Vulnerabilities > Incorrect Permission Assignment for Critical Resource
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-11-14 | CVE-2022-41700 | Incorrect Permission Assignment for Critical Resource vulnerability in Intel NUC PRO Software Suite 2.0.0.3 Insecure inherited permissions in some Intel(R) NUC Pro Software Suite installation software before version 2.0.0.9 may allow an authenticated user to potentially enable escalation of privilege via local access. | 7.8 |
| 2023-11-14 | CVE-2023-34314 | Incorrect Permission Assignment for Critical Resource vulnerability in Intel Simics Simulator Insecure inherited permissions in some Intel(R) Simics Simulator software before version 1.7.2 may allow an authenticated user to potentially enable escalation of privilege via local access. | 7.8 |
| 2023-11-14 | CVE-2023-34997 | Incorrect Permission Assignment for Critical Resource vulnerability in Intel Server Configuration Utility 16.0.7/16.0.8 Insecure inherited permissions in the installer for some Intel Server Configuration Utility software before version 16.0.9 may allow an authenticated user to potentially enable escalation of privilege via local access. | 7.8 |
| 2023-11-14 | CVE-2023-39230 | Incorrect Permission Assignment for Critical Resource vulnerability in Intel Rapid Storage Technology Insecure inherited permissions in some Intel Rapid Storage Technology software before version 16.8.5.1014.9 may allow an authenticated user to potentially enable escalation of privilege via local access. | 7.8 |
| 2023-11-14 | CVE-2023-36633 | Incorrect Permission Assignment for Critical Resource vulnerability in Fortinet Fortimail An improper authorization vulnerability [CWE-285] in FortiMail webmail version 7.2.0 through 7.2.2 and before 7.0.5 allows an authenticated attacker to see and modify the title of address book folders of other users via crafted HTTP or HTTPs requests. | 5.4 |
| 2023-11-13 | CVE-2023-47801 | Incorrect Permission Assignment for Critical Resource vulnerability in Clickstudios Passwordstate 9.5/9.6/9.7 An issue was discovered in Click Studios Passwordstate before 9811. | 4.7 |
| 2023-11-12 | CVE-2023-28134 | Incorrect Permission Assignment for Critical Resource vulnerability in Checkpoint Endpoint Security E84/E85/E86 Local attacker can escalate privileges on affected installations of Check Point Harmony Endpoint/ZoneAlarm Extreme Security. | 7.8 |
| 2023-11-08 | CVE-2023-3282 | Incorrect Permission Assignment for Critical Resource vulnerability in Paloaltonetworks Cortex Xsoar A local privilege escalation (PE) vulnerability in the Palo Alto Networks Cortex XSOAR engine software running on a Linux operating system enables a local attacker to execute programs with elevated privileges if the attacker has shell access to the engine. | 6.7 |
| 2023-11-08 | CVE-2023-5136 | Incorrect Permission Assignment for Critical Resource vulnerability in NI products An incorrect permission assignment in the TopoGrafix DataPlugin for GPX could result in information disclosure. | 5.5 |
| 2023-10-26 | CVE-2023-46449 | Incorrect Permission Assignment for Critical Resource vulnerability in Mayurik Inventory Management System 1.0 Sourcecodester Free and Open Source inventory management system v1.0 is vulnerable to Incorrect Access Control. | 8.8 |