CWE-732

High likelihood

Incorrect Permission Assignment for Critical Resource

Parent: CWE-285 - Improper Authorization

The product specifies permissions for a security-critical resource in a way that allows that resource to be read or modified by unintended actors.

1,622 vulnerabilities with CWE-732
CVE-2025-21564 HIGH
Oracle Agile Product Lifecycle Manage... - Incorrect Permission Assignment
CVSS 8.1
CVE-2025-21551 MEDIUM
Oracle Solaris - Incorrect Permission Assignment
CVSS 6.0
CVE-2025-21523 MEDIUM
Oracle Mysql Server < 8.0.40 - Incorrect Permission Assignment
CVSS 4.9
CVE-2025-21520 LOW
Oracle Mysql Cluster < 7.6.32 - Incorrect Permission Assignment
CVSS 1.8
CVE-2025-0590 HIGH
com.transsion.carlcare - Info Disclosure
CVSS 7.5
CVE-2025-21325 HIGH
Microsoft Windows 10 21h2 - Incorrect Permission Assignment
CVSS 7.8
CVE-2025-0066 CRITICAL
SAP NetWeaver AS - Info Disclosure
CVSS 9.9
CVE-2024-46062 HIGH
Miniconda3 < 23.11.0-1 - Command Injection
CVSS 7.8
CVE-2024-46060 HIGH
Anaconda3 < 2024.06-1 - Command Injection
CVSS 7.8
CVE-2024-32014 MEDIUM
Spectrum Power 4 <V4.70 SP12 Update 2 - Privilege Escalation
CVSS 4.7
CVE-2024-32010 HIGH
Spectrum Power 4 <V4.70 SP12 Update 2 - Info Disclosure
CVSS 7.8
CVE-2024-11584 MEDIUM
cloud-init <25.1.2 - Privilege Escalation
CVSS 5.9
CVE-2024-45655 MEDIUM
IBM Application Gateway < 24.09 - Incorrect Permission Assignment
CVSS 5.5
CVE-2024-13861 HIGH
Sophos Taegis Endpoint Agent < 1.3.10 - Code Injection
CVSS 7.8
CVE-2024-10209 HIGH
B&R APROL <4.4-01 - Privilege Escalation
CVE-2024-13813 HIGH
Ivanti Secure Access Client < 22.8 - Incorrect Permission Assignment
CVSS 7.1
CVE-2024-57520 CRITICAL
Sangoma Asterisk < 22.5.1 - Incorrect Permission Assignment
CVSS 9.8
CVE-2024-57068 HIGH
@tanstack/form-core <0.35.0 - DoS
CVSS 7.5
CVE-2024-45657 MEDIUM
IBM Security Verify Access - Incorrect Permission Assignment
CVSS 5.0
CVE-2024-29869 MEDIUM
Hive <4.0.1 - Info Disclosure
CVSS 5.5
CVE-2024-57547 HIGH
Cmsimple - Incorrect Permission Assignment
CVSS 7.5
CVE-2024-46881 HIGH
Develocity <2024.1.8 - Privilege Escalation
CVSS 7.1
CVE-2024-52328 LOW
ECOVACS - Info Disclosure
CVSS 2.3
CVE-2024-38337 CRITICAL
IBM Sterling Secure Proxy <6.2.0.0 - Info Disclosure
CVSS 9.1
CVE-2024-51448 MEDIUM
IBM Robotic Process Automation - Incorrect Permission Assignment
CVSS 6.7
Details
Vulnerabilities 1,622
Exploit Likelihood High
Links
MITRE CWE Entry Search this CWE With Exploits