Vulnerabilities > Incorrect Permission Assignment for Critical Resource
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-11-27 | CVE-2018-11907 | Incorrect Permission Assignment for Critical Resource vulnerability in Google Android In all android releases(Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the linux kernel, improper access control can lead to device node and executable to be run from /firmware/ which presents a potential issue. | 7.2 |
| 2018-11-26 | CVE-2018-13321 | Incorrect Permission Assignment for Critical Resource vulnerability in Buffalo Ts5600D1206 Firmware 3.610.10 Incorrect access controls in nasapi in Buffalo TS5600D1206 version 3.61-0.10 allow attackers to call dangerous internal functions via the "method" parameter. | 6.5 |
| 2018-11-20 | CVE-2018-18561 | Incorrect Permission Assignment for Critical Resource vulnerability in Roche products An issue was discovered in Roche Accu-Chek Inform II Base Unit / Base Unit Hub before 03.01.04 and CoaguChek / cobas h232 Handheld Base Unit before 03.01.04. | 7.7 |
| 2018-11-15 | CVE-2018-14934 | Incorrect Permission Assignment for Critical Resource vulnerability in Polycom Trio 8500 Firmware The Bluetooth subsystem on Polycom Trio devices with software before 5.5.4 has Incorrect Access Control. | 3.3 |
| 2018-11-14 | CVE-2018-6057 | Incorrect Permission Assignment for Critical Resource vulnerability in multiple products Lack of special casing of Android ashmem in Google Chrome prior to 65.0.3325.146 allowed a remote attacker who had compromised the renderer process to bypass inter-process read only guarantees via a crafted HTML page. | 8.8 |
| 2018-11-14 | CVE-2018-3697 | Incorrect Permission Assignment for Critical Resource vulnerability in Intel Media Server Studio 2015/2016/2017 Improper directory permissions in the installer for the Intel Media Server Studio may allow unprivileged users to potentially enable an escalation of privilege via local access. | 4.6 |
| 2018-11-13 | CVE-2018-2490 | Incorrect Permission Assignment for Critical Resource vulnerability in SAP Fiori Client The broadcast messages received by SAP Fiori Client are not protected by permissions. | 6.8 |
| 2018-11-13 | CVE-2018-2489 | Incorrect Permission Assignment for Critical Resource vulnerability in SAP Fiori Client Locally, without any permission, an arbitrary android application could delete the SSO configuration of SAP Fiori Client. | 6.8 |
| 2018-11-07 | CVE-2018-19072 | Incorrect Permission Assignment for Critical Resource vulnerability in multiple products An issue was discovered on Foscam C2 devices with System Firmware 1.11.1.8 and Application Firmware 2.72.1.32, and Opticam i5 devices with System Firmware 1.5.2.11 and Application Firmware 2.21.1.128. | 3.6 |
| 2018-11-07 | CVE-2018-19071 | Incorrect Permission Assignment for Critical Resource vulnerability in multiple products An issue was discovered on Foscam C2 devices with System Firmware 1.11.1.8 and Application Firmware 2.72.1.32, and Opticam i5 devices with System Firmware 1.5.2.11 and Application Firmware 2.21.1.128. | 4.6 |