CWE-732

High likelihood

Incorrect Permission Assignment for Critical Resource

Parent: CWE-285 - Improper Authorization

The product specifies permissions for a security-critical resource in a way that allows that resource to be read or modified by unintended actors.

1,622 vulnerabilities with CWE-732
CVE-2025-30682 MEDIUM
Oracle Mysql Server < 8.0.41 - Incorrect Permission Assignment
CVSS 6.5
CVE-2025-21585 MEDIUM
Oracle Mysql Server < 8.0.41 - Incorrect Permission Assignment
CVSS 4.9
CVE-2025-21584 MEDIUM
Oracle Mysql Server < 8.0.41 - Incorrect Permission Assignment
CVSS 4.9
CVE-2025-21583 MEDIUM
Oracle Mysql Server - Incorrect Permission Assignment
CVSS 4.9
CVE-2025-21581 MEDIUM
Oracle Mysql Server < 8.0.41 - Incorrect Permission Assignment
CVSS 4.9
CVE-2025-21580 MEDIUM
Oracle Mysql Server < 8.0.41 - Incorrect Permission Assignment
CVSS 4.9
CVE-2025-21579 MEDIUM
Oracle Mysql Server < 8.0.41 - Incorrect Permission Assignment
CVSS 4.9
CVE-2025-21578 MEDIUM
Oracle Secure Backup - Incorrect Permission Assignment
CVSS 6.7
CVE-2025-25041 MEDIUM
HPE Aruba Networking VIA - Privilege Escalation
CVSS 5.5
CVE-2025-20233 LOW
Splunk App for Lookup File Editing <4.0.5 - Info Disclosure
CVSS 2.5
CVE-2025-2098 HIGH
Fast CAD Reader - Privilege Escalation
CVE-2025-25373 CRITICAL
Nasa Cfs - Incorrect Permission Assignment
CVSS 9.8
CVE-2025-27688 HIGH
Dell Thinos < 2408 - Incorrect Permission Assignment
CVSS 7.8
CVE-2025-27591 MEDIUM
Facebook Below < 0.9.0 - Incorrect Permission Assignment
CVSS 6.8
CVE-2025-22454 HIGH
Ivanti Secure Access Client < 22.7 - Incorrect Permission Assignment
CVSS 7.8
CVE-2025-1413 HIGH
DaVinci Resolve <19.1.3 - Privilege Escalation
CVE-2025-1067 HIGH
Esri ArcGIS Pro <3.3.3-3.4.1 - Privilege Escalation
CVSS 7.3
CVE-2025-27141 MEDIUM
Metabase Enterprise Edition <1.50.36-1.53.2 - Info Disclosure
CVSS 6.5
CVE-2025-23403 HIGH
SIMATIC IPC DiagBase/monitor - Privilege Escalation
CVSS 7.0
CVE-2025-0064 HIGH
SAP BusinessObjects - Privilege Escalation
CVSS 8.7
CVE-2025-0374 MEDIUM
etcupdate - Info Disclosure
CVSS 6.5
CVE-2025-24527 HIGH
Akamai EAA <2025-01-17 - Privilege Escalation
CVSS 8.0
CVE-2025-24481 HIGH
Product Version - Unauthenticated Access
CVE-2025-21571 HIGH
Oracle VM Virtualbox < 7.0.24 - Incorrect Permission Assignment
CVSS 7.3
CVE-2025-21566 MEDIUM
Oracle Mysql Server < 9.1.0 - Incorrect Permission Assignment
CVSS 6.5
Details
Vulnerabilities 1,622
Exploit Likelihood High
Links
MITRE CWE Entry Search this CWE With Exploits