Vulnerabilities > Incorrect Permission Assignment for Critical Resource
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-02-04 | CVE-2021-29396 | Incorrect Permission Assignment for Critical Resource vulnerability in Globalnorthstar Northstar Club Management 6.3 Systemic Insecure Permissions in Northstar Technologies Inc NorthStar Club Management 6.3 allows remote unauthenticated users to use various functionalities without authentication. | 9.8 |
| 2022-01-20 | CVE-2022-0277 | Incorrect Permission Assignment for Critical Resource vulnerability in Microweber Incorrect Permission Assignment for Critical Resource in Packagist microweber/microweber prior to 1.2.11. | 6.5 |
| 2022-01-18 | CVE-2022-21694 | Incorrect Permission Assignment for Critical Resource vulnerability in Onionshare OnionShare is an open source tool that lets you securely and anonymously share files, host websites, and chat with friends using the Tor network. | 5.3 |
| 2022-01-18 | CVE-2021-22566 | Incorrect Permission Assignment for Critical Resource vulnerability in Google Fuchsia An incorrect setting of UXN bits within mmu_flags_to_s1_pte_attr lead to privileged executable pages being mapped as executable from an unprivileged context. | 9.8 |
| 2022-01-14 | CVE-2021-39621 | Incorrect Permission Assignment for Critical Resource vulnerability in Google Android In sendLegacyVoicemailNotification of LegacyModeSmsHandler.java, there is a possible permissions bypass due to an unsafe PendingIntent. | 7.8 |
| 2022-01-14 | CVE-2021-39627 | Incorrect Permission Assignment for Critical Resource vulnerability in Google Android In sendLegacyVoicemailNotification of LegacyModeSmsHandler.java, there is a possible permissions bypass due to an unsafe PendingIntent. | 7.8 |
| 2022-01-13 | CVE-2022-22988 | Incorrect Permission Assignment for Critical Resource vulnerability in Westerndigital Edgerover 0.25 File and directory permissions have been corrected to prevent unintended users from modifying or accessing resources. | 9.1 |
| 2022-01-13 | CVE-2022-23132 | Incorrect Permission Assignment for Critical Resource vulnerability in multiple products During Zabbix installation from RPM, DAC_OVERRIDE SELinux capability is in use to access PID files in [/var/run/zabbix] folder. | 7.3 |
| 2021-12-30 | CVE-2021-20172 | Incorrect Permission Assignment for Critical Resource vulnerability in Netgear Genie Installer All known versions of the Netgear Genie Installer for macOS contain a local privilege escalation vulnerability. | 7.8 |
| 2021-12-30 | CVE-2021-44466 | Incorrect Permission Assignment for Critical Resource vulnerability in Leap Bitmask Riseup VPN 0.21.6 Bitmask Riseup VPN 0.21.6 contains a local privilege escalation flaw due to improper access controls. | 7.3 |