Vulnerabilities > Incorrect Permission Assignment for Critical Resource
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-06-12 | CVE-2018-12259 | Incorrect Permission Assignment for Critical Resource vulnerability in Apollotechnologiesinc Momentum Axel 720P Firmware 5.1.8 An issue was discovered on Momentum Axel 720P 5.1.8 devices. | 6.8 |
| 2018-06-11 | CVE-2017-7821 | Incorrect Permission Assignment for Critical Resource vulnerability in Mozilla Firefox A vulnerability where WebExtensions can download and attempt to open a file of some non-executable file types. | 9.8 |
| 2018-06-11 | CVE-2017-5456 | Incorrect Permission Assignment for Critical Resource vulnerability in multiple products A mechanism to bypass file system access protections in the sandbox using the file system request constructor through an IPC message. | 9.8 |
| 2018-06-11 | CVE-2017-5426 | Incorrect Permission Assignment for Critical Resource vulnerability in Mozilla Firefox On Linux, if the secure computing mode BPF (seccomp-bpf) filter is running when the Gecko Media Plugin sandbox is started, the sandbox fails to be applied and items that would run within the sandbox are run protected only by the running filter which is typically weak compared to the sandbox. | 5.3 |
| 2018-06-08 | CVE-2018-4251 | Incorrect Permission Assignment for Critical Resource vulnerability in Apple mac OS X An issue was discovered in certain Apple products. | 5.5 |
| 2018-06-08 | CVE-2018-4238 | Incorrect Permission Assignment for Critical Resource vulnerability in Apple Iphone OS An issue was discovered in certain Apple products. | 2.4 |
| 2018-06-08 | CVE-2018-4220 | Incorrect Permission Assignment for Critical Resource vulnerability in Apple Swift An issue was discovered in certain Apple products. | 8.8 |
| 2018-06-07 | CVE-2018-0352 | Incorrect Permission Assignment for Critical Resource vulnerability in Cisco Wide Area Application Services 6.2(3) A vulnerability in the Disk Check Tool (disk-check.sh) for Cisco Wide Area Application Services (WAAS) Software could allow an authenticated, local attacker to elevate their privilege level to root. | 6.7 |
| 2018-06-04 | CVE-2017-18285 | Incorrect Permission Assignment for Critical Resource vulnerability in Burp Project Burp The Gentoo app-backup/burp package before 2.1.32 has incorrect group ownership of the /etc/burp directory, which might allow local users to obtain read and write access to arbitrary files by leveraging access to a certain account for a burp-server.conf change. | 7.1 |
| 2018-06-04 | CVE-2017-18284 | Incorrect Permission Assignment for Critical Resource vulnerability in Burp Project Burp The Gentoo app-backup/burp package before 2.1.32 sets the ownership of the PID file directory to the burp account, which might allow local users to kill arbitrary processes by leveraging access to this account for PID file modification before a root script sends a SIGKILL. | 7.1 |