Vulnerabilities > Incorrect Permission Assignment for Critical Resource
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-11-12 | CVE-2023-28134 | Incorrect Permission Assignment for Critical Resource vulnerability in Checkpoint Endpoint Security E84/E85/E86 Local attacker can escalate privileges on affected installations of Check Point Harmony Endpoint/ZoneAlarm Extreme Security. | 7.8 |
| 2023-11-08 | CVE-2023-3282 | Incorrect Permission Assignment for Critical Resource vulnerability in Paloaltonetworks Cortex Xsoar A local privilege escalation (PE) vulnerability in the Palo Alto Networks Cortex XSOAR engine software running on a Linux operating system enables a local attacker to execute programs with elevated privileges if the attacker has shell access to the engine. | 6.7 |
| 2023-11-08 | CVE-2023-5136 | Incorrect Permission Assignment for Critical Resource vulnerability in NI products An incorrect permission assignment in the TopoGrafix DataPlugin for GPX could result in information disclosure. | 5.5 |
| 2023-10-26 | CVE-2023-46449 | Incorrect Permission Assignment for Critical Resource vulnerability in Mayurik Inventory Management System 1.0 Sourcecodester Free and Open Source inventory management system v1.0 is vulnerable to Incorrect Access Control. | 8.8 |
| 2023-10-25 | CVE-2023-42861 | Incorrect Permission Assignment for Critical Resource vulnerability in Apple Macos 14.0 A logic issue was addressed with improved state management. | 6.5 |
| 2023-10-20 | CVE-2023-40361 | Incorrect Permission Assignment for Critical Resource vulnerability in Secudos Qiata 4.13 SECUDOS Qiata (DOMOS OS) 4.13 has Insecure Permissions for the previewRm.sh daily cronjob. | 7.8 |
| 2023-10-13 | CVE-2023-44201 | Incorrect Permission Assignment for Critical Resource vulnerability in Juniper Junos An Incorrect Permission Assignment for Critical Resource vulnerability in a specific file of Juniper Networks Junos OS and Junos OS Evolved allows a local authenticated attacker to read configuration changes without having the permissions. When a user with the respective permissions commits a configuration change, a specific file is created. | 5.5 |
| 2023-10-12 | CVE-2023-32723 | Incorrect Permission Assignment for Critical Resource vulnerability in Zabbix Request to LDAP is sent before user permissions are checked. | 9.1 |
| 2023-10-12 | CVE-2023-32724 | Incorrect Permission Assignment for Critical Resource vulnerability in Zabbix Memory pointer is in a property of the Ducktape object. | 8.8 |
| 2023-10-10 | CVE-2023-42189 | Incorrect Permission Assignment for Critical Resource vulnerability in multiple products Insecure Permissions vulnerability in Connectivity Standards Alliance Matter Official SDK v.1.1.0.0 , Nanoleaf Light strip v.3.5.10, Govee LED Strip v.3.00.42, switchBot Hub2 v.1.0-0.8, Phillips hue hub v.1.59.1959097030, and yeelight smart lamp v.1.12.69 allows a remote attacker to cause a denial of service via a crafted script to the KeySetRemove function. | 7.5 |