Incorrect Permission Assignment for Critical Resource
CWE-732

CVE IDCVSSVendorExploitPatchTrends
CVE-2024-9842Incorrect permissions in Ivanti Secure Access Client before version 22.7R4 allows a local authenticated attacker to create arbitrary folders.
CVSS 7.3Ivanti

-

-

Trending graph for this CVE
CVE-2024-9142External Control of File Name or Path, : Incorrect Permission Assignment for Critical Resource vulnerability in Olgu Computer Systems e-Belediye allows Manipulating Web Input to File System Calls.This issue affects e-Belediye: before 2.0.642.
CVSS 9.8Eskom

-

-

Trending graph for this CVE
CVE-2024-8900An attacker could write data to the user's clipboard, bypassing the user prompt, during a certain sequence of navigational events. This vulnerability affects Firefox < 129.
CVSS 7.5Mozilla

-

Patched

Trending graph for this CVE
CVE-2024-8039Improper permission configurationDomain configuration vulnerability of the mobile application (com.afmobi.boomplayer) can lead to account takeover risks.
CVSS 9.8Tecno

-

-

Trending graph for this CVE
CVE-2024-7986A vulnerability exists in the Rockwell Automation ThinManager® ThinServer that allows a threat actor to disclose sensitive information. A threat actor can exploit this vulnerability by abusing the ThinServer™ service to read arbitrary files by creating a junction that points to the target directory.
CVSS LowRockwellautomation

-

-

Trending graph for this CVE
CVE-2024-7612Insecure permissions in Ivanti EPMM before 12.1.0.4 allow a local authenticated attacker to access or modify sensitive configuration files without proper authorization.
CVSS 8.8Ivanti

-

-

Trending graph for this CVE
CVE-2024-7594Vault’s SSH secrets engine did not require the valid_principals list to contain a value by default. If the valid_principals and default_user fields of the SSH secrets engine configuration are not set, an SSH certificate requested by an authorized user to Vault’s SSH secrets engine could be used to authenticate as any user on the host. Fixed in Vault Community Edition 1.17.6, and in Vault Enterprise 1.17.6, 1.16.10, and 1.15.15.
CVSS 7.5Hashicorp

-

Patched

Trending graph for this CVE
CVE-2024-7513CVE-2024-7513 IMPACT A code execution vulnerability exists in the affected product. The vulnerability occurs due to improper default file permissions allowing any user to edit or replace files, which are executed by account with elevated permissions.
CVSS LowRockwellautomation

-

Patched

Trending graph for this CVE
CVE-2024-6780Improper permission control in the mobile application (com.android.server.telecom) may lead to user information security risks.
CVSS 3.3

-

-

Trending graph for this CVE
CVE-2024-6739The session cookie in MailGates and MailAudit from Openfind does not have the HttpOnly flag enabled, allowing remote attackers to potentially steal the session cookie via XSS.
CVSS 6.1Openfind

Exploit

-

Trending graph for this CVE
CVE-2024-6619In Ocean Data Systems Dream Report, an incorrect permission vulnerability could allow a local unprivileged attacker to escalate their privileges and could cause a denial-of-service.
CVSS LowAveva

-

-

Trending graph for this CVE
CVE-2024-6510Local Privilege Escalation in AVG Internet Security v24 on Windows allows a local unprivileged user to escalate privileges to SYSTEM via COM-Hijacking.
CVSS 7.8Avg

-

-

Trending graph for this CVE
CVE-2024-6435A privilege escalation vulnerability exists in the affected products which could allow a malicious user with basic privileges to access functions which should only be available to users with administrative level privileges. If exploited, an attacker could read sensitive data, and create users. For example, a malicious user with basic privileges could perform critical functions such as creating a user with elevated privileges and reading sensitive information in the “views” section.
CVSS LowRockwellautomation

-

Patched

Trending graph for this CVE
CVE-2024-6360Incorrect Permission Assignment for Critical Resource vulnerability in OpenText™ Vertica could allow Privilege Abuse and result in unauthorized access or privileges to Vertica agent apikey. This issue affects Vertica: from 10.0 through 10.X, from 11.0 through 11.X, from 12.0 through 12.X, from 23.0 through 23.X, from 24.0 through 24.X.
CVSS LowOpentext

-

-

Trending graph for this CVE
CVE-2024-5930This vulnerability allows local attackers to escalate privileges on affected installations of VIPRE Advanced Security. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability.<br/>The specific flaw exists within the Anti Malware Service. The issue results from incorrect permissions on a file. An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of SYSTEM.<br/> VIPRE has issued an update to correct this vulnerability. More details can be found at: <br/><a href="https://success.vipre.com/en_US/home-windows-release-notes/home-windows-release-notes-20240227">https://success.vipre.com/en_US/home-windows-release-notes/home-windows-release-notes-20240227</a> <br/></td>
CVSS 7.8Vipre

