Vulnerabilities > Incorrect Permission Assignment for Critical Resource

DATE CVE VULNERABILITY TITLE RISK
2018-11-27 CVE-2018-11913 Incorrect Permission Assignment for Critical Resource vulnerability in Google Android
In all android releases(Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the linux kernel, improper configuration of dev nodes may lead to potential security issue.
local
low complexity
google CWE-732
7.8
7.8
2018-11-27 CVE-2018-11910 Incorrect Permission Assignment for Critical Resource vulnerability in Google Android
In all android releases(Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the linux kernel, improper access control can lead to device node and executable to be run from /persist/ which presents a potential issue.
local
low complexity
google CWE-732
7.8
7.8
2018-11-27 CVE-2018-11909 Incorrect Permission Assignment for Critical Resource vulnerability in Google Android
In all android releases(Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the linux kernel, improper access control can lead to device node and executable to be run from /cache/ which presents a potential issue.
local
low complexity
google CWE-732
7.8
7.8
2018-11-27 CVE-2018-11908 Incorrect Permission Assignment for Critical Resource vulnerability in Google Android
In all android releases(Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the linux kernel, improper access control can lead to device node and executable to be run from /data/ which presents a potential issue.
local
low complexity
google CWE-732
7.8
7.8
2018-11-27 CVE-2018-11907 Incorrect Permission Assignment for Critical Resource vulnerability in Google Android
In all android releases(Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the linux kernel, improper access control can lead to device node and executable to be run from /firmware/ which presents a potential issue.
local
low complexity
google CWE-732
7.8
7.8
2018-11-26 CVE-2018-13321 Incorrect Permission Assignment for Critical Resource vulnerability in Buffalo Ts5600D1206 Firmware 3.610.10
Incorrect access controls in nasapi in Buffalo TS5600D1206 version 3.61-0.10 allow attackers to call dangerous internal functions via the "method" parameter.
network
low complexity
buffalo CWE-732
8.8
8.8
2018-11-20 CVE-2018-18561 Incorrect Permission Assignment for Critical Resource vulnerability in Roche products
An issue was discovered in Roche Accu-Chek Inform II Base Unit / Base Unit Hub before 03.01.04 and CoaguChek / cobas h232 Handheld Base Unit before 03.01.04.
low complexity
roche CWE-732
8.0
8.0
2018-11-15 CVE-2018-14934 Incorrect Permission Assignment for Critical Resource vulnerability in Polycom Trio 8500 Firmware 5.5.2/5.5.3
The Bluetooth subsystem on Polycom Trio devices with software before 5.5.4 has Incorrect Access Control.
low complexity
polycom CWE-732
6.5
6.5
2018-11-14 CVE-2018-6057 Incorrect Permission Assignment for Critical Resource vulnerability in multiple products
Lack of special casing of Android ashmem in Google Chrome prior to 65.0.3325.146 allowed a remote attacker who had compromised the renderer process to bypass inter-process read only guarantees via a crafted HTML page.
network
low complexity
google redhat debian CWE-732
8.8
8.8
2018-11-14 CVE-2018-3697 Incorrect Permission Assignment for Critical Resource vulnerability in Intel Media Server Studio 2015/2016/2017
Improper directory permissions in the installer for the Intel Media Server Studio may allow unprivileged users to potentially enable an escalation of privilege via local access.
local
low complexity
intel CWE-732
7.8
7.8