Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CWE-708 (不正确的属主授予) — Vulnerability Class 18

18 vulnerabilities classified as CWE-708 (不正确的属主授予). AI Chinese analysis included.

CVE IDTitleCVSSSeverityPublished
CVE-2026-40196 HomeBox has Unauthorized API Access via Retained defaultGroup ID After Group Access Revocation — homebox 8.1 High2026-04-17
CVE-2026-32691 Timing ownership claim attack on new external back-end secrets — Juju 5.3 Medium2026-03-18
CVE-2025-5467 Ubuntu Apport Insecure File Permissions Vulnerability — apport 3.3AILowAI2025-12-10
CVE-2025-14262 Jobs can be saved as workflows with wrong permissions on KNIME Business Hub — KNIME Business Hub 6.5AIMediumAI2025-12-08
CVE-2025-5069 Incorrect Ownership Assignment in GitLab — GitLab 3.5 Low2025-09-26
CVE-2024-52561 Parallels Desktop 安全漏洞 — Parallels Desktop for Mac 7.8 High2025-06-03
CVE-2024-45417 Zoom Apps for macOS - Uncontrolled Resource Consumption — Zoom Apps for macOS 6.0 Medium2025-02-25
CVE-2024-45426 Zoom Workplace Apps - Incorrect Ownership Assignment — Zoom Workplace Apps 4.9 Medium2025-02-25
CVE-2024-9633 Incorrect Ownership Assignment in GitLab — GitLab 3.1 Low2024-11-14
CVE-2023-29122 Incorrect file ownership of privileged service's libraries in Enel X JuiceBox — JuiceBox Pro 3.0 22kW Cellular 6.7 Medium2024-11-05
CVE-2024-41773 IBM Global Configuration Management incorrect ownership assignment — Global Configuration Management 6.5 Medium2024-08-20
CVE-2023-4008 Incorrect Ownership Assignment in GitLab — GitLab 5.3 Medium2023-08-03
CVE-2023-20044 Cisco CX Cloud Agent 安全漏洞 — Cisco CX Cloud Agent 6.7 Medium2023-01-19
CVE-2023-20043 Cisco CX Cloud Agent 安全漏洞 — Cisco CX Cloud Agent 6.7 Medium2023-01-19
CVE-2022-33737 OpenVPN 日志信息泄露漏洞 — OpenVPN Access Server 9.1 -2022-07-06
CVE-2021-26248 Philips MRI 1.5T and 3T Incorrect Ownership Assignment — MRI 1.5T 5.5 -2021-11-19
CVE-2021-32726 Webauthn tokens not removed after user has been deleted — security-advisories 7.1 High2021-07-12
CVE-2021-32689 Nextcloud Talk not properly disassociating users from chats after account deletion — security-advisories 8.1 High2021-07-12

Vulnerabilities classified as CWE-708 (不正确的属主授予) represent 18 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.