Exploit

-

Trending graph for this CVE
CVE-2024-5915A privilege escalation (PE) vulnerability in the Palo Alto Networks GlobalProtect app on Windows devices enables a local user to execute programs with elevated privileges.
CVSS 7.8Paloaltonetworks

-

Patched

Trending graph for this CVE
CVE-2024-5618Incorrect Permission Assignment for Critical Resource vulnerability in PruvaSoft Informatics Apinizer Management Console allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Apinizer Management Console: before 2024.05.1.
CVSS 9.9

-

-

Trending graph for this CVE
CVE-2024-5163Improper permission settings for mobile applications (com.transsion.carlcare) may lead to user password and account security risks.
CVSS 9.8Tecno

-

-

Trending graph for this CVE
CVE-2024-50590Attackers with local access to the medical office computer can escalate their Windows user privileges to "NT AUTHORITY\SYSTEM" by overwriting one of two Elefant service binaries with weak permissions. The default installation directory of Elefant is "C:\Elefant1" which is writable for all users. In addition, the Elefant installer registers two Firebird database services which are running as “NT AUTHORITY\SYSTEM”.  Path: C:\Elefant1\Firebird_2\bin\fbserver.exe Path: C:\Elefant1\Firebird_2\bin\fbguard.exe Both service binaries are user writable. This means that a local attacker can rename one of the service binaries, replace the service executable with a new executable, and then restart the system. Once the system has rebooted, the new service binary is executed as "NT AUTHORITY\SYSTEM".
CVSS 7.8Elefantcms

-

-

Trending graph for this CVE
CVE-2024-47833Taipy is an open-source Python library for easy, end-to-end application development for data scientists and machine learning engineers. In affected versions session cookies are served without Secure and HTTPOnly flags. This issue has been addressed in release version 4.0.0 and all users are advised to upgrade. There are no known workarounds for this vulnerability.
CVSS 6.5

Exploit

-

Trending graph for this CVE
CVE-2024-47808A vulnerability has been identified in SINEC NMS (All versions < V3.0 SP1). The affected application contains a database function, that does not properly restrict the permissions of users to write to the filesystem of the host system. This could allow an authenticated medium-privileged attacker to write arbitrary content to any location in the filesystem of the host system.
CVSS 6.5Siemens

-

Patched

Trending graph for this CVE
CVE-2024-47783A vulnerability has been identified in SIPORT (All versions < V3.4.0). The affected application improperly assigns file permissions to installation folders. This could allow a local attacker with an unprivileged account to override or modify the service executables and subsequently gain elevated privileges.
CVSS 7.8Samsung, et al

-

Patched

Trending graph for this CVE
CVE-2024-46897Incorrect permission assignment for critical resource issue exists in Exment v6.1.4 and earlier and Exment v5.0.11 and earlier. A logged-in user with the permission of table management may obtain and/or alter the information of the unauthorized table.
CVSS 3.8Exceedone

-

Patched

Trending graph for this CVE
CVE-2024-45164Akamai SIA (Secure Internet Access Enterprise) ThreatAvert, in SPS (Security and Personalization Services) before the latest 19.2.0 patch and Apps Portal before 19.2.0.3 or 19.2.0.20240814, has incorrect authorization controls for the Admin functionality on the ThreatAvert Policy page. An authenticated user can navigate directly to the /#app/intelligence/threatAvertPolicies URI and disable policy enforcement.
CVSS 7.1Akamai

Exploit

-

Trending graph for this CVE
CVE-2024-45041External Secrets Operator is a Kubernetes operator that integrates external secret management systems. The external-secrets has a deployment called default-external-secrets-cert-controller, which is bound with a same-name ClusterRole. This ClusterRole has "get/list" verbs of secrets resources. It also has path/update verb of validatingwebhookconfigurations resources. This can be used to abuse the SA token of the deployment to retrieve or get ALL secrets in the whole cluster, capture and log all data from requests attempting to update Secrets, or make a webhook deny all Pod create and update requests. This vulnerability is fixed in 0.10.2.
CVSS 8.8Kubernetes, et al

-

Patched

Trending graph for this CVE
CVE-2024-44729Incorrect access control in the component app/src/server.js of Mirotalk before commit 9de226 allows unauthenticated attackers without presenter privileges to arbitrarily eject users from a meeting.
CVSS 7.5Mirotalk

