Vulnerabilities > Incorrect Permission Assignment for Critical Resource
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-12-20 | CVE-2018-11964 | Incorrect Permission Assignment for Critical Resource vulnerability in Google Android In all android releases(Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the linux kernel, Exposing the hashed content in /etc/passwd may lead to security issue. | 7.2 |
| 2018-12-18 | CVE-2018-6978 | Incorrect Permission Assignment for Critical Resource vulnerability in VMWare Vrealize Operations 6.6.0/6.6.1/6.7.0 vRealize Operations (7.x before 7.0.0.11287810, 6.7.x before 6.7.0.11286837 and 6.6.x before 6.6.1.11286876) contains a local privilege escalation vulnerability due to improper permissions of support scripts. | 7.2 |
| 2018-12-14 | CVE-2018-3705 | Incorrect Permission Assignment for Critical Resource vulnerability in Intel System Defense Utility Improper directory permissions in the installer for the Intel(R) System Defense Utility (all versions) may allow authenticated users to potentially enable a denial of service via local access. | 2.1 |
| 2018-12-14 | CVE-2018-3704 | Incorrect Permission Assignment for Critical Resource vulnerability in Intel Parallel Studio and Parallel Studio XE Improper directory permissions in the installer for the Intel Parallel Studio before 2019 Gold may allow authenticated users to potentially enable an escalation of privilege via local access. | 4.6 |
| 2018-12-14 | CVE-2018-18097 | Incorrect Permission Assignment for Critical Resource vulnerability in Intel Solid State Drive Toolbox Improper directory permissions in Intel Solid State Drive Toolbox before 3.5.7 may allow an authenticated user to potentially enable escalation of privilege via local access. | 4.6 |
| 2018-12-14 | CVE-2018-18093 | Incorrect Permission Assignment for Critical Resource vulnerability in Intel Vtune Amplifier 2018 Improper file permissions in the installer for Intel VTune Amplifier 2018 Update 3 and before may allow unprivileged user to potentially gain privileged access via local access. | 4.6 |
| 2018-12-13 | CVE-2018-20145 | Incorrect Permission Assignment for Critical Resource vulnerability in Eclipse Mosquitto Eclipse Mosquitto 1.5.x before 1.5.5 allows ACL bypass: if the option per_listener_settings was set to true, and the default listener was in use, and the default listener specified an acl_file, then the acl file was being ignored. | 5.0 |
| 2018-12-11 | CVE-2018-18352 | Incorrect Permission Assignment for Critical Resource vulnerability in multiple products Service works could inappropriately gain access to cross origin audio in Media in Google Chrome prior to 71.0.3578.80 allowed a remote attacker to bypass same origin policy for audio content via a crafted HTML page. | 6.5 |
| 2018-12-11 | CVE-2018-18349 | Incorrect Permission Assignment for Critical Resource vulnerability in multiple products Remote frame navigations was incorrectly permitted to local resources in Blink in Google Chrome prior to 71.0.3578.80 allowed an attacker who convinced a user to install a malicious extension to access files on the local file system via a crafted Chrome Extension. | 6.5 |
| 2018-12-06 | CVE-2018-6755 | Incorrect Permission Assignment for Critical Resource vulnerability in Mcafee True KEY Weak Directory Permission Vulnerability in Microsoft Windows client in McAfee True Key (TK) 5.1.230.7 and earlier allows local users to execute arbitrary code via specially crafted malware. | 7.8 |