Vulnerabilities > Incorrect Permission Assignment for Critical Resource
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-02-15 | CVE-2020-7050 | Incorrect Permission Assignment for Critical Resource vulnerability in Codologic Codoforum 2.5.1/4.8.3/4.8.4 Codologic Codoforum through 4.8.4 allows a DOM-based XSS. | 5.4 |
| 2020-02-14 | CVE-2019-11215 | Incorrect Permission Assignment for Critical Resource vulnerability in Combodo Itop In Combodo iTop 2.2.0 through 2.6.0, if the configuration file is writable, then execution of arbitrary code can be accomplished by calling ajax.dataloader with a maliciously crafted payload. | 8.1 |
| 2020-02-13 | CVE-2020-0563 | Incorrect Permission Assignment for Critical Resource vulnerability in Intel Manycore Platform Software Stack Improper permissions in the installer for Intel(R) MPSS before version 3.8.6 may allow an authenticated user to potentially enable escalation of privilege via local access. | 7.8 |
| 2020-02-13 | CVE-2020-7051 | Incorrect Permission Assignment for Critical Resource vulnerability in Codologic Codoforum 2.5.1/4.8.3/4.8.4 Codologic Codoforum through 4.8.4 allows stored XSS in the login area. | 6.1 |
| 2020-02-11 | CVE-2020-0668 | Incorrect Permission Assignment for Critical Resource vulnerability in Microsoft products An elevation of privilege vulnerability exists in the way that the Windows Kernel handles objects in memory, aka 'Windows Kernel Elevation of Privilege Vulnerability'. | 7.8 |
| 2020-02-10 | CVE-2019-13321 | Incorrect Permission Assignment for Critical Resource vulnerability in MI Browser This vulnerability allows network adjacent attackers to execute arbitrary code on affected installations of Xiaomi Browser Prior to 10.4.0. | 8.0 |
| 2020-02-04 | CVE-2011-4912 | Incorrect Permission Assignment for Critical Resource vulnerability in Joomla Joomla! Joomla! com_mailto 1.5.x through 1.5.13 has an automated mail timeout bypass. | 5.3 |
| 2020-01-30 | CVE-2019-20358 | Incorrect Permission Assignment for Critical Resource vulnerability in Trendmicro Anti-Threat Toolkit 1.62.0.1218 Trend Micro Anti-Threat Toolkit (ATTK) versions 1.62.0.1218 and below have a vulnerability that may allow an attacker to place malicious files in the same directory, potentially leading to arbitrary remote code execution (RCE) when executed. | 7.8 |
| 2020-01-29 | CVE-2019-7656 | Incorrect Permission Assignment for Critical Resource vulnerability in Wowza Streaming Engine A privilege escalation vulnerability in Wowza Streaming Engine 4.8.0 and earlier allows any unprivileged Linux user to escalate privileges to root. | 7.8 |
| 2020-01-24 | CVE-2019-19363 | Incorrect Permission Assignment for Critical Resource vulnerability in Ricoh products An issue was discovered in Ricoh (including Savin and Lanier) Windows printer drivers prior to 2020 that allows attackers local privilege escalation. | 7.8 |