Vulnerabilities > Incorrect Permission Assignment for Critical Resource
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-10-06 | CVE-2021-34758 | Incorrect Permission Assignment for Critical Resource vulnerability in Cisco Roomos and Telepresence Collaboration Endpoint A vulnerability in the memory management of Cisco TelePresence Collaboration Endpoint (CE) Software and Cisco RoomOS Software could allow an authenticated, local attacker to corrupt a shared memory segment, resulting in a denial of service (DoS) condition. | 3.3 |
| 2021-10-06 | CVE-2021-20264 | Incorrect Permission Assignment for Critical Resource vulnerability in Oracle Openjdk 1.8.0/11 An insecure modification flaw in the /etc/passwd file was found in the openjdk-1.8 and openjdk-11 containers. | 7.8 |
| 2021-10-06 | CVE-2021-0692 | Incorrect Permission Assignment for Critical Resource vulnerability in Google Android 10.0/11.0/9.0 In sendBroadcastToInstaller of FirstScreenBroadcast.java, there is a possible activity launch due to an unsafe PendingIntent. | 7.8 |
| 2021-10-04 | CVE-2021-39868 | Incorrect Permission Assignment for Critical Resource vulnerability in Gitlab In all versions of GitLab CE/EE since version 8.12, an authenticated low-privileged malicious user may create a project with unlimited repository size by modifying values in a project export. | 4.3 |
| 2021-09-30 | CVE-2021-35202 | Incorrect Permission Assignment for Critical Resource vulnerability in Netscout Ngeniusone 6.3.0 NETSCOUT Systems nGeniusONE 6.3.0 build 1196 allows Authorization Bypass (to access an endpoint) in FDSQueryService. | 4.3 |
| 2021-09-27 | CVE-2021-34409 | Incorrect Permission Assignment for Critical Resource vulnerability in Zoom Meetings, Rooms and Screen Sharing It was discovered that the installation packages of the Zoom Client for Meetings for MacOS (Standard and for IT Admin) installation before version 5.2.0, Zoom Client Plugin for Sharing iPhone/iPad before version 5.2.0, and Zoom Rooms for Conference before version 5.1.0, copy pre- and post- installation shell scripts to a user-writable directory. | 7.8 |
| 2021-09-27 | CVE-2021-34410 | Incorrect Permission Assignment for Critical Resource vulnerability in Zoom Plugin for Microsoft Outlook A user-writable application bundle unpacked during the install for all versions of the Zoom Plugin for Microsoft Outlook for Mac before 5.0.25611.0521 allows for privilege escalation to root. | 7.8 |
| 2021-09-16 | CVE-2021-40066 | Incorrect Permission Assignment for Critical Resource vulnerability in Netmotionsoftware Mobility The access controls on the Mobility read-only API improperly validate user access permissions. | 5.3 |
| 2021-09-16 | CVE-2021-40067 | Incorrect Permission Assignment for Critical Resource vulnerability in Netmotionsoftware Mobility The access controls on the Mobility read-write API improperly validate user access permissions; this API is disabled by default. | 6.8 |
| 2021-09-15 | CVE-2021-39210 | Incorrect Permission Assignment for Critical Resource vulnerability in Glpi-Project Glpi GLPI is a free Asset and IT management software package. | 6.5 |