Vulnerabilities > Incorrect Permission Assignment for Critical Resource
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2017-09-14 | CVE-2017-13779 | Incorrect Permission Assignment for Critical Resource vulnerability in Gstn India Goods and Services TAX Network Offline Utility Tool 1.1 GSTN_offline_tool in India Goods and Services Tax Network (GSTN) Offline Utility tool before 1.2 executes winstart-server.vbs from the "C:\GST Offline Tool" directory, which has insecure permissions. | 7.8 |
| 2017-09-13 | CVE-2017-7560 | Incorrect Permission Assignment for Critical Resource vulnerability in Redhat Rhnsd It was found that rhnsd PID files are created as world-writable that allows local attackers to fill the disks or to kill selected processes. | 5.5 |
| 2017-09-08 | CVE-2017-0784 | Incorrect Permission Assignment for Critical Resource vulnerability in Google Android A elevation of privilege vulnerability in the Android system (nfc). | 8.8 |
| 2017-09-08 | CVE-2017-0752 | Incorrect Permission Assignment for Critical Resource vulnerability in Google Android A elevation of privilege vulnerability in the Android framework (windowmanager). | 7.8 |
| 2017-08-30 | CVE-2017-12713 | Incorrect Permission Assignment for Critical Resource vulnerability in Advantech Webaccess An Incorrect Permission Assignment for Critical Resource issue was discovered in Advantech WebAccess versions prior to V8.2_20170817. | 7.8 |
| 2017-08-25 | CVE-2017-12816 | Incorrect Permission Assignment for Critical Resource vulnerability in Kaspersky Internet Security 11.12.4.1622 In Kaspersky Internet Security for Android 11.12.4.1622, some of application exports activities have weak permissions, which might be used by a malware application to get unauthorized access to the product functionality by using Android IPC. | 9.8 |
| 2017-08-18 | CVE-2017-11653 | Incorrect Permission Assignment for Critical Resource vulnerability in Razer Synapse Razer Synapse 2.20.15.1104 and earlier uses weak permissions for the Devices directory, which allows local users to gain privileges via a Trojan horse (1) RazerConfigNative.dll or (2) RazerConfigNativeLOC.dll file. | 7.8 |
| 2017-08-18 | CVE-2017-11652 | Incorrect Permission Assignment for Critical Resource vulnerability in Razer Synapse Razer Synapse 2.20.15.1104 and earlier uses weak permissions for the CrashReporter directory, which allows local users to gain privileges via a Trojan horse dbghelp.dll file. | 8.4 |
| 2017-08-15 | CVE-2017-8665 | Incorrect Permission Assignment for Critical Resource vulnerability in Microsoft Xamarin.Ios 10.11 The Xamarin.iOS update component on systems running macOS allows an attacker to run arbitrary code as root, aka "Xamarin.iOS Elevation Of Privilege Vulnerability." | 7.8 |
| 2017-08-14 | CVE-2017-11156 | Incorrect Permission Assignment for Critical Resource vulnerability in Synology Download Station Synology Download Station 3.8.x before 3.8.5-3475 and 3.x before 3.5-2984 uses weak permissions (0777) for ui/dlm/btsearch directory, which allows remote authenticated users to execute arbitrary code by uploading an executable via unspecified vectors. | 7.8 |