Vulnerabilities > Incorrect Permission Assignment for Critical Resource
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-03-24 | CVE-2022-24769 | Incorrect Permission Assignment for Critical Resource vulnerability in multiple products Moby is an open-source project created by Docker to enable and accelerate software containerization. | 5.9 |
| 2022-03-22 | CVE-2022-0652 | Incorrect Permission Assignment for Critical Resource vulnerability in Sophos Unified Threat Management Confd log files contain local users', including root’s, SHA512crypt password hashes with insecure access permissions. | 7.8 |
| 2022-03-21 | CVE-2022-24236 | Incorrect Permission Assignment for Critical Resource vulnerability in Snapt Aria 12.8 An insecure permissions vulnerability in Snapt Aria v12.8 allows unauthenticated attackers to send e-mails from spoofed users' accounts. | 3.5 |
| 2022-03-20 | CVE-2022-26247 | Incorrect Permission Assignment for Critical Resource vulnerability in Teamwork Management System Project Teamwork Management System 2.28.0 TMS v2.28.0 contains an insecure permissions vulnerability via the component /TMS/admin/user/Update2. | 5.9 |
| 2022-03-17 | CVE-2022-26526 | Incorrect Permission Assignment for Critical Resource vulnerability in multiple products Anaconda Anaconda3 (Anaconda Distribution) through 2021.11.0.0 and Miniconda3 through 4.11.0.0 can create a world-writable directory under %PROGRAMDATA% and place that directory into the system PATH environment variable. | 7.8 |
| 2022-03-16 | CVE-2022-21946 | Incorrect Permission Assignment for Critical Resource vulnerability in Opensuse Cscreen 1.2/1.3 A Incorrect Permission Assignment for Critical Resource vulnerability in the sudoers configuration in cscreen of openSUSE Factory allows any local users to gain the privileges of the tty and dialout groups and access and manipulate any running cscreen seesion. | 5.3 |
| 2022-03-11 | CVE-2022-21819 | Incorrect Permission Assignment for Critical Resource vulnerability in Nvidia Jetson Linux NVIDIA distributions of Jetson Linux contain a vulnerability where an error in the IOMMU configuration may allow an unprivileged attacker with physical access to the board direct read/write access to the entire system address space through the PCI bus. | 7.6 |
| 2022-03-11 | CVE-2022-22148 | Incorrect Permission Assignment for Critical Resource vulnerability in Yokogawa products 'Root Service' service implemented in the following Yokogawa Electric products creates some named pipe with improper ACL configuration. | 7.8 |
| 2022-03-10 | CVE-2021-42855 | Incorrect Permission Assignment for Critical Resource vulnerability in Riverbed Steelcentral Appinternals Dynamic Sampling Agent 10.0.0/11.0.0/12.0.0 It was discovered that the SteelCentral AppInternals Dynamic Sampling Agent (DSA) uses the ".debug_command.config" file to store a json string that contains a list of IDs and pre-configured commands. | 7.8 |
| 2022-03-07 | CVE-2021-4199 | Incorrect Permission Assignment for Critical Resource vulnerability in Bitdefender products Incorrect Permission Assignment for Critical Resource vulnerability in the crash handling component BDReinit.exe as used in Bitdefender Total Security, Internet Security, Antivirus Plus, Endpoint Security Tools for Windows allows a remote attacker to escalate local privileges to SYSTEM. | 7.8 |