CWE-275(Permission Issues)は各種脆弱性データベースや評価で用いられる弱点タイプを説明します。定義・背景・対応する CVE は以下の各セクションを参照してください。
Weaknesses in this category are related to improper assignment or handling of permissions.
これらの CVE は本データベースでこの弱点に対応付けられており、追跡と検索のために保持されています。
| CVE | 公開 | 概要 |
|---|---|---|
| CVE-2026-41969 | 2026-05-15 | Permission control vulnerability in the projection module. Impact: Successful exploitation of this vulnerability may affect service confidentiality. |
| CVE-2026-28553 | 2026-04-13 | Vulnerability of improper permission control in the theme setting module. Impact: Successful exploitation of this vulnerability may affect service confidentiality. |
| CVE-2025-58288 | 2025-10-11 | Denial of service (DoS) vulnerability in the office service. Successful exploitation of this vulnerability may affect availability. |
| CVE-2025-58287 | 2025-10-11 | Use After Free (UAF) vulnerability in the office service. Successful exploitation of this vulnerability may affect service confidentiality. |
| CVE-2025-10941 | 2025-09-25 | A vulnerability was determined in Topaz SERVCore Teller 2.14.0-RC2/2.14.1. Affected by this issue is some unknown functionality of the file SERVCoreTeller_2.0.40D.msi of the component Installer. Execu… |
| CVE-2025-8797 | 2025-08-10 | A vulnerability was found in LitmusChaos Litmus up to 3.19.0 and classified as critical. This issue affects some unknown processing of the component LocalStorage Handler. The manipulation leads to per… |
| CVE-2025-54624 | 2025-08-06 | Unexpected injection event vulnerability in the multimodalinput module. Impact: Successful exploitation of this vulnerability may affect availability. |
| CVE-2025-54618 | 2025-08-06 | Permission control vulnerability in the distributed clipboard module. Impact: Successful exploitation of this vulnerability may affect service confidentiality. |
| CVE-2025-53168 | 2025-07-07 | Vulnerability of bypassing the process to start SA and use related functions on distributed cameras Impact: Successful exploitation of this vulnerability may allow the peer device to use the camera wi… |
| CVE-2025-6765 | 2025-06-27 | A vulnerability, which was classified as critical, has been found in Intelbras InControl 2.21.60.9. This issue affects some unknown processing of the file /v1/operador/ of the component HTTP PUT Reque… |
| CVE-2024-13189 | 2025-01-08 | A vulnerability classified as critical has been found in ZeroWdd myblog 1.0. This affects an unknown part of the file src/main/java/com/wdd/myblog/config/MyBlogMvcConfig.java. The manipulation leads t… |
| CVE-2024-11486 | 2024-11-20 | A vulnerability, which was classified as problematic, was found in Code4Berry Decoration Management System 1.0. This affects an unknown part of the file /decoration/admin/user_permission.php of the co… |
| CVE-2024-11485 | 2024-11-20 | A vulnerability, which was classified as critical, has been found in Code4Berry Decoration Management System 1.0. Affected by this issue is some unknown functionality of the file /decoration/admin/use… |
| CVE-2024-3118 | 2024-03-31 | A vulnerability, which was classified as critical, has been found in Dreamer CMS up to 4.1.3. This issue affects some unknown processing of the component Attachment Handler. The manipulation leads to … |
| CVE-2023-6762 | 2023-12-13 | A vulnerability, which was classified as critical, was found in Thecosy IceCMS 2.0.1. Affected is an unknown function of the file /article/DelectArticleById/ of the component Article Handler. The mani… |
| CVE-2023-6302 | 2023-11-27 | A vulnerability was found in CSZCMS 1.3.0 and classified as critical. Affected by this issue is some unknown functionality of the file \views\templates of the component File Manager Page. The manipula… |
| CVE-2023-5263 | 2023-09-29 | A vulnerability was found in ZZZCMS 2.1.7 and classified as critical. Affected by this issue is the function restore of the file /admin/save.php of the component Database Backup File Handler. The mani… |
| CVE-2023-39399 | 2023-08-13 | Parameter verification vulnerability in the installd module. Successful exploitation of this vulnerability may cause sandbox files to be read and written without authorization. |
| CVE-2023-39398 | 2023-08-13 | Parameter verification vulnerability in the installd module. Successful exploitation of this vulnerability may cause sandbox files to be read and written without authorization. |
| CVE-2023-3759 | 2023-07-19 | A vulnerability, which was classified as critical, was found in Intergard SGS 8.7.0. Affected is an unknown function. The manipulation leads to permission issues. It is possible to launch the attack r… |
| 日付 | 名称 | バージョン | 重要度 | コメント |
|---|---|---|---|---|
| 2008-09-08 | CWE Content Team | 1.0 | — | updated Relationships, Taxonomy_Mappings |
| 2009-01-12 | CWE Content Team | 1.2 | — | updated Relationships |
| 2012-05-11 | CWE Content Team | 2.2 | — | updated References |
| 2014-07-30 | CWE Content Team | 2.8 | — | updated Detection_Factors |
| 2017-11-08 | CWE Content Team | 3.0 | — | updated Affected_Resources, Detection_Factors, Functional_Areas, Related_Attack_Patterns, Relationships |
| 2018-03-27 | CWE Content Team | 3.1 | — | updated Relationships |
| 2020-02-24 | CWE Content Team | 4.0 | — | updated Relationships, Terminology_Notes |
| 2021-10-28 | CWE Content Team | 4.6 | — | updated Relationships |
| 2023-01-31 | CWE Content Team | 4.10 | — | updated Terminology_Notes |
| 2023-06-29 | CWE Content Team | 4.12 | — | updated Mapping_Notes |