CVE-2026-26101

Incorrect Permission Assignment for Critical Resource in Owl opds 2.2.0.4 allows File Manipulation via a crafted network request...

CVE-2026-26102 Incorrect Permission Assignment for Critical Resource in Owl opds

Incorrect Permission Assignment for Critical Resource in Owl opds 2.2.0.4 allows File Manipulation via a crafted network request...

CVE-2025-53396

Incorrect permission assignment for critical resource issue exists in SS1 Ver.16.0.0.10 and earlier Media version:16.0.0a and earlier, which may allow users who can log in to a client terminal to obtain root privileges...

CVE-2025-43729

Dell ThinOS 10, versions prior to 250810.0127, contains an Incorrect Permission Assignment for Critical Resource vulnerability. A local low-privileged attacker could potentially exploit this vulnerability leading to Elevation of Privileges and Unauthorized Access...

PT-2025-4213 · Microsoft · Windows Secure Kernel Mode +1

Name of the Vulnerable Software and Affected Versions: Windows Secure Kernel Mode affected versions not specified Description: An elevation-of-privilege issue allows attackers to affect the system. The issue is related to incorrect permission assignment for a critical resource. Technical details...

CVE-2024-31202

A “CWE-732: Incorrect Permission Assignment for Critical Resource” in the ThermoscanIP installation folder allows a local attacker to perform a Local Privilege Escalation...

CVE-2023-34437 Baker Hughes Bently Nevada 3500 System Incorrect Permission Assignment for Critical Resource

Baker Hughes – Bently Nevada 3500 System TDI Firmware version 5.05 contains a vulnerability in their password retrieval functionality which could allow an attacker to access passwords stored on the device...

CVE-2023-21272

In readFrom of Uri.java, there is a possible bad URI permission grant due to improper input validation. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...

Openstack tripleo-heat-templates unauthenticated file access

A resource-permission flaw was found in the tripleo-heat-templates package where ceph.client.openstack.keyring is created as world-readable. A local attacker with access to the key could read or modify data on Ceph cluster pools for OpenStack as though the attacker were the OpenStack service, thu...

Security Bulletin: UrbanCode Deploy users with create-resource permission for the standard resource type may create child resources inheriting custom types (CVE-2022-22315).

Summary Users in UrbanCode Deploy with create-resource permission for the standard resource type but not for a custom resource type, may create child resources inheriting that custom type. Vulnerability Details CVEID: CVE-2022-22315 DESCRIPTION: IBM UrbanCode Deploy UCD could allow an authenticat...

Advantech WebAccess Node Critical Resource Permission Assignment Incorrect Vulnerability

The Advantech WebAccess Node is an HMI Human Machine Interaction platform. A security vulnerability exists in Advantech WebAccess Node versions prior to 9.0.1. An attacker can exploit the vulnerability to execute code with system privileges...

CVE-2017-1396

IBM Security Identity Governance Virtual Appliance 5.2 through 5.2.3.2 specifies permissions for a security-critical resource in a way that allows that resource to be read or modified by unintended actors. IBM X-Force ID: 127342...

Moderate: Red Hat Security Advisory: Red Hat OpenStack Platform director security update

An update is now available for Red Hat OpenStack Platform 11.0 Ocata. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the...

CVE-2017-12155

A resource-permission flaw was found in the openstack-tripleo-heat-templates package where ceph.client.openstack.keyring is created as world-readable. A local attacker with access to the key could read or modify data on Ceph cluster pools for OpenStack as though the attacker were the OpenStack...

CVE-2017-12155

The CVE-2017-12155 issue is a resource-permission flaw in openstack-tripleo-heat-templates (ceph.client.openstack.keyring created world-readable). A local attacker with access to the key could read or modify data on Ceph cluster pools for OpenStack as though they were the OpenStack service, poten...