Vulnerabilities > Incorrect Default Permissions

DATE CVE VULNERABILITY TITLE RISK
2021-02-22 CVE-2020-22475 Incorrect Default Permissions vulnerability in Tasks
"Tasks" application version before 9.7.3 is affected by insecure permissions.
local
low complexity
tasks CWE-276
4.6
2021-02-18 CVE-2020-36233 Incorrect Default Permissions vulnerability in Atlassian Bitbucket
The Microsoft Windows Installer for Atlassian Bitbucket Server and Data Center before version 6.10.9, 7.x before 7.6.4, and from version 7.7.0 before 7.10.1 allows local attackers to escalate privileges because of weak permissions on the installation directory.
local
low complexity
atlassian CWE-276
4.6
2021-02-17 CVE-2020-8765 Incorrect Default Permissions vulnerability in Intel Realsense Depth Camera Manager
Incorrect default permissions in the installer for the Intel(R) RealSense(TM) DCM may allow a privileged user to potentially enable escalation of privilege via local access.
local
low complexity
intel CWE-276
4.6
2021-02-17 CVE-2020-8701 Incorrect Default Permissions vulnerability in Intel Solid-State Drive Toolbox 3.3.6
Incorrect default permissions in installer for the Intel(R) SSD Toolbox versions before 2/9/2021 may allow a privileged user to potentially enable escalation of privilege via local access.
local
low complexity
intel CWE-276
4.6
2021-02-17 CVE-2020-0524 Incorrect Default Permissions vulnerability in Intel Ethernet Controller I210 Firmware
Improper default permissions in the firmware for the Intel(R) Ethernet I210 Controller series of network adapters before version 3.30 may allow an authenticated user to potentially enable denial of service via local access.
local
low complexity
intel CWE-276
2.1
2021-02-17 CVE-2021-20653 Incorrect Default Permissions vulnerability in NEC products
Calsos CSDJ (CSDJ-B 01.08.00 and earlier, CSDJ-H 01.08.00 and earlier, CSDJ-D 01.08.00 and earlier, and CSDJ-A 03.08.00 and earlier) allows remote attackers to bypass access restriction and to obtain unauthorized historical data without access privileges via unspecified vectors.
network
low complexity
nec CWE-276
5.0
2021-02-09 CVE-2020-28392 Incorrect Default Permissions vulnerability in Siemens Simaris Configuration
A vulnerability has been identified in SIMARIS configuration (All versions).
local
low complexity
siemens CWE-276
4.6
2021-02-09 CVE-2020-16144 Incorrect Default Permissions vulnerability in Owncloud Files Antivirus
When using an object storage like S3 as the file store, when a user creates a public link to a folder where anonymous users can upload files, and another user uploads a virus the files antivirus app would detect the virus but fails to delete it due to permission issues.
network
owncloud CWE-276
3.5
2021-02-09 CVE-2020-25245 Incorrect Default Permissions vulnerability in Siemens Digsi 4 4.94
A vulnerability has been identified in DIGSI 4 (All versions < V4.94 SP1 HF 1).
local
low complexity
siemens CWE-276
7.2
2021-02-09 CVE-2021-3394 Incorrect Default Permissions vulnerability in Millewin 13.39.028/13.39.146.1/13.39.28.3342
Millennium Millewin (also known as "Cartella clinica") 13.39.028, 13.39.28.3342, and 13.39.146.1 has insecure folder permissions allowing a malicious user for a local privilege escalation.
network
low complexity
millewin CWE-276
6.5