Vulnerabilities > Incorrect Permission Assignment for Critical Resource
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-08-03 | CVE-2021-30577 | Incorrect Permission Assignment for Critical Resource vulnerability in multiple products Insufficient policy enforcement in Installer in Google Chrome prior to 92.0.4515.107 allowed a remote attacker to perform local privilege escalation via a crafted file. | 7.8 |
| 2021-07-20 | CVE-2021-32463 | Incorrect Permission Assignment for Critical Resource vulnerability in Trendmicro Apex ONE and Worry-Free Business Security An incorrect permission assignment denial-of-service vulnerability in Trend Micro Apex One, Apex One as a Service (SaaS), Worry-Free Business Security 10.0 SP1 and Worry-Free Servgices could allow a local attacker to escalate privileges and delete files with system privileges on affected installations. | 7.8 |
| 2021-07-19 | CVE-2021-32760 | Incorrect Permission Assignment for Critical Resource vulnerability in multiple products containerd is a container runtime. | 6.3 |
| 2021-07-19 | CVE-2021-35449 | Incorrect Permission Assignment for Critical Resource vulnerability in Lexmark products The Lexmark Universal Print Driver version 2.15.1.0 and below, G2 driver 2.7.1.0 and below, G3 driver 3.2.0.0 and below, and G4 driver 4.2.1.0 and below are affected by a privilege escalation vulnerability. | 7.8 |
| 2021-07-15 | CVE-2021-25318 | Incorrect Permission Assignment for Critical Resource vulnerability in Rancher A Incorrect Permission Assignment for Critical Resource vulnerability in Rancher allows users in the cluster to modify resources they should not have access to. | 8.8 |
| 2021-07-14 | CVE-2021-31859 | Incorrect Permission Assignment for Critical Resource vulnerability in Ysoft Safeq 6.0.55 Incorrect privileges in the MU55 FlexiSpooler service in YSoft SafeQ 6 6.0.55 allows local user privilege escalation by overwriting the executable file via an alternative data stream. | 7.8 |
| 2021-07-14 | CVE-2020-0417 | Incorrect Permission Assignment for Critical Resource vulnerability in Google Android 10.0/8.1/9.0 In setNiNotification of GpsNetInitiatedHandler.java, there is a possible permissions bypass due to an empty mutable PendingIntent. | 7.8 |
| 2021-07-13 | CVE-2021-20423 | Incorrect Permission Assignment for Critical Resource vulnerability in IBM Cloud PAK for Applications IBM Cloud Pak for Applications 4.3 could allow an authenticated user gain escalated privilesges due to improper application permissions. | 8.8 |
| 2021-07-13 | CVE-2021-31894 | Incorrect Permission Assignment for Critical Resource vulnerability in Siemens products A vulnerability has been identified in SIMATIC PCS 7 V8.2 and earlier (All versions), SIMATIC PCS 7 V9.X (All versions < V9.1 SP2), SIMATIC PDM (All versions < V9.2 SP2), SIMATIC STEP 7 V5.X (All versions < V5.7), SINAMICS STARTER (containing STEP 7 OEM version) (All versions < V5.4 SP2 HF1). | 8.8 |
| 2021-07-12 | CVE-2021-22921 | Incorrect Permission Assignment for Critical Resource vulnerability in multiple products Node.js before 16.4.1, 14.17.2, and 12.22.2 is vulnerable to local privilege escalation attacks under certain conditions on Windows platforms. | 7.8 |