-

-

Trending graph for this CVE
CVE-2024-43199Nagios NDOUtils before 2.1.4 allows privilege escalation from nagios to root because certain executable files are owned by the nagios user.
CVSS 7.8Nagios

-

Patched

Trending graph for this CVE
CVE-2024-41974A low privileged remote attacker may modify the BACNet service properties due to incorrect permission assignment for critical resources which may lead to a DoS limited to BACNet communication.
CVSS 7.1Honeywell

-

-

Trending graph for this CVE
CVE-2024-41970A low privileged remote attacker may gain access to forbidden diagnostic data due to incorrect permission assignment for critical resources.
CVSS 5.7Citrix

-

-

Trending graph for this CVE
CVE-2024-41954FOG is a cloning/imaging/rescue suite/inventory management system. The application stores plaintext service account credentials in the "/opt/fog/.fogsettings" file. This file is by default readable by all users on the host. By exploiting these credentials, a malicious user could create new accounts for the web application and much more. The vulnerability is fixed in 1.5.10.41.
CVSS 7.8Fogproject

Exploit

Patched

Trending graph for this CVE
CVE-2024-41820Kubean is a cluster lifecycle management toolchain based on kubespray and other cluster LCM engine. The ClusterRole has `*` verbs of `*` resources. If a malicious user can access the worker node which has kubean's deployment, he/she can abuse these excessive permissions to do whatever he/she likes to the whole cluster, resulting in a cluster-level privilege escalation. This issue has been addressed in release version 0.18.0. Users are advised to upgrade. There are no known workarounds for this vulnerability.
CVSS 6

-

Patched

Trending graph for this CVE
CVE-2024-41720Incorrect permission assignment for critical resource issue exists in ZWX-2000CSW2-HN firmware versions prior to Ver.0.3.15, which may allow a network-adjacent authenticated attacker to alter the configuration of the device.
CVSS 8

-

Patched

Trending graph for this CVE
CVE-2024-41685This vulnerability exists in SyroTech SY-GPON-1110-WDONT Router due to missing HTTPOnly flag for the session cookies associated with the router's web management interface. An attacker with remote access could exploit this by intercepting transmission within an HTTP session on the vulnerable system. Successful exploitation of this vulnerability could allow the attacker to capture cookies and obtain sensitive information on the targeted system.
CVSS 7.5

-

-

Trending graph for this CVE
CVE-2024-41171A vulnerability has been identified in SINUMERIK 828D V4 (All versions), SINUMERIK 828D V5 (All versions < V5.24), SINUMERIK 840D sl V4 (All versions), SINUMERIK ONE (All versions < V6.24). Affected devices do not properly enforce access restrictions to scripts that are regularly executed by the system with elevated privileges. This could allow an authenticated local attacker to escalate their privileges in the underlying system.
CVSS 8.8

-

-

Trending graph for this CVE
CVE-2024-39875A vulnerability has been identified in SINEMA Remote Connect Server (All versions < V3.2 SP1). The affected application allows authenticated, low privilege users with the 'Manage own remote connections' permission to retrieve details about other users and group memberships.
CVSS 4.3Siemens

-

Patched

Trending graph for this CVE
CVE-2024-39709Incorrect file permissions in Ivanti Connect Secure before version 22.6R2 and Ivanti Policy Secure before version 22.6R1 allow a local authenticated attacker to escalate their privileges.
CVSS 7.8Ivanti

-

-

Trending graph for this CVE
CVE-2024-38456HIGH-LEIT V05.08.01.03 and HIGH-LEIT V04.25.00.00 to 4.25.01.01 for Windows from Vivavis contain an insecure file and folder permissions vulnerability in prunsrv.exe. A regular user (non-admin) can exploit the weak folder and file permissions to escalate privileges and execute arbitrary code in the context of NT AUTHORITY\SYSTEM.
CVSS 7.8

-

-

Trending graph for this CVE
CVE-2024-37369A privilege escalation vulnerability exists in the affected product. The vulnerability allows low-privilege users to edit scripts, bypassing Access Control Lists, and potentially gaining further access within the system.
CVSS LowRockwellautomation

-

-

Trending graph for this CVE
CVE-2024-37087This vulnerability allows remote attackers to create a denial-of-service condition on affected installations of VMware vCenter Server Appliance. Authentication is not required to exploit this vulnerability.<br/>The specific flaw exists within the License Server. The issue results from the lack of proper validation of user-supplied data, which can result in an uncontrolled memory allocation. An attacker can leverage this vulnerability to create a denial-of-service condition on the system.<br/> VMware has issued an update to correct this vulnerability. More details can be found at: <br/><a href="https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/24505">https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/24505</a> <br/></td>
CVSS 5.3Vmware

