Vulnerabilities > Incorrect Permission Assignment for Critical Resource
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-10-12 | CVE-2020-15250 | Incorrect Permission Assignment for Critical Resource vulnerability in multiple products In JUnit4 from version 4.7 and before 4.13.1, the test rule TemporaryFolder contains a local information disclosure vulnerability. | 5.5 |
| 2020-10-10 | CVE-2020-26932 | Incorrect Permission Assignment for Critical Resource vulnerability in multiple products debian/sympa.postinst for the Debian Sympa package before 6.2.40~dfsg-7 uses mode 4755 for sympa_newaliases-wrapper, whereas the intended permissions are mode 4750 (for access by the sympa group) | 4.3 |
| 2020-10-09 | CVE-2020-15838 | Incorrect Permission Assignment for Critical Resource vulnerability in Connectwise Automate 2019.12/2020.0/2020.7 The Agent Update System in ConnectWise Automate before 2020.8 allows Privilege Escalation because the _LTUPDATE folder has weak permissions. | 8.8 |
| 2020-10-08 | CVE-2020-9048 | Incorrect Permission Assignment for Critical Resource vulnerability in multiple products A vulnerability in specified versions of American Dynamics victor Web Client and Software House CCURE Web Client could allow a remote unauthenticated attacker on the network to delete arbitrary files on the system or render the system unusable by conducting a Denial of Service attack. | 8.1 |
| 2020-10-05 | CVE-2020-12302 | Incorrect Permission Assignment for Critical Resource vulnerability in Intel Driver & Support Assistant Improper permissions in the Intel(R) Driver & Support Assistant before version 20.7.26.7 may allow an authenticated user to potentially enable escalation of privilege via local access. | 7.8 |
| 2020-09-25 | CVE-2020-26106 | Incorrect Permission Assignment for Critical Resource vulnerability in Cpanel cPanel before 88.0.3 has weak permissions (world readable) for the proxy subdomains log file (SEC-558). | 7.5 |
| 2020-09-24 | CVE-2020-17365 | Incorrect Permission Assignment for Critical Resource vulnerability in Pango Hotspot Shield 10.0.1/10.3.0 Improper directory permissions in the Hotspot Shield VPN client software for Windows 10.3.0 and earlier may allow an authorized user to potentially enable escalation of privilege via local access. | 7.8 |
| 2020-09-24 | CVE-2020-3503 | Incorrect Permission Assignment for Critical Resource vulnerability in Cisco IOS XE 16.12.1 A vulnerability in the file system permissions of Cisco IOS XE Software could allow an authenticated, local attacker to obtain read and write access to critical configuration or system files. | 6.0 |
| 2020-09-24 | CVE-2020-12842 | Incorrect Permission Assignment for Critical Resource vulnerability in Gogogate Ismartgate PRO Firmware 1.5.9 ismartgate PRO 1.5.9 is vulnerable to privilege escalation by appending PHP code to /cron/checkUserExpirationDate.php. | 9.8 |
| 2020-09-24 | CVE-2020-12839 | Incorrect Permission Assignment for Critical Resource vulnerability in Gogogate Ismartgate PRO Firmware 1.5.9 ismartgate PRO 1.5.9 is vulnerable to privilege escalation by appending PHP code to /cron/checkExpirationDate.php. | 9.8 |