Vulnerabilities > Incorrect Permission Assignment for Critical Resource
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-12-05 | CVE-2019-17388 | Incorrect Permission Assignment for Critical Resource vulnerability in Aviatrix VPN Client Weak file permissions applied to the Aviatrix VPN Client through 2.2.10 installation directory on Windows and Linux allow a local attacker to execute arbitrary code by gaining elevated privileges through file modifications. | 7.8 |
| 2019-12-05 | CVE-2013-0326 | Incorrect Permission Assignment for Critical Resource vulnerability in multiple products OpenStack nova base images permissions are world readable | 5.5 |
| 2019-12-05 | CVE-2019-19522 | Incorrect Permission Assignment for Critical Resource vulnerability in Openbsd 6.6 OpenBSD 6.6, in a non-default configuration where S/Key or YubiKey authentication is enabled, allows local users to become root by leveraging membership in the auth group. | 7.8 |
| 2019-12-03 | CVE-2019-19382 | Incorrect Permission Assignment for Critical Resource vulnerability in Maxpcsecure Anti Virus Plus 19.0.4.020 Max Secure Anti Virus Plus 19.0.4.020 has Insecure Permissions on the installation directory. | 7.8 |
| 2019-11-29 | CVE-2019-5212 | Incorrect Permission Assignment for Critical Resource vulnerability in Huawei P20 Firmware There is an improper access control vulnerability in Huawei Share. | 5.5 |
| 2019-11-27 | CVE-2011-2515 | Incorrect Permission Assignment for Critical Resource vulnerability in multiple products PackageKit 0.6.17 allows installation of unsigned RPM packages as though they were signed which may allow installation of non-trusted packages and execution of arbitrary code. | 5.3 |
| 2019-11-27 | CVE-2012-6655 | Incorrect Permission Assignment for Critical Resource vulnerability in multiple products An issue exists AccountService 0.6.37 in the user_change_password_authorized_cb() function in user.c which could let a local users obtain encrypted passwords. | 3.3 |
| 2019-11-27 | CVE-2019-14812 | Incorrect Permission Assignment for Critical Resource vulnerability in multiple products A flaw was found in all ghostscript versions 9.x before 9.50, in the .setuserparams2 procedure where it did not properly secure its privileged calls, enabling scripts to bypass `-dSAFER` restrictions. | 7.8 |
| 2019-11-26 | CVE-2019-18456 | Incorrect Permission Assignment for Critical Resource vulnerability in Gitlab An issue was discovered in GitLab Community and Enterprise Edition 8.17 through 12.4 in the Search feature provided by Elasticsearch integration.. | 5.3 |
| 2019-11-26 | CVE-2019-18453 | Incorrect Permission Assignment for Critical Resource vulnerability in Gitlab An issue was discovered in GitLab Community and Enterprise Edition 11.6 through 12.4 in the add comments via email feature. | 4.3 |