Exploit

-

Trending graph for this CVE
CVE-2024-36821Insecure permissions in Linksys Velop WiFi 5 (WHW01v1) 1.1.13.202617 allows attackers to escalate privileges from Guest to root via a directory traversal.
CVSS 6.8Linksys

Exploit

-

Trending graph for this CVE
CVE-2024-3668The PowerPack Pro for Elementor plugin for WordPress is vulnerable to privilege escalation in all versions up to, and including, 2.10.17. This is due to the plugin not restricting low privileged users from setting a default role for a registration form. This makes it possible for authenticated attackers, with contributor-level access and above, to create a registration form with administrator set as the default role and then register as an administrator.
CVSS 8.8Wordpress, et al

-

-

Trending graph for this CVE
CVE-2024-3375Incorrect Permission Assignment for Critical Resource vulnerability in Havelsan Inc. Dialogue allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Dialogue: from v1.83 before v1.83.1 or v1.84.
CVSS 9.4

-

-

Trending graph for this CVE
CVE-2024-33499A vulnerability has been identified in SIMATIC RTLS Locating Manager (6GT2780-0DA00) (All versions < V3.0.1.1), SIMATIC RTLS Locating Manager (6GT2780-0DA10) (All versions < V3.0.1.1), SIMATIC RTLS Locating Manager (6GT2780-0DA20) (All versions < V3.0.1.1), SIMATIC RTLS Locating Manager (6GT2780-0DA30) (All versions < V3.0.1.1), SIMATIC RTLS Locating Manager (6GT2780-1EA10) (All versions < V3.0.1.1), SIMATIC RTLS Locating Manager (6GT2780-1EA20) (All versions < V3.0.1.1), SIMATIC RTLS Locating Manager (6GT2780-1EA30) (All versions < V3.0.1.1). The affected application assigns incorrect permissions to a user management component. This could allow a privileged attacker to escalate their privileges from the Administrators group to the Systemadministrator group.
CVSS 9.1Siemens

-

-

Trending graph for this CVE
CVE-2024-33435Insecure Permissions vulnerability in Guangzhou Yingshi Electronic Technology Co. Ncast Yingshi high-definition intelligent recording and playback system 2007-2017 allows a remote attacker to execute arbitrary code via the /manage/IPSetup.php backend function
CVSS 9.8

-

-

Trending graph for this CVE
CVE-2024-3250Note: "Pebble" here refers to Canonical's service manager, not the Let's Encrypt ACME test server. The API behind pebble pull, used to read files from the workload container by Juju charms, allows access from any user, instead of just admin. In Juju Kubernetes sidecar charms, Pebble and the charm run as root, so they have full access. But if another restricted unix user gains local access to the container host, they could hit the Pebble GET /v1/files?action=read API and would be allowed to read any file in the workload container, for example an ssh key or database password or other sensitive information. If there are ssh keys they could then potentially ssh into the workload, or if something like a database password they could log into the database. Note that this requires local user access to the host machine. It seems unlikely that an attacker could gain this level of access in a Juju Kubernetes context, but if someone did and there's sensitive information in files accessible to Pebble, the consequences are bad. To reproduce the issue, go back to the Pebble version in Juju 2.9 (5842ea68c9c7), do pebble run as root in one terminal window, then in another terminal window, as a regular user, use the pebble pull CLI. You will be able to pull any file as a regular user.
CVSS 6.5

-

Patched

Trending graph for this CVE
CVE-2024-32478Git Credential Manager (GCM) is a secure Git credential helper. Prior to 2.5.0, the Debian package does not set root ownership on installed files. This allows user 1001 on a multi-user system can replace binary and gain other users' privileges. This vulnerability is fixed in 2.5.0.
CVSS 6.9Git

-

-

Trending graph for this CVE
CVE-2024-31202A “CWE-732: Incorrect Permission Assignment for Critical Resource” in the ThermoscanIP installation folder allows a local attacker to perform a Local Privilege Escalation.
CVSS 7.8Proges

-

-

Trending graph for this CVE
CVE-2024-30369A10 Thunder ADC Incorrect Permission Assignment Local Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of A10 Thunder ADC. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the installer. The issue results from incorrect permissions on a file. An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of root. Was ZDI-CAN-22754.
CVSS 7.8A10networks, et al

