Vulnerabilities > Incorrect Permission Assignment for Critical Resource
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-06-07 | CVE-2019-12777 | Incorrect Permission Assignment for Critical Resource vulnerability in Enttec products An issue was discovered on the ENTTEC Datagate MK2, Storm 24, Pixelator, and E-Streamer MK2 with firmware 70044_update_05032019-482. | 7.2 |
| 2019-06-07 | CVE-2019-8283 | Incorrect Permission Assignment for Critical Resource vulnerability in Gemalto Sentinel LDK Hasplm cookie in Gemalto Admin Control Center, all versions prior to 7.92, does not have 'HttpOnly' flag. | 4.3 |
| 2019-06-05 | CVE-2018-10171 | Incorrect Permission Assignment for Critical Resource vulnerability in Kromtech Mackeeper 3.20.4 Kromtech MacKeeper 3.20.4 suffers from a root privilege escalation vulnerability through its `com.mackeeper.AdwareAnalyzer.AdwareAnalyzerPrivilegedHelper` component. | 10.0 |
| 2019-06-03 | CVE-2019-12373 | Incorrect Permission Assignment for Critical Resource vulnerability in Ivanti Landesk Management Suite 10.0.1.168 Improper access control and open directories in Ivanti LANDESK Management Suite (LDMS, aka Endpoint Manager) 10.0.1.168 Service Update 5 may lead to remote disclosure of administrator passwords. | 2.7 |
| 2019-06-03 | CVE-2019-12589 | Incorrect Permission Assignment for Critical Resource vulnerability in Firejail Project Firejail In Firejail before 0.9.60, seccomp filters are writable inside the jail, leading to a lack of intended seccomp restrictions for a process that is joined to the jail after a filter has been modified by an attacker. | 8.8 |
| 2019-05-28 | CVE-2018-20008 | Incorrect Permission Assignment for Critical Resource vulnerability in Iball Ib-Wrb302N Firmware Ibwrb302N20122017 iBall Baton iB-WRB302N20122017 devices have improper access control over the UART interface, allowing physical attackers to discover Wi-Fi credentials (plain text) and the web-console password (base64) via the debugging console. | 2.1 |
| 2019-05-23 | CVE-2019-4078 | Incorrect Permission Assignment for Critical Resource vulnerability in IBM Websphere MQ IBM WebSphere MQ 8.0.0.0 through 8.0.0.9 and 9.0.0.0 through 9.1.1 could allow a local non privileged user to execute code as an administrator due to incorrect permissions set on MQ installation directories. | 7.8 |
| 2019-05-23 | CVE-2019-12042 | Incorrect Permission Assignment for Critical Resource vulnerability in Pandasecurity products Insecure permissions of the section object Global\PandaDevicesAgentSharedMemory and the event Global\PandaDevicesAgentSharedMemoryChange in Panda products before 18.07.03 allow attackers to queue an event (as an encrypted JSON string) to the system service AgentSvc.exe, which leads to privilege escalation when the CmdLineExecute event is queued. | 10.0 |
| 2019-05-22 | CVE-2019-10132 | Incorrect Permission Assignment for Critical Resource vulnerability in multiple products A vulnerability was found in libvirt >= 4.1.0 in the virtlockd-admin.socket and virtlogd-admin.socket systemd units. | 8.8 |
| 2019-05-22 | CVE-2019-12102 | Incorrect Permission Assignment for Critical Resource vulnerability in Kentico Kentico 11 through 12 lets attackers upload and explore files without authentication via the cmsmodules/medialibrary/formcontrols/liveselectors/insertimageormedia/tabs_media.aspx URI. | 9.1 |