Vulnerabilities > Incorrect Permission Assignment for Critical Resource
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-12-28 | CVE-2018-14987 | Incorrect Permission Assignment for Critical Resource vulnerability in MXQ Project MXQ TV BOX Firmware 4.4.2 The MXQ TV Box 4.4.2 Android device with a build fingerprint of MBX/m201_N/m201_N:4.4.2/KOT49H/20160106:user/test-keys contains the Android framework with a package name of android (versionCode=19, versionName=4.4.2-20170213) that dynamically registers a broadcast receiver app component named com.android.server.MasterClearReceiver instead of statically registering it in the AndroidManifest.xml file of the core Android package, as done in Android Open Source Project (AOSP) code for Android 4.4.2. | 7.1 |
| 2018-12-28 | CVE-2018-20567 | Incorrect Permission Assignment for Critical Resource vulnerability in Douco Douphp 1.5 An issue was discovered in DouCo DouPHP 1.5 20181221. | 5.3 |
| 2018-12-24 | CVE-2018-20420 | Incorrect Permission Assignment for Critical Resource vulnerability in Weberp 4.15 In webERP 4.15, Z_CreateCompanyTemplateFile.php has Incorrect Access Control, leading to the overwrite of an existing .sql file on the target web site by creating a template and then using ../ directory traversal in the TemplateName parameter. | 4.9 |
| 2018-12-21 | CVE-2018-18332 | Incorrect Permission Assignment for Critical Resource vulnerability in Trendmicro Officescan XG A Trend Micro OfficeScan XG weak file permissions vulnerability may allow an attacker to potentially manipulate permissions on some key files to modify other files and folders on vulnerable installations. | 7.5 |
| 2018-12-21 | CVE-2018-18331 | Incorrect Permission Assignment for Critical Resource vulnerability in Trendmicro Officescan XG A Trend Micro OfficeScan XG weak file permissions vulnerability on a particular folder for a particular group may allow an attacker to alter the files, which could lead to other exploits on vulnerable installations. | 7.5 |
| 2018-12-20 | CVE-2018-11964 | Incorrect Permission Assignment for Critical Resource vulnerability in Google Android In all android releases(Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the linux kernel, Exposing the hashed content in /etc/passwd may lead to security issue. | 7.8 |
| 2018-12-18 | CVE-2018-6978 | Incorrect Permission Assignment for Critical Resource vulnerability in VMWare Vrealize Operations vRealize Operations (7.x before 7.0.0.11287810, 6.7.x before 6.7.0.11286837 and 6.6.x before 6.6.1.11286876) contains a local privilege escalation vulnerability due to improper permissions of support scripts. | 6.7 |
| 2018-12-14 | CVE-2018-3705 | Incorrect Permission Assignment for Critical Resource vulnerability in Intel System Defense Utility Improper directory permissions in the installer for the Intel(R) System Defense Utility (all versions) may allow authenticated users to potentially enable a denial of service via local access. | 5.5 |
| 2018-12-14 | CVE-2018-3704 | Incorrect Permission Assignment for Critical Resource vulnerability in Intel Parallel Studio and Parallel Studio XE Improper directory permissions in the installer for the Intel Parallel Studio before 2019 Gold may allow authenticated users to potentially enable an escalation of privilege via local access. | 7.8 |
| 2018-12-14 | CVE-2018-18097 | Incorrect Permission Assignment for Critical Resource vulnerability in Intel Solid State Drive Toolbox 3.4.3/3.5.3.0/3.5.5 Improper directory permissions in Intel Solid State Drive Toolbox before 3.5.7 may allow an authenticated user to potentially enable escalation of privilege via local access. | 7.8 |