Exploit

Patched

Trending graph for this CVE
CVE-2024-30208A vulnerability has been identified in SIMATIC RTLS Locating Manager (6GT2780-0DA00) (All versions < V3.0.1.1), SIMATIC RTLS Locating Manager (6GT2780-0DA10) (All versions < V3.0.1.1), SIMATIC RTLS Locating Manager (6GT2780-0DA20) (All versions < V3.0.1.1), SIMATIC RTLS Locating Manager (6GT2780-0DA30) (All versions < V3.0.1.1), SIMATIC RTLS Locating Manager (6GT2780-1EA10) (All versions < V3.0.1.1), SIMATIC RTLS Locating Manager (6GT2780-1EA20) (All versions < V3.0.1.1), SIMATIC RTLS Locating Manager (6GT2780-1EA30) (All versions < V3.0.1.1). The "DBTest" tool of SIMATIC RTLS Locating Manager does not properly enforce access restriction. This could allow an authenticated local attacker to extract sensitive information from memory.
CVSS 6.3Siemens

-

-

Trending graph for this CVE
CVE-2024-29964Docker instances in Brocade SANnav before v2.3.1 and v2.3.0a have an insecure architecture and configuration that leads to multiple vulnerabilities. Docker daemons are exposed to the WAN interface, and other vulnerabilities allow total control over the Ova appliance. A Docker instance could access any other instances, and a few could access sensitive files. The vulnerability could allow a sudo privileged user on the underlying OS to access and modify these files.
CVSS 5.7Broadcom

-

-

Trending graph for this CVE
CVE-2024-29187WiX toolset lets developers create installers for Windows Installer, the Windows installation engine. When a bundle runs as SYSTEM user, Burn uses GetTempPathW which points to an insecure directory C:\Windows\Temp to drop and load multiple binaries. Standard users can hijack the binary before it's loaded in the application resulting in elevation of privileges. This vulnerability is fixed in 3.14.1 and 4.0.5.
CVSS 7.3Microsoft

-

Patched

Trending graph for this CVE
CVE-2024-2905A security vulnerability has been discovered within rpm-ostree, pertaining to the /etc/shadow file in default builds having the world-readable bit enabled. This issue arises from the default permissions being set at a higher level than recommended, potentially exposing sensitive authentication data to unauthorized access.
CVSS 6.2Tenable, et al

-

Patched

Trending graph for this CVE
CVE-2024-28827Incorrect permissions on the Checkmk Windows Agent's data directory in Checkmk < 2.3.0p8, < 2.2.0p29, < 2.1.0p45, and <= 2.0.0p39 (EOL) allows a local attacker to gain SYSTEM privileges.
CVSS 8.8Checkmk

-

-

Trending graph for this CVE
CVE-2024-28745Improper export of Android application components issue exists in 'ABEMA' App for Android prior to 10.65.0 allowing another app installed on the user's device to access an arbitrary URL on 'ABEMA' App for Android via Intent. If this vulnerability is exploited, an arbitrary website may be displayed on the app, and as a result, the user may become a victim of a phishing attack.
CVSS 3.3

-

-

Trending graph for this CVE
CVE-2024-28589An issue was discovered in Axigen Mail Server for Windows versions 10.5.18 and before, allows local low-privileged attackers to execute arbitrary code and escalate privileges via insecure DLL loading from a world-writable directory during service initialization.
CVSS 6.7Axigen

Exploit

-

Trending graph for this CVE
CVE-2024-28163Under certain conditions, Support Web Pages of SAP NetWeaver Process Integration (PI) - versions 7.50, allows an attacker to access information which would otherwise be restricted, causing low impact on Confidentiality with no impact on Integrity and Availability of the application.
CVSS 5.3Sap

-

-

Trending graph for this CVE
CVE-2024-27294dp-golang is a Puppet module for Go installations. Prior to 1.2.7, dp-golang could install files — including the compiler binary — with the wrong ownership when Puppet was run as root and the installed package was On macOS: Go version 1.4.3 through 1.21rc3, inclusive, go1.4-bootstrap-20170518.tar.gz, or go1.4-bootstrap-20170531.tar.gz. The user and group specified in Puppet code were ignored for files within the archive. dp-puppet version 1.2.7 will recreate installations if the owner or group of any file or directory within that installation does not match the requested owner or group
CVSS 7.3

-

-

Trending graph for this CVE
CVE-2024-27108Non privileged access to critical file vulnerability in GE HealthCare EchoPAC products
CVSS 6.8Gehealthcare

-

-

Trending graph for this CVE
CVE-2024-25956Dell Grab for Windows, versions 5.0.4 and below, contains an improper file permissions vulnerability. A locally authenticated attacker could potentially exploit this vulnerability, leading to the information disclosure of certain system information.
CVSS 5.5

-

-

Trending graph for this CVE
CVE-2024-25646Due to improper validation, SAP BusinessObject Business Intelligence Launch Pad allows an authenticated attacker to access operating system information using crafted document. On successful exploitation there could be a considerable impact on confidentiality of the application.
CVSS 7.7Sap

