Vulnerabilities > Incorrect Permission Assignment for Critical Resource

DATE	CVE	VULNERABILITY TITLE	RISK
2019-05-13	CVE-2019-8342	Incorrect Permission Assignment for Critical Resource vulnerability in Foxitsoftware Foxit Reader 3.1.0.0111 A Local Privilege Escalation in libqcocoa.dylib in Foxit Reader 3.1.0.0111 on macOS has been discovered due to an incorrect permission set. local low complexity foxitsoftware CWE-732	4.6
2019-05-13	CVE-2018-4028	Incorrect Permission Assignment for Critical Resource vulnerability in Anker-In Roav Dashcam A1 Firmware 1.9 An exploitable firmware update vulnerability exists in the NT9665X Chipset firmware running on the Anker Roav A1 Dashcam, version RoavA1SWV1.9. network low complexity anker-in CWE-732	7.8
2019-05-13	CVE-2018-12296	Incorrect Permission Assignment for Critical Resource vulnerability in Seagate NAS OS 4.3.15.1 Insufficient access control in /api/external/7.0/system.System.get_infos in Seagate NAS OS version 4.3.15.1 allows attackers to obtain information about the NAS without authentication via empty POST requests. network low complexity seagate CWE-732	5.0
2019-05-06	CVE-2018-4073	Incorrect Permission Assignment for Critical Resource vulnerability in Sierrawireless Airlink Es450 Firmware 4.9.3 An exploitable Permission Assignment vulnerability exists in the ACEManager EmbeddedAceSet_Task.cgi functionality of Sierra Wireless AirLink ES450 FW 4.9.3. network low complexity sierrawireless CWE-732	6.5
2019-05-06	CVE-2018-4072	Incorrect Permission Assignment for Critical Resource vulnerability in Sierrawireless Airlink Es450 Firmware 4.9.3 An exploitable Permission Assignment vulnerability exists in the ACEManager EmbeddedAceSet_Task.cgi functionality of Sierra Wireless AirLink ES450 FW 4.9.3. network low complexity sierrawireless CWE-732	6.5
2019-04-30	CVE-2018-19374	Incorrect Permission Assignment for Critical Resource vulnerability in Zohocorp Manageengine Admanager Plus 6.6 Zoho ManageEngine ADManager Plus 6.6 Build 6657 allows local users to gain privileges (after a reboot) by placing a Trojan horse file into the permissive bin directory. local zohocorp CWE-732	6.9
2019-04-25	CVE-2018-14980	Incorrect Permission Assignment for Critical Resource vulnerability in Asus Zenfone 3 MAX Firmware The ASUS ZenFone 3 Max Android device with a build fingerprint of asus/US_Phone/ASUS_X008_1:7.0/NRD90M/US_Phone-14.14.1711.92-20171208:user/release-keys contains the android framework (i.e., system_server) with a package name of android (versionCode=24, versionName=7.0) that has been modified by ASUS or another entity in the supply chain. local low complexity asus CWE-732	3.6
2019-04-23	CVE-2019-10710	Incorrect Permission Assignment for Critical Resource vulnerability in Hisilicon Hi3510 Firmware Insecure permissions in the Web management portal on all IP cameras based on Hisilicon Hi3510 firmware allow authenticated attackers to receive a network's cleartext WiFi credentials via a specific HTTP request. network low complexity hisilicon CWE-732	4.0
2019-04-17	CVE-2018-18094	Incorrect Permission Assignment for Critical Resource vulnerability in Intel Media SDK 2017/2018 Improper directory permissions in installer for Intel(R) Media SDK before 2018 R2.1 may allow an authenticated user to potentially enable escalation of privilege via local access. local low complexity intel CWE-732	4.6
2019-04-12	CVE-2018-6269	Incorrect Permission Assignment for Critical Resource vulnerability in Nvidia Jetson TX2 R28.1/R28.2.1 NVIDIA Jetson TX2 contains a vulnerability in the kernel driver where input/output control (IOCTL) handling for user mode requests could create a non-trusted pointer dereference, which may lead to information disclosure, denial of service, escalation of privileges, or code execution. local low complexity nvidia CWE-732	4.6