Vulnerabilities > Incorrect Permission Assignment for Critical Resource
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-10-08 | CVE-2018-17775 | Incorrect Permission Assignment for Critical Resource vulnerability in Seqrite END Point Security 7.4 Seqrite End Point Security v7.4 has "Everyone: (F)" permission for %PROGRAMFILES%\Seqrite\Seqrite, which allows local users to gain privileges by replacing an executable file with a Trojan horse. | 7.8 |
| 2018-10-08 | CVE-2018-1750 | Incorrect Permission Assignment for Critical Resource vulnerability in IBM Security KEY Lifecycle Manager IBM Security Key Lifecycle Manager 3.0 specifies permissions for a security-critical resource in a way that allows that resource to be read or modified by unintended actors. | 8.1 |
| 2018-10-05 | CVE-2018-11064 | Incorrect Permission Assignment for Critical Resource vulnerability in Dell products Dell EMC Unity OE versions 4.3.0.x and 4.3.1.x and UnityVSA OE versions 4.3.0.x and 4.3.1.x contains an Incorrect File Permissions vulnerability. | 7.8 |
| 2018-10-05 | CVE-2018-15379 | Incorrect Permission Assignment for Critical Resource vulnerability in Cisco Prime Infrastructure A vulnerability in which the HTTP web server for Cisco Prime Infrastructure (PI) has unrestricted directory permissions could allow an unauthenticated, remote attacker to upload an arbitrary file. | 9.8 |
| 2018-10-05 | CVE-2018-0422 | Incorrect Permission Assignment for Critical Resource vulnerability in Cisco products A vulnerability in the folder permissions of Cisco Webex Meetings client for Windows could allow an authenticated, local attacker to modify locally stored files and execute code on a targeted device with the privilege level of the user. | 7.3 |
| 2018-10-04 | CVE-2018-17872 | Incorrect Permission Assignment for Critical Resource vulnerability in Verint products Verba Collaboration Compliance and Quality Management Platform before 9.2.1.5545 has Insecure Permissions. | 8.8 |
| 2018-10-02 | CVE-2018-6261 | Incorrect Permission Assignment for Critical Resource vulnerability in Nvidia Geforce Experience NVIDIA GeForce Experience prior to 3.15 contains a vulnerability when GameStream is enabled which sets incorrect permissions on a file, which may to code execution, denial of service, or escalation of privileges by users with system access. | 7.0 |
| 2018-10-01 | CVE-2018-1420 | Incorrect Permission Assignment for Critical Resource vulnerability in IBM Websphere Portal IBM WebSphere Portal 7.0, 8.0, 8.5, and 9.0 resets access control settings to the out of the box configuration during Combined Cumulative Fix (CF) installation. | 6.5 |
| 2018-09-28 | CVE-2018-17776 | Incorrect Permission Assignment for Critical Resource vulnerability in Pcprotect Antivirus 4.8.35 PCProtect Anti-Virus v4.8.35 has "Everyone: (F)" permission for %PROGRAMFILES(X86)%\PCProtect, which allows local users to gain privileges by replacing an executable file with a Trojan horse. | 7.8 |
| 2018-09-27 | CVE-2018-14650 | Incorrect Permission Assignment for Critical Resource vulnerability in multiple products It was discovered that sos-collector does not properly set the default permissions of newly created files, making all files created by the tool readable by any local user. | 5.0 |