Vulnerabilities > Incorrect Permission Assignment for Critical Resource
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-02-10 | CVE-2019-13321 | Incorrect Permission Assignment for Critical Resource vulnerability in MI Browser This vulnerability allows network adjacent attackers to execute arbitrary code on affected installations of Xiaomi Browser Prior to 10.4.0. | 8.0 |
| 2020-02-04 | CVE-2011-4912 | Incorrect Permission Assignment for Critical Resource vulnerability in Joomla Joomla! Joomla! com_mailto 1.5.x through 1.5.13 has an automated mail timeout bypass. | 5.3 |
| 2020-01-30 | CVE-2019-20358 | Incorrect Permission Assignment for Critical Resource vulnerability in Trendmicro Anti-Threat Toolkit 1.62.0.1218 Trend Micro Anti-Threat Toolkit (ATTK) versions 1.62.0.1218 and below have a vulnerability that may allow an attacker to place malicious files in the same directory, potentially leading to arbitrary remote code execution (RCE) when executed. | 7.8 |
| 2020-01-29 | CVE-2019-7656 | Incorrect Permission Assignment for Critical Resource vulnerability in Wowza Streaming Engine A privilege escalation vulnerability in Wowza Streaming Engine 4.8.0 and earlier allows any unprivileged Linux user to escalate privileges to root. | 7.8 |
| 2020-01-24 | CVE-2019-19363 | Incorrect Permission Assignment for Critical Resource vulnerability in Ricoh products An issue was discovered in Ricoh (including Savin and Lanier) Windows printer drivers prior to 2020 that allows attackers local privilege escalation. | 7.8 |
| 2020-01-23 | CVE-2019-19895 | Incorrect Permission Assignment for Critical Resource vulnerability in Ixpdata Easyinstall 6.2.13723 In IXP EasyInstall 6.2.13723, there is Lateral Movement (using the Agent Service) against other users on a client system. | 7.8 |
| 2020-01-23 | CVE-2019-19894 | Incorrect Permission Assignment for Critical Resource vulnerability in Ixpdata Easyinstall 6.2.13723 In IXP EasyInstall 6.2.13723, it is possible to temporarily disable UAC by using the Agent Service on a client system. | 5.5 |
| 2020-01-23 | CVE-2012-2087 | Incorrect Permission Assignment for Critical Resource vulnerability in Ispconfig 3.0.4.3 ISPConfig 3.0.4.3: the "Add new Webdav user" can chmod and chown entire server from client interface. | 9.8 |
| 2020-01-17 | CVE-2019-14629 | Incorrect Permission Assignment for Critical Resource vulnerability in Intel Data Analytics Acceleration Library Improper permissions in Intel(R) DAAL before version 2020 Gold may allow an authenticated user to potentially enable information disclosure via local access. | 5.5 |
| 2020-01-17 | CVE-2019-3683 | Incorrect Permission Assignment for Critical Resource vulnerability in multiple products The keystone-json-assignment package in SUSE Openstack Cloud 8 before commit d7888c75505465490250c00cc0ef4bb1af662f9f every user listed in the /etc/keystone/user-project-map.json was assigned full "member" role access to every project. | 8.8 |