Lucene search
K

120 matches found

Snyk
Snyk
added 2026/05/14 8:15 p.m.13 views

Incorrect Permission Assignment for Critical Resource

Overview open-webui is an Open WebUI Affected versions of this package are vulnerable to Incorrect Permission Assignment for Critical Resource in the files/ endpoints. An attacker can list, access and delete every uploaded file due to absence of authorisation on these endpoints. Remediation Upgra...

8.6CVSS5.8AI score0.00273EPSS
Exploits1References2
EUVD
EUVD
added 2026/03/04 3:30 p.m.6 views

EUVD-2026-9393

Files or Directories Accessible to External Parties, Incorrect Permission Assignment for Critical Resource vulnerability in Hallo Welt! GmbH BlueSpice Extension:NSFileRepo modules allows Accessing Functionality Not Properly Constrained by ACLs, Bypassing Electronic Locks and Access Controls.This...

8.7CVSS5.9AI score0.00265EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/02/20 12:0 a.m.8 views

Owl Cyber Defense OPDS 安全漏洞

Owl Cyber Defense OPDS is a network isolation device developed by Owl Cyber Defense Corporation in the United States. Version 2.2.0.4 of Owl Cyber Defense OPDS contains a security vulnerability, which stems from improper allocation of permissions for critical resources, potentially leading to fil...

8.5CVSS5.8AI score0.00096EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/02/20 12:0 a.m.8 views

Owl Cyber Defense OPDS 安全漏洞

Owl Cyber Defense OPDS is a network isolation device developed by Owl Cyber Defense Corporation in the United States. Version 2.2.0.4 of Owl Cyber Defense OPDS contains a security vulnerability, which stems from improper allocation of permissions for critical resources, potentially leading to fil...

8.5CVSS5.8AI score0.00106EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/02/20 12:0 a.m.9 views

Owl Cyber Defense OPDS 安全漏洞

Owl Cyber Defense OPDS is a network isolation device developed by Owl Cyber Defense Corporation in the United States. Version 2.2.0.4 of Owl Cyber Defense OPDS contains a security vulnerability, which stems from improper allocation of permissions for critical resources, potentially leading to fil...

6.8CVSS5.8AI score0.00089EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/02/19 1:27 a.m.7 views

CVE-2025-33088

IBM Concert 1.0.0 through 2.1.0 could allow a local user with specific knowledge about the system's architecture to escalate their privileges due to incorrect file permissions for critical resources...

7.4CVSS5.5AI score0.00099EPSS
Exploits0References1
OSV
OSV
added 2026/02/17 10:18 p.m.3 views

CVE-2025-33088

IBM Concert 1.0.0 through 2.1.0 could allow a local user with specific knowledge about the system's architecture to escalate their privileges due to incorrect file permissions for critical resources...

7.4CVSS5.5AI score
Exploits0References1
NVD
NVD
added 2026/02/17 10:18 p.m.13 views

CVE-2025-33088

IBM Concert 1.0.0 through 2.1.0 could allow a local user with specific knowledge about the system's architecture to escalate their privileges due to incorrect file permissions for critical resources...

7.4CVSS0.00099EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/02/17 9:35 p.m.4 views

CVE-2025-33088

IBM Concert 1.0.0 through 2.1.0 could allow a local user with specific knowledge about the system's architecture to escalate their privileges due to incorrect file permissions for critical resources...

7.4CVSS5.5AI score0.00099EPSS
Exploits0References2Affected Software1
Vulnrichment
Vulnrichment
added 2026/02/17 9:35 p.m.6 views

CVE-2025-33088 Multiple Vulnerabilities in IBM Concert Software.

IBM Concert 1.0.0 through 2.1.0 could allow a local user with specific knowledge about the system's architecture to escalate their privileges due to incorrect file permissions for critical resources...

7.4CVSS5.4AI score0.00099EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/02/17 9:35 p.m.30 views

CVE-2025-33088 Multiple Vulnerabilities in IBM Concert Software.

IBM Concert 1.0.0 through 2.1.0 could allow a local user with specific knowledge about the system's architecture to escalate their privileges due to incorrect file permissions for critical resources...

7.4CVSS0.00099EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/02/03 5:44 p.m.3 views

CVE-2025-52627 HCL AION is susceptible to Incorrect Permission Assignment for Critical Resource

Root File System Not Mounted as Read-Only configuration vulnerability. This can allow unintended modifications to critical system files, potentially increasing the risk of system compromise or unauthorized changes.This issue affects AION: 2.0...

5.5CVSS5.4AI score0.00148EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/02/03 5:44 p.m.32 views

CVE-2025-52627 HCL AION is susceptible to Incorrect Permission Assignment for Critical Resource

Root File System Not Mounted as Read-Only configuration vulnerability. This can allow unintended modifications to critical system files, potentially increasing the risk of system compromise or unauthorized changes.This issue affects AION: 2.0...

5.5CVSS0.00148EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/09 9:5 a.m.7 views

CVE-2024-41970

A low privileged remote attacker may gain access to forbidden diagnostic data due to incorrect permission assignment for critical resources...

5.7CVSS7.1AI score0.00339EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2018-12329

Malware in sbrugna...

8.1CVSS6.4AI score0.00675EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2016-10530

Malware in sbrugna...

6.5CVSS6.9AI score0.00771EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2017-0367

Malware in sbrugna...

9.8CVSS9.3AI score0.02594EPSS
Exploits0References7
EUVD
EUVD
added 2025/10/07 12:30 a.m.3 views

EUVD-2017-0111

Malware in sbrugna...

9.8CVSS9.3AI score0.02594EPSS
Exploits0References7
EUVD
EUVD
added 2025/10/07 12:30 a.m.7 views

EUVD-2017-10499

Malware in sbrugna...

8.6CVSS8.8AI score0.01485EPSS
Exploits0References4
EUVD
EUVD
added 2025/10/03 8:7 p.m.7 views

EUVD-2024-39300

Malicious code in bioql PyPI...

5.7CVSS6.6AI score0.00339EPSS
Exploits0References1
Rows per page
Query Builder