Vulnerabilities > Incorrect Permission Assignment for Critical Resource
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-04-11 | CVE-2022-0556 | Incorrect Permission Assignment for Critical Resource vulnerability in Zyxel AP Configurator 1.1.4 A local privilege escalation vulnerability caused by incorrect permission assignment in some directories of the Zyxel AP Configurator (ZAC) version 1.1.4, which could allow an attacker to execute arbitrary code as a local administrator. | 7.8 |
| 2022-04-06 | CVE-2022-26250 | Incorrect Permission Assignment for Critical Resource vulnerability in Synametrics Synaman Synaman v5.1 and below was discovered to contain weak file permissions which allows authenticated attackers to escalate privileges. | 7.8 |
| 2022-04-05 | CVE-2022-26281 | Incorrect Permission Assignment for Critical Resource vulnerability in Bigantsoft Bigant Server 5.6.06 BigAnt Server v5.6.06 was discovered to contain an incorrect access control issue. | 7.5 |
| 2022-03-30 | CVE-2022-23869 | Incorrect Permission Assignment for Critical Resource vulnerability in Ruoyi 4.7.2 In RuoYi v4.7.2 through the WebUI, user test1 does not have permission to reset the password of user test3, but the password of user test3 can be reset through the /system/user/resetPwd request. | 6.5 |
| 2022-03-29 | CVE-2022-22941 | Incorrect Permission Assignment for Critical Resource vulnerability in Saltstack Salt An issue was discovered in SaltStack Salt in versions before 3002.8, 3003.4, 3004.1. | 8.8 |
| 2022-03-22 | CVE-2022-0652 | Incorrect Permission Assignment for Critical Resource vulnerability in Sophos Unified Threat Management Confd log files contain local users', including root’s, SHA512crypt password hashes with insecure access permissions. | 7.8 |
| 2022-03-21 | CVE-2022-24236 | Incorrect Permission Assignment for Critical Resource vulnerability in Snapt Aria 12.8 An insecure permissions vulnerability in Snapt Aria v12.8 allows unauthenticated attackers to send e-mails from spoofed users' accounts. | 3.5 |
| 2022-03-20 | CVE-2022-26247 | Incorrect Permission Assignment for Critical Resource vulnerability in Teamwork Management System Project Teamwork Management System 2.28.0 TMS v2.28.0 contains an insecure permissions vulnerability via the component /TMS/admin/user/Update2. | 5.9 |
| 2022-03-17 | CVE-2022-26526 | Incorrect Permission Assignment for Critical Resource vulnerability in multiple products Anaconda Anaconda3 (Anaconda Distribution) through 2021.11.0.0 and Miniconda3 through 4.11.0.0 can create a world-writable directory under %PROGRAMDATA% and place that directory into the system PATH environment variable. | 7.8 |
| 2022-03-11 | CVE-2022-21819 | Incorrect Permission Assignment for Critical Resource vulnerability in Nvidia Jetson Linux NVIDIA distributions of Jetson Linux contain a vulnerability where an error in the IOMMU configuration may allow an unprivileged attacker with physical access to the board direct read/write access to the entire system address space through the PCI bus. | 7.6 |