Vulnerabilities > Incorrect Permission Assignment for Critical Resource
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-10-25 | CVE-2023-42861 | Incorrect Permission Assignment for Critical Resource vulnerability in Apple Macos 14.0 A logic issue was addressed with improved state management. | 6.5 |
| 2023-10-20 | CVE-2023-40361 | Incorrect Permission Assignment for Critical Resource vulnerability in Secudos Qiata 4.13 SECUDOS Qiata (DOMOS OS) 4.13 has Insecure Permissions for the previewRm.sh daily cronjob. | 7.8 |
| 2023-10-13 | CVE-2023-44201 | Incorrect Permission Assignment for Critical Resource vulnerability in Juniper Junos An Incorrect Permission Assignment for Critical Resource vulnerability in a specific file of Juniper Networks Junos OS and Junos OS Evolved allows a local authenticated attacker to read configuration changes without having the permissions. When a user with the respective permissions commits a configuration change, a specific file is created. | 5.5 |
| 2023-10-12 | CVE-2023-32723 | Incorrect Permission Assignment for Critical Resource vulnerability in Zabbix Request to LDAP is sent before user permissions are checked. | 9.1 |
| 2023-10-12 | CVE-2023-32724 | Incorrect Permission Assignment for Critical Resource vulnerability in Zabbix Memory pointer is in a property of the Ducktape object. | 8.8 |
| 2023-10-10 | CVE-2023-42189 | Incorrect Permission Assignment for Critical Resource vulnerability in multiple products Insecure Permissions vulnerability in Connectivity Standards Alliance Matter Official SDK v.1.1.0.0 , Nanoleaf Light strip v.3.5.10, Govee LED Strip v.3.00.42, switchBot Hub2 v.1.0-0.8, Phillips hue hub v.1.59.1959097030, and yeelight smart lamp v.1.12.69 allows a remote attacker to cause a denial of service via a crafted script to the KeySetRemove function. | 7.5 |
| 2023-10-09 | CVE-2023-45369 | Incorrect Permission Assignment for Critical Resource vulnerability in Mediawiki An issue was discovered in the PageTriage extension for MediaWiki before 1.35.12, 1.36.x through 1.39.x before 1.39.5, and 1.40.x before 1.40.1. | 4.3 |
| 2023-10-09 | CVE-2023-45364 | Incorrect Permission Assignment for Critical Resource vulnerability in multiple products An issue was discovered in includes/page/Article.php in MediaWiki 1.36.x through 1.39.x before 1.39.5 and 1.40.x before 1.40.1. | 5.3 |
| 2023-10-06 | CVE-2023-36465 | Incorrect Permission Assignment for Critical Resource vulnerability in Decidim Decidim is a participatory democracy framework, written in Ruby on Rails, originally developed for the Barcelona City government online and offline participation website. | 7.1 |
| 2023-09-29 | CVE-2023-5077 | Incorrect Permission Assignment for Critical Resource vulnerability in Hashicorp Vault The Vault and Vault Enterprise ("Vault") Google Cloud secrets engine did not preserve existing Google Cloud IAM Conditions upon creating or updating rolesets. | 7.5 |