Vulnerabilities > Incorrect Default Permissions

DATE CVE VULNERABILITY TITLE RISK
2025-01-08 CVE-2023-52954 Incorrect Default Permissions vulnerability in Huawei Emui and Harmonyos
Vulnerability of improper permission control in the Gallery module Impact: Successful exploitation of this vulnerability may affect availability.
network
low complexity
huawei CWE-276
7.5
7.5
2025-01-08 CVE-2024-56440 Incorrect Default Permissions vulnerability in Huawei Emui and Harmonyos
Permission control vulnerability in the Connectivity module Impact: Successful exploitation of this vulnerability may cause features to perform abnormally.
network
low complexity
huawei CWE-276
7.5
7.5
2025-01-08 CVE-2024-56447 Incorrect Default Permissions vulnerability in Huawei Emui and Harmonyos
Vulnerability of improper permission control in the window management module Impact: Successful exploitation of this vulnerability may affect service confidentiality.
network
low complexity
huawei CWE-276
7.5
7.5
2024-12-12 CVE-2024-44224 Incorrect Default Permissions vulnerability in Apple Macos
A permissions issue was addressed with additional restrictions.
local
low complexity
apple CWE-276
7.8
7.8
2024-12-11 CVE-2024-10251 Incorrect Default Permissions vulnerability in Ivanti Security Controls
Under specific circumstances, insecure permissions in Ivanti Security Controls before version 2024.4.1 allows a local authenticated attacker to achieve local privilege escalation.
local
low complexity
ivanti CWE-276
7.8
7.8
2024-12-11 CVE-2024-8496 Incorrect Default Permissions vulnerability in Ivanti Workspace Control
Under specific circumstances, insecure permissions in Ivanti Workspace Control before version 10.18.40.0 allows a local authenticated attacker to achieve local privilege escalation.
local
low complexity
ivanti CWE-276
7.8
7.8
2024-12-11 CVE-2024-9845 Incorrect Default Permissions vulnerability in Ivanti Automation
Under specific circumstances, insecure permissions in Ivanti Automation before version 2024.4.0.1 allows a local authenticated attacker to achieve local privilege escalation.
local
low complexity
ivanti CWE-276
7.8
7.8
2024-11-15 CVE-2017-13310 Incorrect Default Permissions vulnerability in Google Android
In createFromParcel of ViewPager.java, there is a possible read/write serialization issue leading to a permissions bypass.
local
low complexity
google CWE-276
7.8
7.8
2024-11-12 CVE-2024-21937 Incorrect Default Permissions vulnerability in AMD Radeon Software and Radeon Software for HIP
Incorrect default permissions in the AMD HIP SDK installation directory could allow an attacker to achieve privilege escalation potentially resulting in arbitrary code execution.
local
low complexity
amd CWE-276
7.8
7.8
2024-11-12 CVE-2024-21938 Incorrect Default Permissions vulnerability in AMD Management Plugin for Sccm
Incorrect default permissions in the AMD Management Plugin for the Microsoft® System Center Configuration Manager (SCCM) installation directory could allow an attacker to achieve privilege escalation, potentially resulting in arbitrary code execution.
local
low complexity
amd CWE-276
7.8
7.8