Vulnerabilities > Incorrect Permission Assignment for Critical Resource
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-09-12 | CVE-2018-13412 | Incorrect Permission Assignment for Critical Resource vulnerability in Zohocorp Manageengine Desktop Central An issue was discovered in the Self Service Portal in Zoho ManageEngine Desktop Central before 10.0.282. | 7.8 |
| 2018-09-12 | CVE-2018-13411 | Incorrect Permission Assignment for Critical Resource vulnerability in Zohocorp Manageengine Desktop Central An issue was discovered in Zoho ManageEngine Desktop Central before 10.0.282. | 8.8 |
| 2018-09-11 | CVE-2018-11078 | Incorrect Permission Assignment for Critical Resource vulnerability in Dell EMC Vplex Geosynchrony 5.4/5.5/6.0 Dell EMC VPlex GeoSynchrony, versions prior to 6.1, contains an Insecure File Permissions vulnerability. | 7.5 |
| 2018-09-08 | CVE-2018-16715 | Incorrect Permission Assignment for Critical Resource vulnerability in Absolute Ctes Windows Agent 1.0.0.1479 An issue was discovered in Absolute Software CTES Windows Agent through 1.0.0.1479. | 8.8 |
| 2018-09-07 | CVE-2018-16703 | Incorrect Permission Assignment for Critical Resource vulnerability in Gleeztech Gleez CMS 1.2.0 A vulnerability in the Gleez CMS 1.2.0 login page could allow an unauthenticated, remote attacker to perform multiple user enumerations, which can further help an attacker to perform login attempts in excess of the configured login attempt limit. | 5.3 |
| 2018-09-06 | CVE-2018-1000660 | Incorrect Permission Assignment for Critical Resource vulnerability in Tockos Tock 1.0/1.1 TOCK version prior to commit 42f7f36e74088036068d62253e1d8fb26605feed. | 7.5 |
| 2018-09-05 | CVE-2018-16145 | Incorrect Permission Assignment for Critical Resource vulnerability in Opsview The /etc/init.d/opsview-reporting-module script that runs at boot time in Opsview Monitor before 5.3.1 and 5.4.x before 5.4.2 invokes a file that can be edited by the nagios user, and would allow attackers to elevate their privileges to root after a system restart, hence obtaining full control of the appliance. | 8.1 |
| 2018-09-05 | CVE-2018-16545 | Incorrect Permission Assignment for Critical Resource vulnerability in Kzsoftware Asset Manager and Training Manager Kaizen Asset Manager (Enterprise Edition) and Training Manager (Enterprise Edition) allow a remote attacker to achieve arbitrary code execution via file impersonation. | 7.8 |
| 2018-08-29 | CVE-2018-6598 | Incorrect Permission Assignment for Critical Resource vulnerability in Orbic Wonder Rc555L Firmware 7.1.2 An issue was discovered on Orbic Wonder Orbic/RC555L/RC555L:7.1.2/N2G47H/329100b:user/release-keys devices. | 7.1 |
| 2018-08-25 | CVE-2018-15869 | Incorrect Permission Assignment for Critical Resource vulnerability in Hashicorp Packer An Amazon Web Services (AWS) developer who does not specify the --owners flag when describing images via AWS CLI, and therefore not properly validating source software per AWS recommended security best practices, may unintentionally load an undesired and potentially malicious Amazon Machine Image (AMI) from the uncurated public community AMI catalog. | 5.3 |