4.7 |