Vulnerabilities > Incorrect Permission Assignment for Critical Resource

DATE CVE VULNERABILITY TITLE RISK
2017-05-17 CVE-2017-7493 Incorrect Permission Assignment for Critical Resource vulnerability in multiple products
Quick Emulator (Qemu) built with the VirtFS, host directory sharing via Plan 9 File System(9pfs) support, is vulnerable to an improper access control issue.
local
low complexity
qemu debian CWE-732
7.8
7.8
2017-05-12 CVE-2017-0601 Incorrect Permission Assignment for Critical Resource vulnerability in Google Android
An Elevation of Privilege vulnerability in Bluetooth could potentially enable a local malicious application to accept harmful files shared via bluetooth without user permission.
local
low complexity
google CWE-732
5.5
5.5
2017-05-12 CVE-2017-0593 Incorrect Permission Assignment for Critical Resource vulnerability in Google Android
An elevation of privilege vulnerability in the Framework APIs could enable a local malicious application to obtain access to custom permissions.
local
low complexity
google CWE-732
7.8
7.8
2017-05-09 CVE-2017-8858 Incorrect Permission Assignment for Critical Resource vulnerability in Veritas Netbackup and Netbackup Appliance
In Veritas NetBackup 8.0 and earlier and NetBackup Appliance 3.0 and earlier, there is unauthenticated privileged remote file write using the 'bprd' process.
network
low complexity
veritas CWE-732
critical
 9.8
9.8
2017-05-09 CVE-2017-8857 Incorrect Permission Assignment for Critical Resource vulnerability in Veritas Netbackup and Netbackup Appliance
In Veritas NetBackup 8.0 and earlier and NetBackup Appliance 3.0 and earlier, there is unauthenticated file copy and arbitrary remote command execution using the 'bprd' process.
network
low complexity
veritas CWE-732
critical
 9.8
9.8
2017-05-09 CVE-2017-8856 Incorrect Permission Assignment for Critical Resource vulnerability in Veritas Netbackup and Netbackup Appliance
In Veritas NetBackup 8.0 and earlier and NetBackup Appliance 3.0 and earlier, there is unauthenticated, arbitrary remote command execution using the 'bprd' process.
network
low complexity
veritas CWE-732
critical
 9.8
9.8
2017-05-09 CVE-2017-0352 Incorrect Permission Assignment for Critical Resource vulnerability in Nvidia GPU Driver
All versions of the NVIDIA GPU Display Driver contain a vulnerability in the GPU firmware where incorrect access control may allow CPU access sensitive GPU control registers, leading to an escalation of privileges
local
low complexity
nvidia CWE-732
7.8
7.8
2017-05-06 CVE-2017-8391 Incorrect Permission Assignment for Critical Resource vulnerability in CA Client Automation R12.9/R14.0
The OS Installation Management component in CA Client Automation r12.9, r14.0, and r14.0 SP1 places an encrypted password into a readable local file during operating system installation, which allows local users to obtain sensitive information by reading this file after operating system installation.
local
low complexity
ca CWE-732
5.5
5.5
2017-04-28 CVE-2017-2115 Incorrect Permission Assignment for Critical Resource vulnerability in Cybozu Office
Cybozu Office 10.0.0 to 10.5.0 allows remote authenticated attackers to bypass access restriction to obtain "customapp" information via unspecified vectors.
network
low complexity
cybozu CWE-732
4.3
4.3
2017-04-19 CVE-2017-7850 Incorrect Permission Assignment for Critical Resource vulnerability in Tenable Nessus
Nessus 6.10.x before 6.10.5 was found to be vulnerable to a local privilege escalation issue due to insecure permissions when running in Agent Mode.
local
low complexity
tenable CWE-732
7.8
7.8