-

-

Trending graph for this CVE
CVE-2024-25645Under certain condition SAP NetWeaver (Enterprise Portal) - version 7.50 allows an attacker to access information which would otherwise be restricted causing low impact on confidentiality of the application and with no impact on Integrity and Availability of the application.
CVSS 5.3Sap

-

-

Trending graph for this CVE
CVE-2024-25644Under certain conditions SAP NetWeaver WSRM - version 7.50, allows an attacker to access information which would otherwise be restricted, causing low impact on Confidentiality with no impact on Integrity and Availability of the application.
CVSS 5.3Sap

-

-

Trending graph for this CVE
CVE-2024-25561Insecure inherited permissions in some Intel(R) HID Event Filter software installers before version 2.2.2.1 may allow an authenticated user to potentially enable escalation of privilege via local access.
CVSS 7.8Intel

-

Patched

Trending graph for this CVE
CVE-2024-24912A local privilege escalation vulnerability has been identified in Harmony Endpoint Security Client for Windows versions E88.10 and below. To exploit this vulnerability, an attacker must first obtain the ability to execute local privileged code on the target system.
CVSS 6.7Checkpoint

-

-

Trending graph for this CVE
CVE-2024-24910A local attacker can escalate privileges on affected Check Point ZoneAlarm Extreme Security NextGen, Identity Agent for Windows, and Identity Agent for Windows Terminal Server. To exploit this vulnerability, an attacker must first obtain the ability to execute local privileged code on the target system.
CVSS 7.3Checkpoint

-

-

Trending graph for this CVE
CVE-2024-24740SAP NetWeaver Application Server (ABAP) - versions KERNEL 7.53, KERNEL 7.54, KERNEL 7.77, KERNEL 7.85, KERNEL 7.89, KERNEL 7.93, KERNEL 7.94, KRNL64UC 7.53, under certain conditions, allows an attacker to access information which could otherwise be restricted with low impact on confidentiality of the application.
CVSS 5.3Sap

-

Patched

Trending graph for this CVE
CVE-2024-24117Insecure Permissions vulnerability in Ruijie RG-NBS2009G-P RGOS v.10.4(1)P2 Release (9736) allows a remote attacker to gain privileges via the login check state component.
CVSS 9.8Ruijie

Exploit

-

Trending graph for this CVE
CVE-2024-23908Insecure inherited permissions in some Flexlm License Daemons for Intel(R) FPGA software before version v11.19.5.0 may allow an authenticated user to potentially enable escalation of privilege via local access.
CVSS 7.8Intel

-

Patched

Trending graph for this CVE
CVE-2024-22334IBM UrbanCode Deploy (UCD) 7.0 through 7.0.5.20, 7.1 through 7.1.2.16, 7.2 through 7.2.3.9, 7.3 through 7.3.2.4 and IBM DevOps Deploy 8.0 through 8.0.0.1 could be vulnerable to incomplete revocation of permissions when deleting a custom security resource type. When deleting a custom security type, associated permissions of objects using that type may not be fully revoked. This could lead to incorrect reporting of permission configuration and unexpected privileges being retained. IBM X-Force ID: 279974.
CVSS 4.4Ibm

-

-

Trending graph for this CVE
CVE-2024-22236In Spring Cloud Contract, versions 4.1.x prior to 4.1.1, versions 4.0.x prior to 4.0.5, and versions 3.1.x prior to 3.1.10, test execution is vulnerable to local information disclosure via temporary directory created with unsafe permissions through the shaded com.google.guava:guava dependency in the org.springframework.cloud:spring-cloud-contract-shade dependency.
CVSS 5.5Vmware

-

Patched

Trending graph for this CVE
CVE-2024-22029Insecure permissions in the packaging of tomcat allow local users that win a race during package installation to escalate to root
CVSS 7.8Suse

-

-

Trending graph for this CVE
CVE-2024-22016In Rapid Software LLC's Rapid SCADA versions prior to Version 5.8.4, an authorized user can write directly to the Scada directory. This may allow privilege escalation.
CVSS 7.8Rapidscada

-

-

Trending graph for this CVE
CVE-2024-21915 A privilege escalation vulnerability exists in Rockwell Automation FactoryTalk® Service Platform (FTSP). If exploited, a malicious user with basic user group privileges could potentially sign into the software and receive FTSP Administrator Group privileges. A threat actor could potentially read and modify sensitive data, delete data and render the FTSP system unavailable.
CVSS 9Rockwellautomation

-

-

Trending graph for this CVE
CVE-2024-21902An incorrect permission assignment for critical resource vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow authenticated users to read or modify the resource via a network. We have already fixed the vulnerability in the following version: QTS 5.1.7.2770 build 20240520 and later QuTS hero h5.1.7.2770 build 20240520 and later
CVSS 8.1Qnap

