Vulnerabilities > Incorrect Permission Assignment for Critical Resource

DATE CVE VULNERABILITY TITLE RISK
2021-04-30 CVE-2021-20326 Incorrect Permission Assignment for Critical Resource vulnerability in Mongodb
A user authorized to performing a specific type of find query may trigger a denial of service.
network
low complexity
mongodb CWE-732
4.0
2021-04-26 CVE-2021-22669 Incorrect permissions are set to default on the ‘Project Management’ page of WebAccess/SCADA portal of WebAccess/SCADA Versions 9.0.1 and prior, which may allow a low-privileged user to update an administrator’s password and login as an administrator to escalate privileges on the system. 0.0
2021-04-23 CVE-2021-31540 Incorrect Permission Assignment for Critical Resource vulnerability in Wowza Streaming Engine
Wowza Streaming Engine through 4.8.5 (in a default installation) has incorrect file permissions of configuration files in the conf/ directory.
local
low complexity
wowza CWE-732
3.6
2021-04-22 CVE-2021-28168 Incorrect Permission Assignment for Critical Resource vulnerability in Eclipse Jersey
Eclipse Jersey 2.28 to 2.33 and Eclipse Jersey 3.0.0 to 3.0.1 contains a local information disclosure vulnerability.
local
low complexity
eclipse CWE-732
2.1
2021-04-15 CVE-2021-30487 In the topic moving API in Zulip Server 3.x before 3.4, organization administrators were able to move messages to streams in other organizations hosted by the same Zulip installation.
network
low complexity
CWE-732
4.0
2021-04-15 CVE-2021-30479 An issue was discovered in Zulip Server before 3.4.
network
low complexity
CWE-732
5.0
2021-04-15 CVE-2021-30478 An issue was discovered in Zulip Server before 3.4.
network
low complexity
CWE-732
4.0
2021-04-15 CVE-2021-30477 An issue was discovered in Zulip Server before 3.4.
network
low complexity
CWE-732
4.0
2021-04-13 CVE-2021-28646 Incorrect Permission Assignment for Critical Resource vulnerability in Trendmicro Apex ONE and Officescan
An insecure file permissions vulnerability in Trend Micro Apex One, Apex One as a Service and OfficeScan XG SP1 could allow a local attacker to take control of a specific log file on affected installations.
local
low complexity
trendmicro CWE-732
2.1
2021-04-13 CVE-2021-28645 Incorrect Permission Assignment for Critical Resource vulnerability in Trendmicro Apex ONE and Officescan
An incorrect permission assignment vulnerability in Trend Micro Apex One, Apex One as a Service and OfficeScan XG SP1 could allow a local attacker to escalate privileges on affected installations.
local
low complexity
trendmicro CWE-732
7.2