Vulnerabilities > Incorrect Permission Assignment for Critical Resource
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-04-13 | CVE-2021-25250 | Incorrect Permission Assignment for Critical Resource vulnerability in Trendmicro Apex ONE and Officescan An improper access control vulnerability in Trend Micro Apex One, Trend Micro Apex One as a Service and OfficeScan XG SP1 on a sensitive file could allow a local attacker to escalate privileges on affected installations. | 7.8 |
| 2021-03-18 | CVE-2020-26155 | Incorrect Permission Assignment for Critical Resource vulnerability in Utimaco products Multiple files and folders in Utimaco SecurityServer 4.20.0.4 and 4.31.1.0. | 7.8 |
| 2021-03-16 | CVE-2020-24263 | Incorrect Permission Assignment for Critical Resource vulnerability in Portainer Portainer 1.24.1 and earlier is affected by an insecure permissions vulnerability that may lead to remote arbitrary code execution. | 8.8 |
| 2021-03-15 | CVE-2021-28374 | Incorrect Permission Assignment for Critical Resource vulnerability in Debian Courier-Authlib and Debian Linux The Debian courier-authlib package before 0.71.1-2 for Courier Authentication Library creates a /run/courier/authdaemon directory with weak permissions, allowing an attacker to read user information. | 7.5 |
| 2021-03-11 | CVE-2021-21364 | Incorrect Permission Assignment for Critical Resource vulnerability in Smartbear Swagger-Codegen swagger-codegen is an open-source project which contains a template-driven engine to generate documentation, API clients and server stubs in different languages by parsing your OpenAPI / Swagger definition. | 5.5 |
| 2021-03-10 | CVE-2021-0372 | Incorrect Permission Assignment for Critical Resource vulnerability in Google Android 11.0 In getMediaOutputSliceAction of RemoteMediaSlice.java, there is a possible permission bypass due to an unsafe PendingIntent. | 7.8 |
| 2021-03-09 | CVE-2021-21177 | Incorrect Permission Assignment for Critical Resource vulnerability in multiple products Insufficient policy enforcement in Autofill in Google Chrome prior to 89.0.4389.72 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page. | 6.5 |
| 2021-02-18 | CVE-2019-18243 | Incorrect Permission Assignment for Critical Resource vulnerability in GE Ifix HMI/SCADA iFIX (Versions 6.1 and prior) allows a local authenticated user to modify system-wide iFIX configurations through the registry. | 5.5 |
| 2021-02-18 | CVE-2019-18255 | Incorrect Permission Assignment for Critical Resource vulnerability in GE Ifix HMI/SCADA iFIX (Versions 6.1 and prior) allows a local authenticated user to modify system-wide iFIX configurations through section objects. | 5.5 |
| 2021-02-17 | CVE-2021-0109 | Incorrect Permission Assignment for Critical Resource vulnerability in Intel Compute Stick Stk1A32Sc Firmware Insecure inherited permissions for the Intel(R) SOC driver package for STK1A32SC before version 604 may allow an authenticated user to potentially enable escalation of privilege via local access. | 7.8 |