Vulnerabilities > Incorrect Permission Assignment for Critical Resource
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-10-10 | CVE-2023-42189 | Incorrect Permission Assignment for Critical Resource vulnerability in multiple products Insecure Permissions vulnerability in Connectivity Standards Alliance Matter Official SDK v.1.1.0.0 , Nanoleaf Light strip v.3.5.10, Govee LED Strip v.3.00.42, switchBot Hub2 v.1.0-0.8, Phillips hue hub v.1.59.1959097030, and yeelight smart lamp v.1.12.69 allows a remote attacker to cause a denial of service via a crafted script to the KeySetRemove function. | 7.5 |
| 2023-10-09 | CVE-2023-45369 | Incorrect Permission Assignment for Critical Resource vulnerability in Mediawiki An issue was discovered in the PageTriage extension for MediaWiki before 1.35.12, 1.36.x through 1.39.x before 1.39.5, and 1.40.x before 1.40.1. | 4.3 |
| 2023-10-09 | CVE-2023-45364 | Incorrect Permission Assignment for Critical Resource vulnerability in multiple products An issue was discovered in includes/page/Article.php in MediaWiki 1.36.x through 1.39.x before 1.39.5 and 1.40.x before 1.40.1. | 5.3 |
| 2023-10-06 | CVE-2023-36465 | Incorrect Permission Assignment for Critical Resource vulnerability in Decidim Decidim is a participatory democracy framework, written in Ruby on Rails, originally developed for the Barcelona City government online and offline participation website. | 7.1 |
| 2023-10-05 | CVE-2023-44387 | Incorrect Permission Assignment for Critical Resource vulnerability in Gradle Gradle is a build tool with a focus on build automation and support for multi-language development. | 6.5 |
| 2023-09-29 | CVE-2023-5077 | Incorrect Permission Assignment for Critical Resource vulnerability in Hashicorp Vault The Vault and Vault Enterprise ("Vault") Google Cloud secrets engine did not preserve existing Google Cloud IAM Conditions upon creating or updating rolesets. | 7.5 |
| 2023-09-27 | CVE-2023-20254 | Incorrect Permission Assignment for Critical Resource vulnerability in Cisco Sd-Wan Manager A vulnerability in the session management system of the Cisco Catalyst SD-WAN Manager multi-tenant feature could allow an authenticated, remote attacker to access another tenant that is being managed by the same Cisco Catalyst SD-WAN Manager instance. | 8.8 |
| 2023-09-27 | CVE-2023-4565 | Incorrect Permission Assignment for Critical Resource vulnerability in Huawei Emui and Harmonyos Broadcast permission control vulnerability in the framework module. | 5.3 |
| 2023-09-25 | CVE-2023-41295 | Incorrect Permission Assignment for Critical Resource vulnerability in Huawei Emui and Harmonyos Vulnerability of improper permission management in the displayengine module. | 5.3 |
| 2023-09-15 | CVE-2023-4665 | Incorrect Permission Assignment for Critical Resource vulnerability in Saphira Connect Incorrect Execution-Assigned Permissions vulnerability in Saphira Saphira Connect allows Privilege Escalation.This issue affects Saphira Connect: before 9. | 8.8 |