Vulnerabilities > Incorrect Permission Assignment for Critical Resource
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-01-16 | CVE-2019-20327 | Incorrect Permission Assignment for Critical Resource vulnerability in Centreon Insecure permissions in cwrapper_perl in Centreon Infrastructure Monitoring Software through 19.10 allow local attackers to gain privileges. | 7.8 |
| 2020-01-14 | CVE-2019-16784 | Incorrect Permission Assignment for Critical Resource vulnerability in Pyinstaller In PyInstaller before version 3.6, only on Windows, a local privilege escalation vulnerability is present in this particular case: If a software using PyInstaller in "onefile" mode is launched by a privileged user (at least more than the current one) which have his "TempPath" resolving to a world writable directory. | 7.8 |
| 2020-01-13 | CVE-2019-19727 | Incorrect Permission Assignment for Critical Resource vulnerability in multiple products SchedMD Slurm before 18.08.9 and 19.x before 19.05.5 has weak slurmdbd.conf permissions. | 5.5 |
| 2020-01-03 | CVE-2019-19263 | Incorrect Permission Assignment for Critical Resource vulnerability in Gitlab GitLab Enterprise Edition (EE) 8.2 and later through 12.5 has Insecure Permissions. | 4.3 |
| 2020-01-03 | CVE-2019-19262 | Incorrect Permission Assignment for Critical Resource vulnerability in Gitlab GitLab Enterprise Edition (EE) 11.9 and later through 12.5 has Insecure Permissions. | 4.3 |
| 2020-01-03 | CVE-2019-19087 | Incorrect Permission Assignment for Critical Resource vulnerability in Gitlab Gitlab Enterprise Edition (EE) before 12.5.1 has Insecure Permissions (issue 2 of 2). | 4.3 |
| 2020-01-03 | CVE-2019-19086 | Incorrect Permission Assignment for Critical Resource vulnerability in Gitlab Gitlab Enterprise Edition (EE) before 12.5.1 has Insecure Permissions (issue 1 of 2). | 4.3 |
| 2019-12-30 | CVE-2019-19736 | Incorrect Permission Assignment for Critical Resource vulnerability in Mfscripts Yetishare MFScripts YetiShare 3.5.2 through 4.5.3 does not set the HttpOnly flag on session cookies, allowing the cookie to be read by script, which can potentially be used by attackers to obtain the cookie via cross-site scripting. | 6.1 |
| 2019-12-23 | CVE-2019-3467 | Incorrect Permission Assignment for Critical Resource vulnerability in multiple products Debian-edu-config all versions < 2.11.10, a set of configuration files used for Debian Edu, and debian-lan-config < 0.26, configured too permissive ACLs for the Kerberos admin server, which allowed password changes for other Kerberos user principals. | 7.8 |
| 2019-12-19 | CVE-2019-19915 | Incorrect Permission Assignment for Critical Resource vulnerability in Webfactoryltd 301 Redirects The "301 Redirects - Easy Redirect Manager" plugin before 2.45 for WordPress allows users (with subscriber or greater access) to modify, delete, or inject redirect rules, and exploit XSS, with the /admin-ajax.php?action=eps_redirect_save and /admin-ajax.php?action=eps_redirect_delete actions. | 9.0 |