Vulnerabilities > Incorrect Permission Assignment for Critical Resource
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-08-01 | CVE-2018-20906 | Incorrect Permission Assignment for Critical Resource vulnerability in Cpanel cPanel before 71.9980.37 allows attackers to make API calls that bypass the images feature restriction (SEC-430). | 4.3 |
| 2019-08-01 | CVE-2018-20905 | Incorrect Permission Assignment for Critical Resource vulnerability in Cpanel cPanel before 71.9980.37 allows attackers to make API calls that bypass the backup feature restriction (SEC-429). | 5.4 |
| 2019-08-01 | CVE-2018-20904 | Incorrect Permission Assignment for Critical Resource vulnerability in Cpanel cPanel before 71.9980.37 allows attackers to make API calls that bypass the cron feature restriction (SEC-427). | 4.3 |
| 2019-07-30 | CVE-2018-20871 | Incorrect Permission Assignment for Critical Resource vulnerability in Univa Grid Engine 8.6.3 In Univa Grid Engine before 8.6.3, when configured for Docker jobs and execd spooling on root_squash, weak file permissions ("other" write access) occur in certain cases (GE-6890). | 9.8 |
| 2019-07-30 | CVE-2019-14395 | Incorrect Permission Assignment for Critical Resource vulnerability in Cpanel cPanel before 80.0.5 uses world-readable permissions for the Queueprocd log (SEC-494). | 3.3 |
| 2019-07-22 | CVE-2018-2024 | Incorrect Permission Assignment for Critical Resource vulnerability in IBM Qradar Security Information and Event Manager 7.2.0/7.3.0 IBM QRadar SIEM 7.2 and 7.3 specifies permissions for a security-critical resource in a way that allows that resource to be read or modified by unintended actors. | 8.1 |
| 2019-07-19 | CVE-2019-1010101 | Incorrect Permission Assignment for Critical Resource vulnerability in Akeo Rufus Akeo Consulting Rufus 3.0 and earlier is affected by: Insecure Permissions. | 9.8 |
| 2019-07-17 | CVE-2019-5222 | Incorrect Permission Assignment for Critical Resource vulnerability in Huawei Honor Magic 2 Firmware 10.0.0.187(C00E61R2P11)/Tonyal00B/Tonytl00B9.0.0.182(C00E180R2P2) There is an information disclosure vulnerability on Secure Input of certain Huawei smartphones in Versions earlier than Tony-AL00B 9.1.0.216(C00E214R2P1). | 5.5 |
| 2019-07-17 | CVE-2019-12876 | Incorrect Permission Assignment for Critical Resource vulnerability in Zohocorp products Zoho ManageEngine ADManager Plus 6.6.5, ADSelfService Plus 5.7, and DesktopCentral 10.0.380 have Insecure Permissions, leading to Privilege Escalation from low level privileges to System. | 7.3 |
| 2019-07-15 | CVE-2019-1010009 | Incorrect Permission Assignment for Critical Resource vulnerability in Dglogik Dglux Server DGLogik Inc DGLux Server All Versions is affected by: Insecure Permissions. | 9.8 |