Vulnerabilities > Incorrect Permission Assignment for Critical Resource
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-02-04 | CVE-2018-6606 | Incorrect Permission Assignment for Critical Resource vulnerability in Malwarefox Antimalware 2.74.0.150 An issue was discovered in MalwareFox AntiMalware 2.74.0.150. | 7.8 |
| 2018-02-03 | CVE-2018-6593 | Incorrect Permission Assignment for Critical Resource vulnerability in Malwarefox Antimalware 2.74.0.150 An issue was discovered in MalwareFox AntiMalware 2.74.0.150. | 7.8 |
| 2018-02-02 | CVE-2018-6536 | Incorrect Permission Assignment for Critical Resource vulnerability in Icinga An issue was discovered in Icinga 2.x through 2.8.1. | 5.5 |
| 2018-01-31 | CVE-2017-16945 | Incorrect Permission Assignment for Critical Resource vulnerability in Haystacksoftware ARQ The standardrestorer binary in Arq 5.10 and earlier for Mac allows local users to write to arbitrary files and consequently gain root privileges via a crafted restore path. | 7.8 |
| 2018-01-31 | CVE-2017-16928 | Incorrect Permission Assignment for Critical Resource vulnerability in Haystacksoftware ARQ The arq_updater binary in Arq 5.10 and earlier for Mac allows local users to write to arbitrary files and consequently gain root privileges via a crafted update URL, as demonstrated by file:///tmp/blah/Arq.zip. | 7.8 |
| 2018-01-26 | CVE-2017-1000403 | Incorrect Permission Assignment for Critical Resource vulnerability in Jenkins Speaks! 0.1/0.1.1 Jenkins Speaks! Plugin, all current versions, allows users with Job/Configure permission to run arbitrary Groovy code inside the Jenkins JVM, effectively elevating privileges to Overall/Run Scripts. | 8.8 |
| 2018-01-18 | CVE-2018-0089 | Incorrect Permission Assignment for Critical Resource vulnerability in Cisco Policy Suite 10.0.0/11.0.0/11.1.0 A vulnerability in the Policy and Charging Rules Function (PCRF) of the Cisco Policy Suite (CPS) could allow an unauthenticated, remote attacker to access sensitive data. | 7.5 |
| 2018-01-18 | CVE-2018-0088 | Incorrect Permission Assignment for Critical Resource vulnerability in Cisco Industrial Ethernet 4010 Series Firmware A vulnerability in one of the diagnostic test CLI commands on Cisco Industrial Ethernet 4010 Series Switches running Cisco IOS Software could allow an authenticated, local attacker to impact the stability of the device. | 6.7 |
| 2018-01-12 | CVE-2017-16885 | Incorrect Permission Assignment for Critical Resource vulnerability in Fiberhome Lm53Q1 Firmware Vh519R05C01S38 Improper Permissions Handling in the Portal on FiberHome LM53Q1 VH519R05C01S38 devices (intended for obtaining information about Internet Usage, Changing Passwords, etc.) allows remote attackers to look for the information without authenticating. | 9.8 |
| 2018-01-10 | CVE-2017-1459 | Incorrect Permission Assignment for Critical Resource vulnerability in IBM products IBM Security Access Manager Appliance 8.0.0 and 9.0.0 specifies permissions for a security-critical resource in a way that allows that resource to be read or modified by unintended actors. | 4.2 |