Vulnerabilities > Incorrect Permission Assignment for Critical Resource
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-10-29 | CVE-2020-27658 | Incorrect Permission Assignment for Critical Resource vulnerability in Synology Router Manager Synology Router Manager (SRM) before 1.2.4-8081 does not include the HTTPOnly flag in a Set-Cookie header for the session cookie, which makes it easier for remote attackers to obtain potentially sensitive information via script access to this cookie. | 6.1 |
| 2020-10-28 | CVE-2020-26133 | Incorrect Permission Assignment for Critical Resource vulnerability in Dual Dhcp DNS Server Project Dual Dhcp DNS Server 7.40 An issue was discovered in Dual DHCP DNS Server 7.40. | 7.8 |
| 2020-10-28 | CVE-2020-26132 | Incorrect Permission Assignment for Critical Resource vulnerability in Home DNS Server Project Home DNS Server 0.10 An issue was discovered in Home DNS Server 0.10. | 7.8 |
| 2020-10-28 | CVE-2020-26131 | Incorrect Permission Assignment for Critical Resource vulnerability in Open Dhcp Server Project Open Dhcp Server 0.1/1.75 Issues were discovered in Open DHCP Server (Regular) 1.75 and Open DHCP Server (LDAP Based) 0.1Beta. | 7.8 |
| 2020-10-28 | CVE-2020-26130 | Incorrect Permission Assignment for Critical Resource vulnerability in Open Tftp Server Project Open Tftp Server 1.66 Issues were discovered in Open TFTP Server multithreaded 1.66 and Open TFTP Server single port 1.66. | 7.8 |
| 2020-10-21 | CVE-2020-10140 | Incorrect Permission Assignment for Critical Resource vulnerability in Acronis True Image 2021 Acronis True Image 2021 fails to properly set ACLs of the C:\ProgramData\Acronis directory. | 7.3 |
| 2020-10-19 | CVE-2020-15910 | Incorrect Permission Assignment for Critical Resource vulnerability in Solarwinds N-Central 12.3 SolarWinds N-Central version 12.3 GA and lower does not set the JSESSIONID attribute to HTTPOnly. | 4.7 |
| 2020-10-14 | CVE-2020-0410 | Incorrect Permission Assignment for Critical Resource vulnerability in Google Android In setNotification of SapServer.java, there is a possible permission bypass due to a PendingIntent error. | 5.5 |
| 2020-10-13 | CVE-2020-17415 | Incorrect Permission Assignment for Critical Resource vulnerability in Foxitsoftware Foxit Reader This vulnerability allows local attackers to escalate privileges on affected installations of Foxit PhantomPDF 10.0.0.35798. | 7.8 |
| 2020-10-13 | CVE-2020-17414 | Incorrect Permission Assignment for Critical Resource vulnerability in Foxitsoftware Foxit Reader This vulnerability allows local attackers to escalate privileges on affected installations of Foxit Reader 10.0.0.35798. | 7.8 |