-

Patched

Trending graph for this CVE
CVE-2024-21835Insecure inherited permissions in some Intel(R) XTU software before version 7.14.0.15 may allow an authenticated user to potentially enable escalation of privilege via local access.
CVSS 7.8Intel

-

Patched

Trending graph for this CVE
CVE-2024-21431Hypervisor-Protected Code Integrity (HVCI) Security Feature Bypass Vulnerability
CVSS 7.8

-

Patched

Trending graph for this CVE
CVE-2024-21305Hypervisor-Protected Code Integrity (HVCI) Security Feature Bypass Vulnerability
CVSS 4.4Microsoft

Exploit

Patched

Trending graph for this CVE
CVE-2024-20456A vulnerability in the boot process of Cisco IOS XR Software could allow an authenticated, local attacker with high privileges to bypass the Cisco Secure Boot functionality and load unverified software on an affected device. To exploit this successfully, the attacker must have root-system privileges on the affected device. This vulnerability is due to an error in the software build process. An attacker could exploit this vulnerability by manipulating the system&rsquo;s configuration options to bypass some of the integrity checks that are performed during the booting process. A successful exploit could allow the attacker to control the boot configuration, which could enable them to bypass of the requirement to run Cisco signed images or alter the security properties of the running system.
CVSS 6.7Cisco

-

-

Trending graph for this CVE
CVE-2024-1724In snapd versions prior to 2.62, when using AppArmor for enforcement of sandbox permissions, snapd failed to restrict writes to the $HOME/bin path. In Ubuntu, when this path exists, it is automatically added to the users PATH. An attacker who could convince a user to install a malicious snap which used the 'home' plug could use this vulnerability to install arbitrary scripts into the users PATH which may then be run by the user outside of the expected snap sandbox and hence allow them to escape confinement.
CVSS 8.2Canonical

Exploit

Patched

Trending graph for this CVE
CVE-2024-1486Elevation of privileges via misconfigured access control list in GE HealthCare ultrasound devices
CVSS 7.4Gehealthcare

-

-

Trending graph for this CVE
CVE-2024-10526Rapid7 Velociraptor MSI Installer versions below 0.73.3 suffer from a vulnerability whereby it creates the installation directory with WRITE_DACL permission to the BUILTIN\\Users group. This allows local users who are not administrators to grant themselves the Full Control permission on Velociraptor's files. By modifying Velociraptor's files, local users can subvert the binary and cause the Velociraptor service to execute arbitrary code as the SYSTEM user, or to replace the Velociraptor binary completely.  This issue is fixed in version 0.73.3.
CVSS LowRapid7

-

-

Trending graph for this CVE
CVE-2024-10228The Vagrant VMWare Utility Windows installer targeted a custom location with a non-protected path that could be modified by an unprivileged user, introducing potential for unauthorized file system writes. This vulnerability, CVE-2024-10228, was fixed in Vagrant VMWare Utility 1.0.23
CVSS 3.3Hashicorp

-

Patched

Trending graph for this CVE
CVE-2024-10018Improper permission control in the mobile application (com.transsion.aivoiceassistant) can lead to the launch of any unexported component.
CVSS 9.8Tecno

-

-

Trending graph for this CVE
CVE-2024-0949Improper Access Control, Missing Authorization, Incorrect Authorization, Incorrect Permission Assignment for Critical Resource, Missing Authentication, Weak Authentication, Improper Restriction of Communication Channel to Intended Endpoints vulnerability in Talya Informatics Elektraweb allows Exploiting Incorrectly Configured Access Control Security Levels, Manipulating Web Input to File System Calls, Embedding Scripts within Scripts, Malicious Logic Insertion, Modification of Windows Service Configuration, Malicious Root Certificate, Intent Spoof, WebView Exposure, Data Injected During Configuration, Incomplete Data Deletion in a Multi-Tenant Environment, Install New Service, Modify Existing Service, Install Rootkit, Replace File Extension Handlers, Replace Trusted Executable, Modify Shared File, Add Malicious File to Shared Webroot, Run Software at Logon, Disable Security Software.This issue affects Elektraweb: before v17.0.68.
CVSS 9.8

-

-

Trending graph for this CVE
CVE-2024-0128NVIDIA vGPU software contains a vulnerability in the Virtual GPU Manager that allows a user of the guest OS to access global resources. A successful exploit of this vulnerability might lead to information disclosure, data tampering, and escalation of privileges.
CVSS 7.1Nvidia

