Vulnerabilities > Incorrect Permission Assignment for Critical Resource
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-10-08 | CVE-2018-17775 | Incorrect Permission Assignment for Critical Resource vulnerability in Seqrite END Point Security 7.4 Seqrite End Point Security v7.4 has "Everyone: (F)" permission for %PROGRAMFILES%\Seqrite\Seqrite, which allows local users to gain privileges by replacing an executable file with a Trojan horse. | 7.8 |
| 2018-10-08 | CVE-2018-1750 | Incorrect Permission Assignment for Critical Resource vulnerability in IBM Security KEY Lifecycle Manager IBM Security Key Lifecycle Manager 3.0 specifies permissions for a security-critical resource in a way that allows that resource to be read or modified by unintended actors. | 8.1 |
| 2018-10-05 | CVE-2018-11064 | Incorrect Permission Assignment for Critical Resource vulnerability in Dell products Dell EMC Unity OE versions 4.3.0.x and 4.3.1.x and UnityVSA OE versions 4.3.0.x and 4.3.1.x contains an Incorrect File Permissions vulnerability. | 7.8 |
| 2018-10-05 | CVE-2018-15379 | Incorrect Permission Assignment for Critical Resource vulnerability in Cisco Prime Infrastructure A vulnerability in which the HTTP web server for Cisco Prime Infrastructure (PI) has unrestricted directory permissions could allow an unauthenticated, remote attacker to upload an arbitrary file. | 9.8 |
| 2018-10-05 | CVE-2018-0422 | Incorrect Permission Assignment for Critical Resource vulnerability in Cisco products A vulnerability in the folder permissions of Cisco Webex Meetings client for Windows could allow an authenticated, local attacker to modify locally stored files and execute code on a targeted device with the privilege level of the user. | 7.3 |
| 2018-10-04 | CVE-2018-17872 | Incorrect Permission Assignment for Critical Resource vulnerability in Verint products Verba Collaboration Compliance and Quality Management Platform before 9.2.1.5545 has Insecure Permissions. | 8.8 |
| 2018-10-02 | CVE-2018-6261 | Incorrect Permission Assignment for Critical Resource vulnerability in Nvidia Geforce Experience NVIDIA GeForce Experience prior to 3.15 contains a vulnerability when GameStream is enabled which sets incorrect permissions on a file, which may to code execution, denial of service, or escalation of privileges by users with system access. | 7.0 |
| 2018-10-01 | CVE-2018-1420 | Incorrect Permission Assignment for Critical Resource vulnerability in IBM Websphere Portal IBM WebSphere Portal 7.0, 8.0, 8.5, and 9.0 resets access control settings to the out of the box configuration during Combined Cumulative Fix (CF) installation. | 6.5 |
| 2018-09-28 | CVE-2018-17776 | Incorrect Permission Assignment for Critical Resource vulnerability in Pcprotect Antivirus 4.8.35 PCProtect Anti-Virus v4.8.35 has "Everyone: (F)" permission for %PROGRAMFILES(X86)%\PCProtect, which allows local users to gain privileges by replacing an executable file with a Trojan horse. | 7.8 |
| 2018-09-26 | CVE-2018-16588 | Incorrect Permission Assignment for Critical Resource vulnerability in Suse Shadow 4.2.127.9.1/4.55.39 Privilege escalation can occur in the SUSE useradd.c code in useradd, as distributed in the SUSE shadow package through 4.2.1-27.9.1 for SUSE Linux Enterprise 12 (SLE-12) and through 4.5-5.39 for SUSE Linux Enterprise 15 (SLE-15). | 7.8 |