Vulnerabilities > Incorrect Permission Assignment for Critical Resource
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-07-12 | CVE-2018-12979 | Incorrect Permission Assignment for Critical Resource vulnerability in Wago products An issue was discovered on WAGO e!DISPLAY 762-3000 through 762-3003 devices with firmware before FW 02. | 6.5 |
| 2018-07-09 | CVE-2018-13791 | Incorrect Permission Assignment for Critical Resource vulnerability in Abbyy Flexicapture The HTTP API in ABBYY FlexiCapture before 12 Release 1 Update 7 allows an attacker to conduct Access Control attacks via the /FlexiCapture12/Login/Server/SevaUserProfile FlexiCaptureTmsSts2 parameter. | 9.8 |
| 2018-07-09 | CVE-2018-1000621 | Incorrect Permission Assignment for Critical Resource vulnerability in Mycroft Mycroft-Core Mycroft AI mycroft-core version 18.2.8b and earlier contains a Incorrect Access Control vulnerability in Websocket configuration that can result in code execution. | 8.1 |
| 2018-07-09 | CVE-2017-7471 | Incorrect Permission Assignment for Critical Resource vulnerability in Qemu Quick Emulator (Qemu) built with the VirtFS, host directory sharing via Plan 9 File System (9pfs) support, is vulnerable to an improper access control issue. | 9.0 |
| 2018-07-06 | CVE-2018-11259 | Incorrect Permission Assignment for Critical Resource vulnerability in Qualcomm products Due to Improper Access Control of NAND-based EFS in Snapdragon Automobile, Snapdragon Mobile and Snapdragon Wear, From fastboot on a NAND-based device, the EFS partition can be erased. | 7.7 |
| 2018-07-06 | CVE-2018-13110 | Incorrect Permission Assignment for Critical Resource vulnerability in Adbglobal products All ADB broadband gateways / routers based on the Epicentro platform are affected by a privilege escalation vulnerability where attackers can gain access to the command line interface (CLI) if previously disabled by the ISP, escalate their privileges, and perform further attacks. | 7.5 |
| 2018-07-03 | CVE-2018-13122 | Incorrect Permission Assignment for Critical Resource vulnerability in Onefilecms onefilecms.php in OneFileCMS through 2017-10-08 might allow attackers to delete arbitrary files via the Delete File(s) screen, as demonstrated by a ?i=var/www/html/&f=123.php&p=edit&p=deletefile URI. | 6.5 |
| 2018-07-03 | CVE-2017-0913 | Incorrect Permission Assignment for Critical Resource vulnerability in Ubnt Ucrm Ubiquiti UCRM versions 2.3.0 to 2.7.7 allow an authenticated user to read arbitrary files in the local file system. | 4.7 |
| 2018-07-03 | CVE-2018-11642 | Incorrect Permission Assignment for Critical Resource vulnerability in Dialogic Powermedia XMS 3.5 Incorrect Permission Assignment on the /var/www/xms/cleanzip.sh shell script run periodically in Dialogic PowerMedia XMS through 3.5 allows local users to execute code as the root user. | 7.8 |
| 2018-07-03 | CVE-2018-1113 | Incorrect Permission Assignment for Critical Resource vulnerability in Redhat products setup before version 2.11.4-1.fc28 in Fedora and Red Hat Enterprise Linux added /sbin/nologin and /usr/sbin/nologin to /etc/shells. | 5.3 |