CVE-2023-29065

MEDIUM Year: 2023
CVSS v3 Score
4.3
Medium
Weakness Type
CWE-277
View all →

Vulnerability Description

The FACSChorus software database can be accessed directly with the privileges of the currently logged-in user. A threat actor with physical access could potentially gain credentials, which could be used to alter or destroy data stored in the database.

Related Vulnerabilities

CVE-2021-24032

MEDIUM
CVSS:4.7(Medium)

Beginning in v1.4.1 and prior to v1.4.9, due to an incomplete fix for CVE-2021-24031, the Zstandard command-line utility created output files with default permissions and restricted those permissions ...

CWE-2772021

CVE-2024-45599

LOW
CVSS:3.8(Low)

Cursor is an artificial intelligence code editor. Prior to version 0.41.0, if a user on macOS has granted Cursor access to the camera or microphone, any program that is run on the machine is able to a...

CWE-2772024

CVE-2019-5068

MEDIUM
CVSS:5.1(Medium)

An exploitable shared memory permissions vulnerability exists in the functionality of X11 Mesa 3D Graphics Library 19.1.2. An attacker can access the shared memory without any specific permissions to ...

CWE-2772019

CVE-2021-32725

MEDIUM
CVSS:5.3(Medium)

Nextcloud Server is a Nextcloud package that handles data storage. In versions prior to 19.0.13, 20.011, and 21.0.3, default share permissions were not being respected for federated reshares of files ...

CWE-2772021

CVE-2021-24031

MEDIUM
CVSS:5.5(Medium)

In the Zstandard command-line utility prior to v1.4.1, output files were created with default permissions. Correct file permissions (matching the input) would only be set at completion time. Output fi...

CWE-2772021

CVE-2023-28207

MEDIUM
CVSS:5.5(Medium)

The issue was addressed with improved checks. This issue is fixed in macOS Ventura 13.3, macOS Monterey 12.6.4, macOS Big Sur 11.7.5. A plug-in may be able to inherit app permissions and access user d...

CWE-2772023