Vulnerabilities > Incorrect Permission Assignment for Critical Resource
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-06-15 | CVE-2020-3961 | Incorrect Permission Assignment for Critical Resource vulnerability in VMWare Horizon Client VMware Horizon Client for Windows (prior to 5.4.3) contains a privilege escalation vulnerability due to folder permission configuration and unsafe loading of libraries. | 7.8 |
| 2020-06-11 | CVE-2020-11613 | Incorrect Permission Assignment for Critical Resource vulnerability in Mids' Reborn Hero Designer Project Mids' Reborn Hero Designer 2.6.0.7 Mids' Reborn Hero Designer 2.6.0.7 has an elevation of privilege vulnerability due to default and insecure permissions being set for the installation folder. | 7.8 |
| 2020-06-09 | CVE-2020-1170 | Incorrect Permission Assignment for Critical Resource vulnerability in Microsoft products An elevation of privilege vulnerability exists in Windows Defender that leads arbitrary file deletion on the system.To exploit the vulnerability, an attacker would first have to log on to the system, aka 'Microsoft Windows Defender Elevation of Privilege Vulnerability'. | 7.8 |
| 2020-06-08 | CVE-2020-13866 | Incorrect Permission Assignment for Critical Resource vulnerability in Qbik Wingate 9.4.1.5998 WinGate v9.4.1.5998 has insecure permissions for the installation directory, which allows local users to gain privileges by replacing an executable file with a Trojan horse. | 7.8 |
| 2020-06-07 | CVE-2020-13912 | Incorrect Permission Assignment for Critical Resource vulnerability in Solarwinds Advanced Monitoring Agent 10.8.8 SolarWinds Advanced Monitoring Agent before 10.8.9 allows local users to gain privileges via a Trojan horse .exe file, because everyone can write to a certain .exe file. | 7.3 |
| 2020-05-27 | CVE-2020-13386 | Incorrect Permission Assignment for Critical Resource vulnerability in Smartdraw 2020 27.0.0.0 In SmartDraw 2020 27.0.0.0, the installer gives inherited write permissions to the Authenticated Users group on the SmartDraw 2020 installation folder. | 7.3 |
| 2020-05-21 | CVE-2020-12431 | Incorrect Permission Assignment for Critical Resource vulnerability in Splashtop Software Updater and Streamer A Windows privilege change issue was discovered in Splashtop Software Updater before 1.5.6.16. | 6.6 |
| 2020-05-13 | CVE-2020-12831 | Incorrect Permission Assignment for Critical Resource vulnerability in Linuxfoundation Free Range Routing An issue was discovered in FRRouting FRR (aka Free Range Routing) through 7.3.1. | 5.3 |
| 2020-05-12 | CVE-2020-8153 | Incorrect Permission Assignment for Critical Resource vulnerability in multiple products Improper access control in Groupfolders app 4.0.3 allowed to delete hidden directories when when renaming an accessible item to the same name. | 8.1 |
| 2020-05-07 | CVE-2020-5895 | Incorrect Permission Assignment for Critical Resource vulnerability in F5 Nginx Controller 3.1.0/3.2.0/3.3.0 On NGINX Controller versions 3.1.0-3.3.0, AVRD uses world-readable and world-writable permissions on its socket, which allows processes or users on the local system to write arbitrary data into the socket. | 7.8 |