Vulnerabilities > Incorrect Permission Assignment for Critical Resource
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-06-24 | CVE-2021-32717 | Incorrect Permission Assignment for Critical Resource vulnerability in Shopware Shopware is an open source eCommerce platform. | 7.5 |
| 2021-06-24 | CVE-2020-4945 | Incorrect Permission Assignment for Critical Resource vulnerability in IBM DB2 11.5 IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) 11.5 could allow an authenticated user to overwrite arbirary files due to improper group permissions. | 8.1 |
| 2021-06-22 | CVE-2021-0552 | Incorrect Permission Assignment for Critical Resource vulnerability in Google Android 11.0 In getEndItemSliceAction of MediaOutputSlice.java, there is a possible permission bypass due to an unsafe PendingIntent. | 5.5 |
| 2021-06-22 | CVE-2021-0570 | Incorrect Permission Assignment for Critical Resource vulnerability in Google Android 11.0 In sendBugreportNotification of BugreportProgressService.java, there is a possible permission bypass due to an unsafe PendingIntent. | 7.8 |
| 2021-06-22 | CVE-2021-0572 | Incorrect Permission Assignment for Critical Resource vulnerability in Google Android 11.0 In doNotification of AccountManagerService.java, there is a possible permission bypass due to an unsafe PendingIntent. | 5.5 |
| 2021-06-16 | CVE-2021-27483 | Incorrect Permission Assignment for Critical Resource vulnerability in Zoll Defibrillator Dashboard ZOLL Defibrillator Dashboard, v prior to 2.2,The affected products contain insecure filesystem permissions that could allow a lower privilege user to escalate privileges to an administrative level user. | 7.8 |
| 2021-06-11 | CVE-2021-0477 | Incorrect Permission Assignment for Critical Resource vulnerability in Google Android In notifyScreenshotError of ScreenshotNotificationsController.java, there is a possible permission bypass due to an unsafe PendingIntent. | 7.8 |
| 2021-06-11 | CVE-2021-25393 | Incorrect Permission Assignment for Critical Resource vulnerability in Google Android 10.0/11.0 Improper sanitization of incoming intent in SecSettings prior to SMR MAY-2021 Release 1 allows local attackers to get permissions to access system uid data. | 5.5 |
| 2021-06-10 | CVE-2021-23022 | Incorrect Permission Assignment for Critical Resource vulnerability in F5 products On version 7.2.1.x before 7.2.1.3 and 7.1.x before 7.1.9.9 Update 1, the BIG-IP Edge Client Windows Installer Service's temporary folder has weak file and folder permissions. | 7.8 |
| 2021-06-10 | CVE-2021-31929 | Incorrect Permission Assignment for Critical Resource vulnerability in Annexcloud Loyalty Experience Platform Annex Cloud Loyalty Experience Platform <2021.1.0.1 allows any authenticated attacker to modify loyalty campaigns and settings, such as fraud prevention, coupon groups, email templates, or referrals. | 4.3 |