Vulnerabilities > Incorrect Permission Assignment for Critical Resource
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-06-05 | CVE-2018-10171 | Incorrect Permission Assignment for Critical Resource vulnerability in Kromtech Mackeeper 3.20.4 Kromtech MacKeeper 3.20.4 suffers from a root privilege escalation vulnerability through its `com.mackeeper.AdwareAnalyzer.AdwareAnalyzerPrivilegedHelper` component. | 9.8 |
| 2019-06-03 | CVE-2019-12373 | Incorrect Permission Assignment for Critical Resource vulnerability in Ivanti Landesk Management Suite 10.0.1.168 Improper access control and open directories in Ivanti LANDESK Management Suite (LDMS, aka Endpoint Manager) 10.0.1.168 Service Update 5 may lead to remote disclosure of administrator passwords. | 9.0 |
| 2019-06-03 | CVE-2019-12589 | Incorrect Permission Assignment for Critical Resource vulnerability in Firejail Project Firejail In Firejail before 0.9.60, seccomp filters are writable inside the jail, leading to a lack of intended seccomp restrictions for a process that is joined to the jail after a filter has been modified by an attacker. | 8.8 |
| 2019-05-28 | CVE-2018-20008 | Incorrect Permission Assignment for Critical Resource vulnerability in Iball Ib-Wrb302N Firmware Ibwrb302N20122017 iBall Baton iB-WRB302N20122017 devices have improper access control over the UART interface, allowing physical attackers to discover Wi-Fi credentials (plain text) and the web-console password (base64) via the debugging console. | 6.8 |
| 2019-05-23 | CVE-2019-4078 | Incorrect Permission Assignment for Critical Resource vulnerability in IBM Websphere MQ IBM WebSphere MQ 8.0.0.0 through 8.0.0.9 and 9.0.0.0 through 9.1.1 could allow a local non privileged user to execute code as an administrator due to incorrect permissions set on MQ installation directories. | 7.8 |
| 2019-05-23 | CVE-2019-12042 | Incorrect Permission Assignment for Critical Resource vulnerability in Pandasecurity products Insecure permissions of the section object Global\PandaDevicesAgentSharedMemory and the event Global\PandaDevicesAgentSharedMemoryChange in Panda products before 18.07.03 allow attackers to queue an event (as an encrypted JSON string) to the system service AgentSvc.exe, which leads to privilege escalation when the CmdLineExecute event is queued. | 9.8 |
| 2019-05-22 | CVE-2019-12102 | Incorrect Permission Assignment for Critical Resource vulnerability in Kentico Kentico 11 through 12 lets attackers upload and explore files without authentication via the cmsmodules/medialibrary/formcontrols/liveselectors/insertimageormedia/tabs_media.aspx URI. | 9.1 |
| 2019-05-21 | CVE-2019-12270 | Incorrect Permission Assignment for Critical Resource vulnerability in Opentext Brava! 16.3/16.4/7.5 OpenText Brava! Enterprise and Brava! Server 7.5 through 16.4 configure excessive permissions by default on Windows. | 7.4 |
| 2019-05-17 | CVE-2019-0171 | Incorrect Permission Assignment for Critical Resource vulnerability in Intel Quartus II and Quartus Prime Improper directory permissions in the installer for Intel(R) Quartus(R) software may allow an authenticated user to potentially enable escalation of privilege via local access. | 7.8 |
| 2019-05-17 | CVE-2019-0138 | Incorrect Permission Assignment for Critical Resource vulnerability in Intel ACU Wizard 12.0.0.129 Improper directory permissions in Intel(R) ACU Wizard version 12.0.0.129 and earlier may allow an authenticated user to potentially enable escalation of privilege via local access. | 7.8 |