CVE-2026-24755

Kiteworks is a private data network PDN. Prior to version 9.3.0, an Insecure Direct Object Reference IDOR vulnerability in Kiteworks Secure Data Forms allows an authenticated user to modify permissions on resources belonging to other users due to insufficient authorization checks on resource...

Suprema BioStar 安全漏洞

Suprema BioStar is a web-based, open-integrated security platform developed by the South Korean company Suprema. It offers comprehensive features for access control, attendance management, visitor management, and video log maintenance. There were security vulnerabilities in the versions of Suprem...

ILM Informatique OpenConcerto 安全漏洞

ILM Informatique OpenConcerto is a business management software suite developed by the French company ILM Informatique. Version 1.7.5 of ILM Informatique OpenConcerto contains a security vulnerability, which stems from improper allocation of permissions for critical resources, potentially leading...

CVE-2026-22768

Dell AppSync, versions 4.6.0, contains an Incorrect Permission Assignment for Critical Resource vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to Elevation of privileges...

EUVD-2026-10614

Incorrect permission assignment for critical resource in Windows Accessibility Infrastructure ATBroker.exe allows an authorized attacker to elevate privileges locally...

CVE-2026-3315

Incorrect Default Permissions, : Execution with Unnecessary Privileges, : Incorrect Permission Assignment for Critical Resource vulnerability in ASSA ABLOY Visionline on Windows allows Configuration/Environment Manipulation.This issue affects Visionline: from 1.0 before 1.33...

CVE-2026-3315

Incorrect Default Permissions, : Execution with Unnecessary Privileges, : Incorrect Permission Assignment for Critical Resource vulnerability in ASSA ABLOY Visionline on Windows allows Configuration/Environment Manipulation.This issue affects Visionline: from 1.0 before 1.33...

PT-2026-24197

Name of the Vulnerable Software and Affected Versions ASSA ABLOY Visionline versions prior to 1.33 Description An issue exists in ASSA ABLOY Visionline that allows for configuration or environment manipulation due to incorrect default permissions, leading to execution with unnecessary privileges...

PT-2026-24285

Name of the Vulnerable Software and Affected Versions Windows versions prior to March 10, 2026 Patch Tuesday Description An improper permission assignment within the Windows Accessibility Infrastructure ATBroker.exe allows an authorized attacker to elevate privileges locally. The issue stems from...

ASSA ABLOY Visionline 安全漏洞

ASSA ABLOY Visionline is a public area access control management platform developed by ASSA ABLOY Japan. Versions of ASSA ABLOY Visionline prior to version 1.33 contained security vulnerabilities. These vulnerabilities were caused by incorrect default permissions on Windows, execution of...

EUVD-2025-208252

IBM Storage Scale IBM S through rage Scale 5.2.3.0 - 5.2.3.5, and IBM S through rage Scale 6.0.0.0 - 6.0.0.1 could allow a local user to unintentionally trigger additional permissions for resources in a way that allows that resource to be executed by unintended actors...

Owl Cyber Defense OPDS 安全漏洞

Owl Cyber Defense OPDS is a network isolation device developed by Owl Cyber Defense Corporation in the United States. Version 2.2.0.4 of Owl Cyber Defense OPDS contains a security vulnerability, which stems from improper allocation of permissions for critical resources, potentially leading to fil...

CVE-2025-13941 Foxit PDF Reader Update Service Incorrect Permission Assignment Local Privilege Escalation Vulnerability

A local privilege escalation vulnerability exists in the Foxit PDF Reader/Editor Update Service. During plugin installation, incorrect file system permissions are assigned to resources used by the update service. A local attacker with low privileges could modify or replace these resources, which...

Salesforce Agentforce Vibes Extension 安全漏洞

Salesforce Agentforce Vibes Extension is an AI-coded agent extension from Salesforce USA. A security vulnerability exists in Salesforce Agentforce Vibes Extension versions prior to 3.2.0, which stems from improper assignment of critical resource permissions and could lead to tampering with writab...

MediaWiki - Lockdown Extension 安全漏洞

MediaWiki - Lockdown Extension is an open source permission control extension for MediaWiki. A security vulnerability exists in MediaWiki - Lockdown Extension versions up to and including version 1.42, which stems from an improper assignment of critical resource permissions and could lead to...

EUVD-2010-5242

Malware in sbrugna...

EUVD-2024-3361

Malicious code in bioql PyPI...

The vulnerability of the Go programming language’s Verify component allows attackers to circumvent existing security restrictions.

The vulnerability of the Go programming language’s Verify component is related to the improper assignment of permissions for a critical resource. Exploiting this vulnerability can allow an attacker to bypass existing security restrictions remotely...

The vulnerability of the video transmission application Canon EOS Webcam Utility Pro on macOS operating systems arises from the incorrect assignment of permissions to the critical resource. This allows attackers to execute arbitrary code and increase their privileges.

The vulnerability of the video transmission application Canon EOS Webcam Utility Pro on macOS systems is related to the incorrect assignment of permissions for the critical resource. Exploiting this vulnerability allows an attacker to execute arbitrary code and increase their privileges...

Vulnerability of the Server:Options component of the Oracle MySQL Server database management system and the Cluster:General component of the MySQL Cluster database management system, which allows a hacker to gain unauthorized access to protected information.

The vulnerability of the Server:Options component of the Oracle MySQL Server database management system and the Cluster:General component of the MySQL Cluster database management system is related to the improper assignment of permissions for critical resources. Exploiting this vulnerability can...