Vulnerabilities > Incorrect Permission Assignment for Critical Resource
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-09-13 | CVE-2022-20399 | Incorrect Permission Assignment for Critical Resource vulnerability in Google Android In the SEPolicy configuration of system apps, there is a possible access to the 'ip' utility due to an insecure default value. | 5.5 |
| 2022-09-13 | CVE-2022-39207 | Incorrect Permission Assignment for Critical Resource vulnerability in Onedev Project Onedev Onedev is an open source, self-hosted Git Server with CI/CD and Kanban. | 5.4 |
| 2022-09-06 | CVE-2022-36670 | Incorrect Permission Assignment for Critical Resource vulnerability in Pcprotect Endpoint PCProtect Endpoint prior to v5.17.470 for Microsoft Windows lacks tamper protection, allowing authenticated attackers with Administrator privileges to modify processes within the application and escalate privileges to SYSTEM via a crafted executable. | 6.7 |
| 2022-09-06 | CVE-2022-37771 | Incorrect Permission Assignment for Critical Resource vulnerability in Iobit Malware Fighter 9.2 IObit Malware Fighter v9.2 for Microsoft Windows lacks tamper protection, allowing authenticated attackers with Administrator privileges to modify processes within the application and escalate privileges to SYSTEM via a crafted executable. | 6.7 |
| 2022-09-02 | CVE-2022-38170 | Incorrect Permission Assignment for Critical Resource vulnerability in Apache Airflow In Apache Airflow prior to 2.3.4, an insecure umask was configured for numerous Airflow components when running with the `--daemon` flag which could result in a race condition giving world-writable files in the Airflow home directory and allowing local users to expose arbitrary file contents via the webserver. | 4.7 |
| 2022-09-01 | CVE-2022-37435 | Incorrect Permission Assignment for Critical Resource vulnerability in Apache Shenyu 2.4.2/2.4.3 Apache ShenYu Admin has insecure permissions, which may allow low-privilege administrators to modify high-privilege administrator's passwords. | 8.8 |
| 2022-08-22 | CVE-2022-32777 | Incorrect Permission Assignment for Critical Resource vulnerability in Wwbn Avideo 11.6 An information disclosure vulnerability exists in the cookie functionality of WWBN AVideo 11.6 and dev master commit 3f7c0364. | 7.5 |
| 2022-08-22 | CVE-2022-32778 | Incorrect Permission Assignment for Critical Resource vulnerability in Wwbn Avideo 11.6 An information disclosure vulnerability exists in the cookie functionality of WWBN AVideo 11.6 and dev master commit 3f7c0364. | 7.5 |
| 2022-08-22 | CVE-2020-27836 | Incorrect Permission Assignment for Critical Resource vulnerability in Redhat Openshift Container Platform 4.6 A flaw was found in cluster-ingress-operator. | 9.8 |
| 2022-08-19 | CVE-2022-35167 | Incorrect Permission Assignment for Critical Resource vulnerability in Prinitix Cloud Print Management 1.3.1149.0 Printix Cloud Print Management v1.3.1149.0 for Windows was discovered to contain insecure permissions. | 8.8 |