Vulnerabilities > Incorrect Permission Assignment for Critical Resource

DATE CVE VULNERABILITY TITLE RISK
2019-03-07 CVE-2019-1596 Incorrect Permission Assignment for Critical Resource vulnerability in Cisco Nx-Os
A vulnerability in the Bash shell implementation for Cisco NX-OS Software could allow an authenticated, local attacker to escalate their privilege level to root.
local
low complexity
cisco CWE-732
7.8
7.8
2019-03-01 CVE-2018-20798 Incorrect Permission Assignment for Critical Resource vulnerability in Netgate Pfsense 2.4.4
The expiretable configuration in pfSense 2.4.4_1 establishes block durations that are incompatible with the block durations implemented by sshguard, which might make it easier for attackers to bypass intended access restrictions.
network
low complexity
netgate CWE-732
7.5
7.5
2019-02-28 CVE-2018-18495 Incorrect Permission Assignment for Critical Resource vulnerability in multiple products
WebExtension content scripts can be loaded into about: pages in some circumstances, in violation of the permissions granted to extensions.
network
low complexity
mozilla canonical CWE-732
6.5
6.5
2019-02-28 CVE-2018-12396 Incorrect Permission Assignment for Critical Resource vulnerability in multiple products
A vulnerability where a WebExtension can run content scripts in disallowed contexts following navigation or other events.
network
low complexity
mozilla debian canonical redhat CWE-732
6.5
6.5
2019-02-28 CVE-2019-2001 Incorrect Permission Assignment for Critical Resource vulnerability in Google Android
The permissions on /proc/iomem were world-readable.
local
low complexity
google CWE-732
5.5
5.5
2019-02-22 CVE-2019-7729 Incorrect Permission Assignment for Critical Resource vulnerability in Bosch Smart Camera
An issue was discovered in the Bosch Smart Camera App before 1.3.1 for Android.
local
low complexity
bosch CWE-732
3.3
3.3
2019-02-19 CVE-2018-9867 Incorrect Permission Assignment for Critical Resource vulnerability in Sonicwall Sonicos and Sonicosv
In SonicWall SonicOS, administrators without full permissions can download imported certificates.
local
low complexity
sonicwall CWE-732
5.5
5.5
2019-02-18 CVE-2019-0111 Incorrect Permission Assignment for Critical Resource vulnerability in Intel Data Center Manager
Improper file permissions for Intel(R) Data Center Manager SDK before version 5.0.2 may allow an authenticated user to potentially enable information disclosure via local access.
local
low complexity
intel CWE-732
5.5
5.5
2019-02-18 CVE-2019-0108 Incorrect Permission Assignment for Critical Resource vulnerability in Intel Data Center Manager
Improper file permissions for Intel(R) Data Center Manager SDK before version 5.0.2 may allow an authenticated user to potentially enable disclosure of information via local access.
local
low complexity
intel CWE-732
5.5
5.5
2019-01-29 CVE-2018-10612 Incorrect Permission Assignment for Critical Resource vulnerability in Codesys products
In 3S-Smart Software Solutions GmbH CODESYS Control V3 products prior to version 3.5.14.0, user access management and communication encryption is not enabled by default, which could allow an attacker access to the device and sensitive information, including user credentials.
network
low complexity
codesys CWE-732
critical
 9.8
9.8