Vulnerabilities > Incorrect Permission Assignment for Critical Resource

DATE CVE VULNERABILITY TITLE RISK
2020-09-24 CVE-2020-12838 Incorrect Permission Assignment for Critical Resource vulnerability in Gogogate Ismartgate PRO Firmware 1.5.9
ismartgate PRO 1.5.9 is vulnerable to privilege escalation by appending PHP code to /cron/mailAdmin.php.
network
low complexity
gogogate CWE-732
critical
 9.8
9.8
2020-09-23 CVE-2020-25826 Incorrect Permission Assignment for Critical Resource vulnerability in Pingidentity Pingid Integration for Windows Login
PingID Integration for Windows Login before 2.4.2 allows local users to gain privileges by modifying CefSharp.BrowserSubprocess.exe.
local
low complexity
pingidentity CWE-732
7.8
7.8
2020-09-22 CVE-2020-16202 Incorrect Permission Assignment for Critical Resource vulnerability in Advantech Webaccess
WebAccess Node (All versions prior to 9.0.1) has incorrect permissions set for resources used by specific services, which may allow code execution with system privileges.
local
low complexity
advantech CWE-732
7.8
7.8
2020-09-22 CVE-2020-11855 Incorrect Permission Assignment for Critical Resource vulnerability in Microfocus Operation Bridge Reporter
An Authorization Bypass vulnerability on Micro Focus Operation Bridge Reporter, affecting version 10.40 and earlier.
local
low complexity
microfocus CWE-732
7.8
7.8
2020-09-18 CVE-2020-15776 Incorrect Permission Assignment for Critical Resource vulnerability in Gradle Enterprise
An issue was discovered in Gradle Enterprise 2018.2 - 2020.2.4.
network
low complexity
gradle CWE-732
8.8
8.8
2020-09-16 CVE-2020-1694 Incorrect Permission Assignment for Critical Resource vulnerability in Redhat Keycloak
A flaw was found in all versions of Keycloak before 10.0.0, where the NodeJS adapter did not support the verify-token-audience.
network
low complexity
redhat CWE-732
4.9
4.9
2020-09-16 CVE-2014-10402 Incorrect Permission Assignment for Critical Resource vulnerability in Perl DBI
An issue was discovered in the DBI module through 1.643 for Perl.
local
low complexity
perl CWE-732
6.1
6.1
2020-09-16 CVE-2020-10781 Incorrect Permission Assignment for Critical Resource vulnerability in multiple products
A flaw was found in the Linux Kernel before 5.8-rc6 in the ZRAM kernel module, where a user with a local account and the ability to read the /sys/class/zram-control/hot_add file can create ZRAM device nodes in the /dev/ directory.
local
low complexity
linux debian CWE-732
5.5
5.5
2020-09-11 CVE-2014-10401 Incorrect Permission Assignment for Critical Resource vulnerability in Perl DBI
An issue was discovered in the DBI module before 1.632 for Perl.
local
low complexity
perl CWE-732
6.1
6.1
2020-09-10 CVE-2020-7314 Incorrect Permission Assignment for Critical Resource vulnerability in Mcafee Agent
Privilege Escalation Vulnerability in the installer in McAfee Data Exchange Layer (DXL) Client for Mac shipped with McAfee Agent (MA) for Mac prior to MA 5.6.6 allows local users to run commands as root via incorrectly applied permissions on temporary files.
local
low complexity
mcafee CWE-732
7.8
7.8