Vulnerabilities > Incorrect Permission Assignment for Critical Resource
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-09-15 | CVE-2021-22148 | Incorrect Permission Assignment for Critical Resource vulnerability in Elastic Enterprise Search Elastic Enterprise Search App Search versions before 7.14.0 was vulnerable to an issue where API keys were not bound to the same engines as their creator. | 8.8 |
| 2021-09-15 | CVE-2021-26434 | Incorrect Permission Assignment for Critical Resource vulnerability in Microsoft Visual Studio 2017 Visual Studio Elevation of Privilege Vulnerability | 7.8 |
| 2021-09-15 | CVE-2021-3706 | Incorrect Permission Assignment for Critical Resource vulnerability in Pi-Hole web Interface adminlte is vulnerable to Sensitive Cookie Without 'HttpOnly' Flag | 7.5 |
| 2021-09-01 | CVE-2021-35508 | Incorrect Permission Assignment for Critical Resource vulnerability in Terarecon Aquariusnet 4.4.13 NMSAccess32.exe in TeraRecon AQNetClient 4.4.13 allows attackers to execute a malicious binary with SYSTEM privileges via a low-privileged user account. | 8.8 |
| 2021-08-30 | CVE-2020-18121 | Incorrect Permission Assignment for Critical Resource vulnerability in Indexhibit 2.1.5 A configuration issue in Indexhibit 2.1.5 allows authenticated attackers to modify .php files, leading to getshell. | 8.8 |
| 2021-08-29 | CVE-2021-38154 | Incorrect Permission Assignment for Critical Resource vulnerability in Canon - Certain Canon devices manufactured in 2012 through 2020 (such as imageRUNNER ADVANCE iR-ADV C5250), when Catwalk Server is enabled for HTTP access, allow remote attackers to modify an e-mail address setting, and thus cause the device to send sensitive information through e-mail to the attacker. | 7.5 |
| 2021-08-24 | CVE-2021-30964 | Incorrect Permission Assignment for Critical Resource vulnerability in Apple products An inherited permissions issue was addressed with additional restrictions. | 5.5 |
| 2021-08-24 | CVE-2021-30892 | Incorrect Permission Assignment for Critical Resource vulnerability in Apple mac OS X An inherited permissions issue was addressed with additional restrictions. | 5.5 |
| 2021-08-24 | CVE-2021-30920 | Incorrect Permission Assignment for Critical Resource vulnerability in Apple Macos A permissions issue was addressed with improved validation. | 5.5 |
| 2021-08-24 | CVE-2021-38557 | Incorrect Permission Assignment for Critical Resource vulnerability in Raspap 2.6.6 raspap-webgui in RaspAP 2.6.6 allows attackers to execute commands as root because of the insecure sudoers permissions. | 8.8 |