Vulnerabilities > Incorrect Permission Assignment for Critical Resource
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-09-24 | CVE-2018-14825 | Incorrect Permission Assignment for Critical Resource vulnerability in Honeywell products On Honeywell Mobile Computers (CT60 running Android OS 7.1, CN80 running Android OS 7.1, CT40 running Android OS 7.1, CK75 running Android OS 6.0, CN75 running Android OS 6.0, CN75e running Android OS 6.0, CT50 running Android OS 6.0, D75e running Android OS 6.0, CT50 running Android OS 4.4, D75e running Android OS 4.4, CN51 running Android OS 6.0, EDA50k running Android 4.4, EDA50 running Android OS 7.1, EDA50k running Android OS 7.1, EDA70 running Android OS 7.1, EDA60k running Android OS 7.1, and EDA51 running Android OS 8.1), a skilled attacker with advanced knowledge of the target system could exploit this vulnerability by creating an application that would successfully bind to the service and gain elevated system privileges. | 6.8 |
| 2018-09-21 | CVE-2018-11240 | Incorrect Permission Assignment for Critical Resource vulnerability in Softcase T-Router Firmware 20112017 An issue was discovered on SoftCase T-Router build 20112017 devices. | 10.0 |
| 2018-09-21 | CVE-2018-1711 | Incorrect Permission Assignment for Critical Resource vulnerability in IBM DB2 IBM DB2 for Linux, UNIX and Windows (includes DB2 Connect Server) 9.7, 10.1, 10.5, and 11.1 could allow a local user to to gain privileges due to allowing modification of columns of existing tasks. | 4.6 |
| 2018-09-20 | CVE-2018-11277 | Incorrect Permission Assignment for Critical Resource vulnerability in Qualcomm products In Snapdragon (Automobile, Mobile, Wear) in version MSM8909W, MSM8996AU, SD 210/SD 212/SD 205, SD 430, SD 450, SD 615/16/SD 415, SD 617, SD 625, SD 650/52, SD 810, SD 820, SD 820A, SD 835, SD 845, SDA660, the com.qualcomm.embms is a vendor package deployed in the system image which has an inadequate permission level and allows any application installed from Play Store to request this permission at install-time. | 4.6 |
| 2018-09-18 | CVE-2018-16958 | Incorrect Permission Assignment for Critical Resource vulnerability in Oracle Webcenter Interaction 10.3.3 An issue was discovered in Oracle WebCenter Interaction Portal 10.3.3. | 5.8 |
| 2018-09-14 | CVE-2018-17037 | Incorrect Permission Assignment for Critical Resource vulnerability in Ucms Project Ucms 1.4.6 user/editpost.php in UCMS 1.4.6 mishandles levels, which allows escalation from the normal user level of 1 to the superuser level of 3. | 6.5 |
| 2018-09-12 | CVE-2018-12168 | Incorrect Permission Assignment for Critical Resource vulnerability in Intel Computing Improvement Program Privilege escalation in file permissions in Intel Computing Improvement Program before version 2.2.0.03942 may allow an authenticated user to potentially execute code as administrator via local access. | 7.2 |
| 2018-09-12 | CVE-2018-12162 | Incorrect Permission Assignment for Critical Resource vulnerability in Intel Openvino Toolkit Directory permissions in the Intel OpenVINO Toolkit for Windows before version 2018.1.265 may allow an authenticated user to potentially execute code using default directory permissions via local access. | 4.6 |
| 2018-09-12 | CVE-2018-12148 | Incorrect Permission Assignment for Critical Resource vulnerability in Intel Driver & Support Assistant Privilege escalation in file permissions in Intel Driver and Support Assistant before 3.5.0.1 may allow an authenticated user to potentially execute code as administrator via local access. | 7.2 |
| 2018-09-12 | CVE-2018-15502 | Incorrect Permission Assignment for Critical Resource vulnerability in Lwolf Loading Docs 20180813 Insecure permissions in Lone Wolf Technologies loadingDOCS 2018-08-13 allow remote attackers to download any confidential files via https requests for predictable URLs. | 5.0 |