Vulnerabilities > Incorrect Permission Assignment for Critical Resource

DATE	CVE	VULNERABILITY TITLE	RISK
2019-12-19	CVE-2019-19341	Incorrect Permission Assignment for Critical Resource vulnerability in Redhat Ansible Tower 3.6.0/3.6.1 A flaw was found in Ansible Tower, versions 3.6.x before 3.6.2, where files in '/var/backup/tower' are left world-readable. local low complexity redhat CWE-732	5.5
2019-12-19	CVE-2019-8256	Incorrect Permission Assignment for Critical Resource vulnerability in Adobe Coldfusion 2018 ColdFusion versions Update 6 and earlier have an insecure inherited permissions of default installation directory vulnerability. network low complexity adobe CWE-732 critical	9.8
2019-12-18	CVE-2019-19882	Incorrect Permission Assignment for Critical Resource vulnerability in Shadow Project Shadow 4.8 shadow 4.8, in certain circumstances affecting at least Gentoo, Arch Linux, and Void Linux, allows local users to obtain root access because setuid programs are misconfigured. local low complexity shadow-project CWE-732	7.8
2019-12-17	CVE-2019-19315	Incorrect Permission Assignment for Critical Resource vulnerability in Nalpeiron Licensing Service 7.3.4.0 NLSSRV32.EXE in Nalpeiron Licensing Service 7.3.4.0, as used with Nitro PDF and other products, allows Elevation of Privilege via the \\.\mailslot\nlsX86ccMailslot mailslot. local low complexity nalpeiron CWE-732	7.1
2019-12-06	CVE-2019-9464	Incorrect Permission Assignment for Critical Resource vulnerability in Google Android 10.0 In various functions of RecentLocationApps.java, DevicePolicyManagerService.java, and RecognitionService.java, there is an incorrect warning indicating an app accessed the user's location. local low complexity google CWE-732	5.5
2019-12-05	CVE-2019-17388	Incorrect Permission Assignment for Critical Resource vulnerability in Aviatrix VPN Client Weak file permissions applied to the Aviatrix VPN Client through 2.2.10 installation directory on Windows and Linux allow a local attacker to execute arbitrary code by gaining elevated privileges through file modifications. local low complexity aviatrix CWE-732	7.8
2019-12-05	CVE-2013-0326	Incorrect Permission Assignment for Critical Resource vulnerability in multiple products OpenStack nova base images permissions are world readable local low complexity openstack debian CWE-732	5.5
2019-12-05	CVE-2019-19522	Incorrect Permission Assignment for Critical Resource vulnerability in Openbsd 6.6 OpenBSD 6.6, in a non-default configuration where S/Key or YubiKey authentication is enabled, allows local users to become root by leveraging membership in the auth group. local low complexity openbsd CWE-732	7.8
2019-12-03	CVE-2019-19382	Incorrect Permission Assignment for Critical Resource vulnerability in Maxpcsecure Anti Virus Plus 19.0.4.020 Max Secure Anti Virus Plus 19.0.4.020 has Insecure Permissions on the installation directory. local low complexity maxpcsecure CWE-732	7.8
2019-11-29	CVE-2019-5212	Incorrect Permission Assignment for Critical Resource vulnerability in Huawei P20 Firmware There is an improper access control vulnerability in Huawei Share. local low complexity huawei CWE-732	5.5