Vulnerabilities > Incorrect Permission Assignment for Critical Resource
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-10-11 | CVE-2019-11167 | Incorrect Permission Assignment for Critical Resource vulnerability in Intel Smart Connect Technology Improper file permission in software installer for Intel(R) Smart Connect Technology for Intel(R) NUC may allow an authenticated user to potentially enable escalation of privilege via local access. | 7.8 |
| 2019-10-10 | CVE-2019-11528 | Incorrect Permission Assignment for Critical Resource vulnerability in Softing Uagate SI Firmware 1.60.01 An issue was discovered in Softing uaGate SI 1.60.01. | 7.5 |
| 2019-10-10 | CVE-2019-11526 | Incorrect Permission Assignment for Critical Resource vulnerability in Softing Uagate SI Firmware 1.60.01 An issue was discovered in Softing uaGate SI 1.60.01. | 9.8 |
| 2019-10-10 | CVE-2019-1378 | Incorrect Permission Assignment for Critical Resource vulnerability in Microsoft Windows 10 Update Assistant An elevation of privilege vulnerability exists in Windows 10 Update Assistant in the way it handles permissions.A locally authenticated attacker could run arbitrary code with elevated system privileges, aka 'Windows 10 Update Assistant Elevation of Privilege Vulnerability'. | 7.8 |
| 2019-10-09 | CVE-2019-3765 | Incorrect Permission Assignment for Critical Resource vulnerability in Dell products Dell EMC Avamar Server versions 7.4.1, 7.5.0, 7.5.1, 18.2 and 19.1 and Dell EMC Integrated Data Protection Appliance (IDPA) versions 2.0, 2.1, 2.2, 2.3 and 2.4 contain an Incorrect Permission Assignment for Critical Resource vulnerability. | 8.1 |
| 2019-10-09 | CVE-2019-6465 | Incorrect Permission Assignment for Critical Resource vulnerability in multiple products Controls for zone transfers may not be properly applied to Dynamically Loadable Zones (DLZs) if the zones are writable Versions affected: BIND 9.9.0 -> 9.10.8-P1, 9.11.0 -> 9.11.5-P2, 9.12.0 -> 9.12.3-P2, and versions 9.9.3-S1 -> 9.11.5-S3 of BIND 9 Supported Preview Edition. | 5.3 |
| 2019-10-07 | CVE-2015-9456 | Incorrect Permission Assignment for Critical Resource vulnerability in Orbisius Child Theme Creator The orbisius-child-theme-creator plugin before 1.2.8 for WordPress has incorrect access control for file modification via the wp-admin/admin-ajax.php?action=orbisius_ctc_theme_editor_ajax&sub_cmd=save_file theme_1, theme_1_file, or theme_1_file_contents parameter. | 6.5 |
| 2019-09-30 | CVE-2019-17051 | Incorrect Permission Assignment for Critical Resource vulnerability in Evernote Evernote before 7.13 GA on macOS allows code execution because the com.apple.quarantine attribute is not used for attachment files, as demonstrated by a one-click attack involving a drag-and-drop operation on a crafted Terminal file. | 7.8 |
| 2019-09-27 | CVE-2019-9378 | Incorrect Permission Assignment for Critical Resource vulnerability in Google Android 10.0 In the Activity Manager service, there is a possible permission bypass due to incorrect permission check. | 7.8 |
| 2019-09-25 | CVE-2019-12245 | Incorrect Permission Assignment for Critical Resource vulnerability in Silverstripe SilverStripe through 4.3.3 has incorrect access control for protected files uploaded via Upload::loadIntoFile(). | 5.3 |