Vulnerabilities > Incorrect Permission Assignment for Critical Resource
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-05-28 | CVE-2018-20008 | Incorrect Permission Assignment for Critical Resource vulnerability in Iball Ib-Wrb302N Firmware Ibwrb302N20122017 iBall Baton iB-WRB302N20122017 devices have improper access control over the UART interface, allowing physical attackers to discover Wi-Fi credentials (plain text) and the web-console password (base64) via the debugging console. | 6.8 |
| 2019-05-23 | CVE-2019-4078 | Incorrect Permission Assignment for Critical Resource vulnerability in IBM Websphere MQ IBM WebSphere MQ 8.0.0.0 through 8.0.0.9 and 9.0.0.0 through 9.1.1 could allow a local non privileged user to execute code as an administrator due to incorrect permissions set on MQ installation directories. | 7.8 |
| 2019-05-23 | CVE-2019-12042 | Incorrect Permission Assignment for Critical Resource vulnerability in Pandasecurity products Insecure permissions of the section object Global\PandaDevicesAgentSharedMemory and the event Global\PandaDevicesAgentSharedMemoryChange in Panda products before 18.07.03 allow attackers to queue an event (as an encrypted JSON string) to the system service AgentSvc.exe, which leads to privilege escalation when the CmdLineExecute event is queued. | 9.8 |
| 2019-05-22 | CVE-2019-10132 | Incorrect Permission Assignment for Critical Resource vulnerability in multiple products A vulnerability was found in libvirt >= 4.1.0 in the virtlockd-admin.socket and virtlogd-admin.socket systemd units. | 8.8 |
| 2019-05-22 | CVE-2019-12102 | Incorrect Permission Assignment for Critical Resource vulnerability in Kentico Kentico 11 through 12 lets attackers upload and explore files without authentication via the cmsmodules/medialibrary/formcontrols/liveselectors/insertimageormedia/tabs_media.aspx URI. | 9.1 |
| 2019-05-21 | CVE-2019-12270 | Incorrect Permission Assignment for Critical Resource vulnerability in Opentext Brava! 16.3/16.4/7.5 OpenText Brava! Enterprise and Brava! Server 7.5 through 16.4 configure excessive permissions by default on Windows. | 7.4 |
| 2019-05-17 | CVE-2019-0171 | Incorrect Permission Assignment for Critical Resource vulnerability in Intel Quartus II and Quartus Prime Improper directory permissions in the installer for Intel(R) Quartus(R) software may allow an authenticated user to potentially enable escalation of privilege via local access. | 7.8 |
| 2019-05-17 | CVE-2019-0138 | Incorrect Permission Assignment for Critical Resource vulnerability in Intel ACU Wizard 12.0.0.129 Improper directory permissions in Intel(R) ACU Wizard version 12.0.0.129 and earlier may allow an authenticated user to potentially enable escalation of privilege via local access. | 7.8 |
| 2019-05-17 | CVE-2019-0086 | Incorrect Permission Assignment for Critical Resource vulnerability in Intel products Insufficient access control vulnerability in Dynamic Application Loader software for Intel(R) CSME before versions 11.8.65, 11.11.65, 11.22.65, 12.0.35 and Intel(R) TXE 3.1.65, 4.0.15 may allow an unprivileged user to potentially enable escalation of privilege via local access. | 7.8 |
| 2019-05-17 | CVE-2018-3701 | Incorrect Permission Assignment for Critical Resource vulnerability in Intel Proset/Wireless Wifi Improper directory permissions in the installer for Intel(R) PROSet/Wireless WiFi Software version 20.100 and earlier may allow an authenticated user to potentially enable escalation of privilege via local access. | 7.8 |