Vulnerabilities > Incorrect Permission Assignment for Critical Resource
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-12-11 | CVE-2020-25191 | Incorrect Permission Assignment for Critical Resource vulnerability in NI Compactrio Firmware Incorrect permissions are set by default for an API entry-point of a specific service, allowing a non-authenticated user to trigger a function that could reboot the CompactRIO (Driver versions prior to 20.5) remotely. | 7.5 |
| 2020-12-10 | CVE-2020-8908 | Incorrect Permission Assignment for Critical Resource vulnerability in multiple products A temp directory creation vulnerability exists in all versions of Guava, allowing an attacker with access to the machine to potentially access data in a temporary directory created by the Guava API com.google.common.io.Files.createTempDir(). | 3.3 |
| 2020-11-30 | CVE-2020-4625 | Incorrect Permission Assignment for Critical Resource vulnerability in IBM Cloud PAK for Security 1.3.0.1 IBM Cloud Pak for Security 1.3.0.1(CP4S) could allow a remote attacker to obtain sensitive information, caused by the failure to set the HTTPOnly flag. | 5.3 |
| 2020-11-25 | CVE-2020-29074 | Incorrect Permission Assignment for Critical Resource vulnerability in multiple products scan.c in x11vnc 0.9.16 uses IPC_CREAT|0777 in shmget calls, which allows access by actors other than the current user. | 8.8 |
| 2020-11-19 | CVE-2020-11831 | Incorrect Permission Assignment for Critical Resource vulnerability in Oppo Ovoicemanager 2.0.1 OvoiceManager has system permission to write vulnerability reports for arbitrary files, affected product is com.oppo.ovoicemanager V2.0.1. | 9.8 |
| 2020-11-17 | CVE-2020-28914 | Incorrect Permission Assignment for Critical Resource vulnerability in Katacontainers Kata-Containers An improper file permissions vulnerability affects Kata Containers prior to 1.11.5. | 7.1 |
| 2020-11-12 | CVE-2020-24525 | Incorrect Permission Assignment for Critical Resource vulnerability in Intel products Insecure inherited permissions in firmware update tool for some Intel(R) NUCs may allow an authenticated user to potentially enable escalation of privilege via local access. | 7.8 |
| 2020-11-12 | CVE-2019-11121 | Incorrect Permission Assignment for Critical Resource vulnerability in Intel Media SDK 2018 Improper file permissions in the installer for the Intel(R) Media SDK for Windows before version 2019 R1 may allow an authenticated user to potentially enable escalation of privilege via local access. | 7.8 |
| 2020-11-10 | CVE-2020-24367 | Incorrect Permission Assignment for Critical Resource vulnerability in Bluestacks Incorrect file permissions in BlueStacks 4 through 4.230 on Windows allow a local attacker to escalate privileges by modifying a file that is later executed by a higher-privileged user. | 7.8 |
| 2020-11-10 | CVE-2020-28055 | Incorrect Permission Assignment for Critical Resource vulnerability in TCL products A vulnerability in the TCL Android Smart TV series V8-R851T02-LF1 V295 and below and V8-T658T01-LF1 V373 and below by TCL Technology Group Corporation allows a local unprivileged attacker, such as a malicious App, to read & write to the /data/vendor/tcl, /data/vendor/upgrade, and /var/TerminalManager directories within the TV file system. | 7.8 |