Vulnerabilities > Incorrect Permission Assignment for Critical Resource
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-01-16 | CVE-2023-52107 | Incorrect Permission Assignment for Critical Resource vulnerability in Huawei Emui and Harmonyos Vulnerability of permissions being not strictly verified in the WMS module. | 7.5 |
| 2024-01-16 | CVE-2023-52116 | Incorrect Permission Assignment for Critical Resource vulnerability in Huawei Emui and Harmonyos Permission management vulnerability in the multi-screen interaction module. | 7.5 |
| 2024-01-12 | CVE-2023-49257 | Incorrect Permission Assignment for Critical Resource vulnerability in Hongdian H8951-4G-Esp Firmware An authenticated user is able to upload an arbitrary CGI-compatible file using the certificate upload utility and execute it with the root user privileges. | 8.8 |
| 2024-01-11 | CVE-2023-6506 | Incorrect Permission Assignment for Critical Resource vulnerability in Wpwhitesecurity WP 2FA The WP 2FA – Two-factor authentication for WordPress plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 2.5.0 via the send_backup_codes_email due to missing validation on a user controlled key. | 4.3 |
| 2024-01-11 | CVE-2023-6883 | Incorrect Permission Assignment for Critical Resource vulnerability in Easysocialfeed Easy Social Feed The Easy Social Feed plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on multiple AJAX functions in all versions up to, and including, 6.5.2. | 4.3 |
| 2023-12-22 | CVE-2023-7055 | Incorrect Permission Assignment for Critical Resource vulnerability in PHPgurukul Online Notes Sharing System 1.0 A vulnerability classified as problematic has been found in PHPGurukul Online Notes Sharing System 1.0. | 5.4 |
| 2023-12-14 | CVE-2023-25648 | Incorrect Permission Assignment for Critical Resource vulnerability in ZTE Zxcloud Irai There is a weak folder permission vulnerability in ZTE's ZXCLOUD iRAI product. | 7.8 |
| 2023-12-12 | CVE-2023-6593 | Incorrect Permission Assignment for Critical Resource vulnerability in Devolutions Remote Desktop Manager Client side permission bypass in Devolutions Remote Desktop Manager 2023.3.4.0 and earlier on iOS allows an attacker that has access to the application to execute entries in a SQL data source without restriction. | 9.8 |
| 2023-12-12 | CVE-2023-42924 | Incorrect Permission Assignment for Critical Resource vulnerability in Apple Macos A logic issue was addressed with improved checks. | 5.5 |
| 2023-12-10 | CVE-2023-50446 | Incorrect Permission Assignment for Critical Resource vulnerability in Mullvad VPN An issue was discovered in Mullvad VPN Windows app before 2023.6-beta1. | 7.8 |