Vulnerabilities > Incorrect Permission Assignment for Critical Resource
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2017-06-15 | CVE-2017-9606 | Incorrect Permission Assignment for Critical Resource vulnerability in Infotecs Vipnet Client and Vipnet Coordinator Infotecs ViPNet Client and Coordinator before 4.3.2-42442 allow local users to gain privileges by placing a Trojan horse ViPNet update file in the update folder. | 7.3 |
| 2017-06-07 | CVE-2017-7563 | Incorrect Permission Assignment for Critical Resource vulnerability in ARM Trusted Firmware In ARM Trusted Firmware 1.3, RO memory is always executable at AArch64 Secure EL1, allowing attackers to bypass the MT_EXECUTE_NEVER protection mechanism. | 8.1 |
| 2017-06-06 | CVE-2017-9462 | Incorrect Permission Assignment for Critical Resource vulnerability in multiple products In Mercurial before 4.1.3, "hg serve --stdio" allows remote authenticated users to launch the Python debugger, and consequently execute arbitrary code, by using --debugger as a repository name. | 8.8 |
| 2017-05-27 | CVE-2017-7337 | Incorrect Permission Assignment for Critical Resource vulnerability in Fortinet Fortiportal An improper Access Control vulnerability in Fortinet FortiPortal versions 4.0.0 and below allows an attacker to interact with unauthorized VDOMs or enumerate other ADOMs via another user's stolen session and CSRF tokens or the adomName parameter in the /fpc/sec/customer/policy/getAdomVersion request. | 9.1 |
| 2017-05-21 | CVE-2017-9136 | Incorrect Permission Assignment for Critical Resource vulnerability in Mimosa Backhaul Radios and Client Radios An issue was discovered on Mimosa Client Radios before 2.2.3. | 7.5 |
| 2017-05-19 | CVE-2017-9079 | Incorrect Permission Assignment for Critical Resource vulnerability in multiple products Dropbear before 2017.75 might allow local users to read certain files as root, if the file has the authorized_keys file format with a command= option. | 4.7 |
| 2017-05-17 | CVE-2017-7493 | Incorrect Permission Assignment for Critical Resource vulnerability in multiple products Quick Emulator (Qemu) built with the VirtFS, host directory sharing via Plan 9 File System(9pfs) support, is vulnerable to an improper access control issue. | 7.8 |
| 2017-05-12 | CVE-2017-0601 | Incorrect Permission Assignment for Critical Resource vulnerability in Google Android An Elevation of Privilege vulnerability in Bluetooth could potentially enable a local malicious application to accept harmful files shared via bluetooth without user permission. | 5.5 |
| 2017-05-12 | CVE-2017-0593 | Incorrect Permission Assignment for Critical Resource vulnerability in Google Android An elevation of privilege vulnerability in the Framework APIs could enable a local malicious application to obtain access to custom permissions. | 7.8 |
| 2017-05-09 | CVE-2017-8858 | Incorrect Permission Assignment for Critical Resource vulnerability in Veritas Netbackup and Netbackup Appliance In Veritas NetBackup 8.0 and earlier and NetBackup Appliance 3.0 and earlier, there is unauthenticated privileged remote file write using the 'bprd' process. | 9.8 |