Vulnerabilities > Incorrect Permission Assignment for Critical Resource
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-11-14 | CVE-2018-3697 | Incorrect Permission Assignment for Critical Resource vulnerability in Intel Media Server Studio 2015/2016/2017 Improper directory permissions in the installer for the Intel Media Server Studio may allow unprivileged users to potentially enable an escalation of privilege via local access. | 7.8 |
| 2018-11-13 | CVE-2018-2490 | Incorrect Permission Assignment for Critical Resource vulnerability in SAP Fiori Client The broadcast messages received by SAP Fiori Client are not protected by permissions. | 7.8 |
| 2018-11-13 | CVE-2018-2489 | Incorrect Permission Assignment for Critical Resource vulnerability in SAP Fiori Client Locally, without any permission, an arbitrary android application could delete the SSO configuration of SAP Fiori Client. | 7.8 |
| 2018-11-07 | CVE-2018-19072 | Incorrect Permission Assignment for Critical Resource vulnerability in multiple products An issue was discovered on Foscam C2 devices with System Firmware 1.11.1.8 and Application Firmware 2.72.1.32, and Opticam i5 devices with System Firmware 1.5.2.11 and Application Firmware 2.21.1.128. | 5.5 |
| 2018-11-07 | CVE-2018-19071 | Incorrect Permission Assignment for Critical Resource vulnerability in multiple products An issue was discovered on Foscam C2 devices with System Firmware 1.11.1.8 and Application Firmware 2.72.1.32, and Opticam i5 devices with System Firmware 1.5.2.11 and Application Firmware 2.21.1.128. | 7.8 |
| 2018-10-30 | CVE-2018-10712 | Incorrect Permission Assignment for Critical Resource vulnerability in Asrock products The AsrDrv101.sys and AsrDrv102.sys low-level drivers in ASRock RGBLED before v1.0.35.1, A-Tuning before v3.0.210, F-Stream before v3.0.210, and RestartToUEFI before v1.0.6.2 expose functionality to read/write data from/to IO ports. | 7.8 |
| 2018-10-30 | CVE-2018-10710 | Incorrect Permission Assignment for Critical Resource vulnerability in Asrock products The AsrDrv101.sys and AsrDrv102.sys low-level drivers in ASRock RGBLED before v1.0.35.1, A-Tuning before v3.0.210, F-Stream before v3.0.210, and RestartToUEFI before v1.0.6.2 expose functionality to read and write arbitrary physical memory. | 7.1 |
| 2018-10-30 | CVE-2018-10709 | Incorrect Permission Assignment for Critical Resource vulnerability in Asrock products The AsrDrv101.sys and AsrDrv102.sys low-level drivers in ASRock RGBLED before v1.0.35.1, A-Tuning before v3.0.210, F-Stream before v3.0.210, and RestartToUEFI before v1.0.6.2 expose functionality to read and write CR register values. | 7.8 |
| 2018-10-26 | CVE-2018-11951 | Incorrect Permission Assignment for Critical Resource vulnerability in Qualcomm SD 845 Firmware and SD 850 Firmware Improper access control in core module lead XBL_LOADER performs the ZI region clear for QTEE instead of XBL_SEC in Snapdragon Mobile in version SD 845, SD 850. | 5.5 |
| 2018-10-26 | CVE-2018-18654 | Incorrect Permission Assignment for Critical Resource vulnerability in Debian Crossroads 2.81 Crossroads 2.81 does not properly handle the /tmp directory during a build of xr. | 7.8 |