Vulnerabilities > Incorrect Permission Assignment for Critical Resource
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-07-13 | CVE-2018-1000209 | Incorrect Permission Assignment for Critical Resource vulnerability in Sensu Core Sensu, Inc. | 8.8 |
| 2018-07-13 | CVE-2018-1000207 | Incorrect Permission Assignment for Critical Resource vulnerability in Modx Revolution MODX Revolution version <=2.6.4 contains a Incorrect Access Control vulnerability in Filtering user parameters before passing them into phpthumb class that can result in Creating file with custom a filename and content. | 7.2 |
| 2018-07-13 | CVE-2018-14043 | Incorrect Permission Assignment for Critical Resource vulnerability in Monetra Mstdlib 1.2.0 mstdlib (aka the M Standard Library for C) 1.2.0 has incorrect file access control in situations where M_fs_perms_can_access attempts to delete an existing file (that lacks public read/write access) during a copy operation, related to fs/m_fs.c and fs/m_fs_path.c. | 9.8 |
| 2018-07-12 | CVE-2018-12979 | Incorrect Permission Assignment for Critical Resource vulnerability in Wago products An issue was discovered on WAGO e!DISPLAY 762-3000 through 762-3003 devices with firmware before FW 02. | 6.5 |
| 2018-07-09 | CVE-2018-13791 | Incorrect Permission Assignment for Critical Resource vulnerability in Abbyy Flexicapture The HTTP API in ABBYY FlexiCapture before 12 Release 1 Update 7 allows an attacker to conduct Access Control attacks via the /FlexiCapture12/Login/Server/SevaUserProfile FlexiCaptureTmsSts2 parameter. | 9.8 |
| 2018-07-09 | CVE-2018-1000621 | Incorrect Permission Assignment for Critical Resource vulnerability in Mycroft Mycroft-Core Mycroft AI mycroft-core version 18.2.8b and earlier contains a Incorrect Access Control vulnerability in Websocket configuration that can result in code execution. | 8.1 |
| 2018-07-09 | CVE-2017-7471 | Incorrect Permission Assignment for Critical Resource vulnerability in Qemu Quick Emulator (Qemu) built with the VirtFS, host directory sharing via Plan 9 File System (9pfs) support, is vulnerable to an improper access control issue. | 9.0 |
| 2018-07-06 | CVE-2018-11259 | Incorrect Permission Assignment for Critical Resource vulnerability in Qualcomm products Due to Improper Access Control of NAND-based EFS in Snapdragon Automobile, Snapdragon Mobile and Snapdragon Wear, From fastboot on a NAND-based device, the EFS partition can be erased. | 7.7 |
| 2018-07-06 | CVE-2018-13110 | Incorrect Permission Assignment for Critical Resource vulnerability in Adbglobal products All ADB broadband gateways / routers based on the Epicentro platform are affected by a privilege escalation vulnerability where attackers can gain access to the command line interface (CLI) if previously disabled by the ISP, escalate their privileges, and perform further attacks. | 7.5 |
| 2018-07-03 | CVE-2018-13122 | Incorrect Permission Assignment for Critical Resource vulnerability in Onefilecms onefilecms.php in OneFileCMS through 2017-10-08 might allow attackers to delete arbitrary files via the Delete File(s) screen, as demonstrated by a ?i=var/www/html/&f=123.php&p=edit&p=deletefile URI. | 6.5 |