Vulnerabilities > Incorrect Permission Assignment for Critical Resource
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-12-24 | CVE-2018-20420 | Incorrect Permission Assignment for Critical Resource vulnerability in Weberp 4.15 In webERP 4.15, Z_CreateCompanyTemplateFile.php has Incorrect Access Control, leading to the overwrite of an existing .sql file on the target web site by creating a template and then using ../ directory traversal in the TemplateName parameter. | 4.9 |
| 2018-12-21 | CVE-2018-18332 | Incorrect Permission Assignment for Critical Resource vulnerability in Trendmicro Officescan XG A Trend Micro OfficeScan XG weak file permissions vulnerability may allow an attacker to potentially manipulate permissions on some key files to modify other files and folders on vulnerable installations. | 7.5 |
| 2018-12-21 | CVE-2018-18331 | Incorrect Permission Assignment for Critical Resource vulnerability in Trendmicro Officescan XG A Trend Micro OfficeScan XG weak file permissions vulnerability on a particular folder for a particular group may allow an attacker to alter the files, which could lead to other exploits on vulnerable installations. | 7.5 |
| 2018-12-20 | CVE-2018-11964 | Incorrect Permission Assignment for Critical Resource vulnerability in Google Android In all android releases(Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the linux kernel, Exposing the hashed content in /etc/passwd may lead to security issue. | 7.8 |
| 2018-12-18 | CVE-2018-6978 | Incorrect Permission Assignment for Critical Resource vulnerability in VMWare Vrealize Operations vRealize Operations (7.x before 7.0.0.11287810, 6.7.x before 6.7.0.11286837 and 6.6.x before 6.6.1.11286876) contains a local privilege escalation vulnerability due to improper permissions of support scripts. | 6.7 |
| 2018-12-14 | CVE-2018-3705 | Incorrect Permission Assignment for Critical Resource vulnerability in Intel System Defense Utility Improper directory permissions in the installer for the Intel(R) System Defense Utility (all versions) may allow authenticated users to potentially enable a denial of service via local access. | 5.5 |
| 2018-12-14 | CVE-2018-3704 | Incorrect Permission Assignment for Critical Resource vulnerability in Intel Parallel Studio and Parallel Studio XE Improper directory permissions in the installer for the Intel Parallel Studio before 2019 Gold may allow authenticated users to potentially enable an escalation of privilege via local access. | 7.8 |
| 2018-12-14 | CVE-2018-18097 | Incorrect Permission Assignment for Critical Resource vulnerability in Intel Solid State Drive Toolbox 3.4.3/3.5.3.0/3.5.5 Improper directory permissions in Intel Solid State Drive Toolbox before 3.5.7 may allow an authenticated user to potentially enable escalation of privilege via local access. | 7.8 |
| 2018-12-14 | CVE-2018-18093 | Incorrect Permission Assignment for Critical Resource vulnerability in Intel Vtune Amplifier 2017/2018 Improper file permissions in the installer for Intel VTune Amplifier 2018 Update 3 and before may allow unprivileged user to potentially gain privileged access via local access. | 7.8 |
| 2018-12-13 | CVE-2018-20145 | Incorrect Permission Assignment for Critical Resource vulnerability in Eclipse Mosquitto Eclipse Mosquitto 1.5.x before 1.5.5 allows ACL bypass: if the option per_listener_settings was set to true, and the default listener was in use, and the default listener specified an acl_file, then the acl file was being ignored. | 7.5 |