CWE-732

High likelihood

Incorrect Permission Assignment for Critical Resource

Parent: CWE-285 - Improper Authorization

The product specifies permissions for a security-critical resource in a way that allows that resource to be read or modified by unintended actors.

1,622 vulnerabilities with CWE-732
CVE-2024-22236 LOW
Spring Cloud Contract <4.1.1, <4.0.5, <3.1.10 - Info Disclosure
CVSS 3.3
CVE-2024-23223 MEDIUM
Apple Ipados < 17.3 - Incorrect Permission Assignment
CVSS 6.2
CVE-2024-21305 MEDIUM
Microsoft Windows 10 1809 - Incorrect Permission Assignment
CVSS 4.4
CVE-2023-53949 HIGH
AspEmail 5.6.0.2 - Privilege Escalation
CVSS 8.4
CVE-2023-39338 MEDIUM
Sentry - Auth Bypass
CVSS 6.8
CVE-2023-38037 MEDIUM
Rubygems Activesupport < 6.1.7.5 - Incorrect Permission Assignment
CVSS 5.5
CVE-2023-6729 HIGH
Nokia SR OS - Privilege Escalation
CVSS 7.3
CVE-2023-49582 MEDIUM
Apache Portable Runtime < 1.7.5 - Incorrect Permission Assignment
CVSS 5.5
CVE-2023-5936 HIGH
Arc <unknown> - Code Injection
CVSS 7.8
CVE-2023-35841 HIGH
Phoenixtech Winflash < 4.5.0.0 - Privilege Escalation
CVSS 7.8
CVE-2023-47712 HIGH
IBM Security Guardium - Incorrect Permission Assignment
CVSS 7.8
CVE-2023-51579 HIGH
Voltronic Power ViewPower - Privilege Escalation
CVSS 7.8
CVE-2023-40516 HIGH
LG Simple Editor - Privilege Escalation
CVSS 7.8
CVE-2023-52554 MEDIUM
Huawei Emui - Incorrect Permission Assignment
CVSS 6.5
CVE-2023-52388 HIGH
Huawei Emui - Incorrect Permission Assignment
CVSS 7.5
CVE-2023-52715 HIGH
Huawei Harmonyos - Incorrect Permission Assignment
CVSS 7.5
CVE-2023-33870 MEDIUM
Intel(R) Ethernet - Privilege Escalation
CVSS 6.7
CVE-2023-50292 HIGH
Apache Solr < 8.11.3 - Incorrect Permission Assignment
CVSS 7.5
CVE-2023-34042 MEDIUM
Spring Security - Incorrect Permission
CVSS 4.1
CVE-2023-47564 HIGH
Qnap Qsync Central < 4.3.0.11 - Incorrect Permission Assignment
CVSS 8.0
CVE-2023-48714 MEDIUM
Silverstripe Framework <4.13.39, <5.1.11 - Info Disclosure
CVSS 4.3
CVE-2023-38541 MEDIUM
Intel HID Event Filter <2.2.2.1 - Privilege Escalation
CVSS 6.7
CVE-2023-52116 HIGH
Multi-Screen Interaction Module - Info Disclosure
CVSS 7.5
CVE-2023-52107 HIGH
WMS - Info Disclosure
CVSS 7.5
CVE-2023-49257 HIGH
Hongdian H8951-4G-ESP Firmware <= 2310271149 - Arbitrary File Upload and Execution
CVSS 8.8
Details
Vulnerabilities 1,622
Exploit Likelihood High
Links
MITRE CWE Entry Search this CWE With Exploits