Vulnerabilities > Incorrect Permission Assignment for Critical Resource

DATE CVE VULNERABILITY TITLE RISK
2021-02-18 CVE-2019-18243 Incorrect Permission Assignment for Critical Resource vulnerability in GE Ifix
HMI/SCADA iFIX (Versions 6.1 and prior) allows a local authenticated user to modify system-wide iFIX configurations through the registry.
local
low complexity
ge CWE-732
2.1
2021-02-18 CVE-2019-18255 Incorrect Permission Assignment for Critical Resource vulnerability in GE Ifix
HMI/SCADA iFIX (Versions 6.1 and prior) allows a local authenticated user to modify system-wide iFIX configurations through section objects.
local
low complexity
ge CWE-732
2.1
2021-02-17 CVE-2020-35339 Incorrect Permission Assignment for Critical Resource vulnerability in 74Cms 5.0.1
In 74cms version 5.0.1, there is a remote code execution vulnerability in /Application/Admin/Controller/ConfigController.class.php and /ThinkPHP/Common/functions.php where attackers can obtain server permissions and control the server.
network
low complexity
74cms CWE-732
7.5
2021-02-12 CVE-2021-20643 Incorrect Permission Assignment for Critical Resource vulnerability in Elecom Ld-Ps/U1 Firmware
Improper access control vulnerability in ELECOM LD-PS/U1 allows remote attackers to change the administrative password of the affected device by processing a specially crafted request.
network
low complexity
elecom CWE-732
5.0
2021-02-11 CVE-2020-8029 Incorrect Permission Assignment for Critical Resource vulnerability in Suse Caas Platform 4.5
A Incorrect Permission Assignment for Critical Resource vulnerability in skuba of SUSE CaaS Platform 4.5 allows local attackers to gain access to the kublet key.
local
low complexity
suse CWE-732
2.1
2021-02-10 CVE-2021-0334 Incorrect Permission Assignment for Critical Resource vulnerability in Google Android
In onTargetSelected of ResolverActivity.java, there is a possible settings bypass allowing an app to become the default handler for arbitrary domains.
local
low complexity
google CWE-732
7.2
2021-02-09 CVE-2020-26196 Incorrect Permission Assignment for Critical Resource vulnerability in Dell EMC Powerscale Onefs
Dell EMC PowerScale OneFS versions 8.1.0-9.1.0 contain a Backup/Restore Privilege implementation issue.
local
low complexity
dell CWE-732
2.1
2021-02-09 CVE-2020-26194 Incorrect Permission Assignment for Critical Resource vulnerability in Dell EMC Powerscale Onefs 8.1.2/8.2.2
Dell EMC PowerScale OneFS versions 8.1.2 and 8.2.2 contain an Incorrect Permission Assignment for a Critical Resource vulnerability.
local
low complexity
dell CWE-732
4.6
2021-02-05 CVE-2020-10858 Incorrect Permission Assignment for Critical Resource vulnerability in Zulip Desktop
Zulip Desktop before 5.0.0 allows attackers to perform recording via the webcam and microphone due to a missing permission request handler.
network
low complexity
zulip CWE-732
5.0
2021-02-05 CVE-2020-10553 Incorrect Permission Assignment for Critical Resource vulnerability in Psyprax
An issue was discovered in Psyprax before 3.2.2.
local
low complexity
psyprax CWE-732
2.1