-

-

Trending graph for this CVE
CVE-2023-7055A vulnerability classified as problematic has been found in PHPGurukul Online Notes Sharing System 1.0. Affected is an unknown function of the file /user/profile.php of the component Contact Information Handler. The manipulation of the argument mobilenumber leads to improper access controls. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. VDB-248742 is the identifier assigned to this vulnerability.
CVSS 5.4Phpgurukul

Exploit

-

Trending graph for this CVE
CVE-2023-6883The Easy Social Feed plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on multiple AJAX functions in all versions up to, and including, 6.5.2. This makes it possible for authenticated attackers, with subscriber-level access and above, to perform unauthorized actions, such as modifying the plugin's Facebook and Instagram access tokens and updating group IDs.
CVSS 4.3Easysocialfeed

-

-

Trending graph for this CVE
CVE-2023-6729Nokia SR OS routers allow read-write access to the entire file system via SFTP or SCP for users configured with "access console." Consequently, a low privilege authenticated user with "access console" can read or replace the router configuration file as well as other files stored in the Compact Flash or SD card without using CLI commands. This type of attack can lead to a compromise or denial of service of the router after the system is rebooted.
CVSS 7.3Nokia

-

-

Trending graph for this CVE
CVE-2023-6593 Client side permission bypass in Devolutions Remote Desktop Manager 2023.3.4.0 and earlier on iOS allows an attacker that has access to the application to execute entries in a SQL data source without restriction.
CVSS 9.8Devolutions

-

Patched

Trending graph for this CVE
CVE-2023-6506The WP 2FA – Two-factor authentication for WordPress plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 2.5.0 via the send_backup_codes_email due to missing validation on a user controlled key. This makes it possible for subscriber-level attackers to email arbitrary users on the site.
CVSS 4.3Wpwhitesecurity

-

Patched

Trending graph for this CVE
CVE-2023-6179Honeywell ProWatch, 4.5, including all Service Pack versions, contain a Vulnerability in Application Server's executable folder(s). A(n) attacker could potentially exploit this vulnerability, leading to a standard user to have arbitrary system code execution. Honeywell recommends updating to the most recent version of this product, service or offering (Pro-watch 6.0.2, 6.0, 5.5.2,5.0.5).
CVSS 7.8Honeywell

-

-

Trending graph for this CVE
CVE-2023-5937On Windows systems, the Arc configuration files resulted to be world-readable. This can lead to information disclosure by local attackers, via exfiltration of sensitive data from configuration files.
CVSS 3.8Nozominetworks

-

-

Trending graph for this CVE
CVE-2023-5936On Unix systems (Linux, MacOS), Arc uses a temporary file with unsafe privileges. By tampering with such file, a malicious local user in the system may be able to trigger arbitrary code execution with root privileges.
CVSS 7.8Apple

-

-

Trending graph for this CVE
CVE-2023-5651The WP Hotel Booking WordPress plugin before 2.0.8 does not have authorisation and CSRF checks, as well as does not ensure that the package to be deleted is a package, allowing any authenticated users, such as subscriber to delete arbitrary posts
CVSS 5.4Thimpress

Exploit

-

Trending graph for this CVE
CVE-2023-52554Permission control vulnerability in the Bluetooth module. Impact: Successful exploitation of this vulnerability may affect service confidentiality.
CVSS 6.5

-

-

Trending graph for this CVE
CVE-2023-52116Permission management vulnerability in the multi-screen interaction module. Successful exploitation of this vulnerability may cause service exceptions of the device.
CVSS 7.5Huawei

-

Patched

Trending graph for this CVE
CVE-2023-52107Vulnerability of permissions being not strictly verified in the WMS module. Successful exploitation of this vulnerability may affect service confidentiality.
CVSS 7.5Huawei

-

Patched

Trending graph for this CVE
CVE-2023-51579Voltronic Power ViewPower Incorrect Permission Assignment Local Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of Voltronic Power ViewPower. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the product installer. The issue results from incorrect permissions set on folders. An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of SYSTEM. Was ZDI-CAN-22025.
CVSS LowVoltronicpower

-

-

Trending graph for this CVE
CVE-2023-5136An incorrect permission assignment in the TopoGrafix DataPlugin for GPX could result in information disclosure. An attacker could exploit this vulnerability by getting a user to open a specially crafted data file.
CVSS 5.5Ni

-

Patched

Trending graph for this CVE
CVE-2023-5077The Vault and Vault Enterprise ("Vault") Google Cloud secrets engine did not preserve existing Google Cloud IAM Conditions upon creating or updating rolesets. Fixed in Vault 1.13.0.
CVSS 7.5Hashicorp

-

Patched

Trending graph for this CVE