Vulnerabilities > Incorrect Default Permissions

DATE CVE VULNERABILITY TITLE RISK
2023-09-20 CVE-2023-4088 Incorrect Default Permissions vulnerability in Mitsubishielectric GX Works3
Incorrect Default Permissions vulnerability in Mitsubishi Electric Corporation multiple FA engineering software products allows a malicious local attacker to execute a malicious code, resulting in information disclosure, tampering with and deletion, or a denial-of-service (DoS) condition, if the product is installed in a folder other than the default installation folder.
local
low complexity
mitsubishielectric CWE-276
7.8
7.8
2023-09-15 CVE-2022-3466 Incorrect Default Permissions vulnerability in multiple products
The version of cri-o as released for Red Hat OpenShift Container Platform 4.9.48, 4.10.31, and 4.11.6 via RHBA-2022:6316, RHBA-2022:6257, and RHBA-2022:6658, respectively, included an incorrect version of cri-o missing the fix for CVE-2022-27652, which was previously fixed in OCP 4.9.41 and 4.10.12 via RHBA-2022:5433 and RHSA-2022:1600.
local
low complexity
kubernetes redhat CWE-276
5.3
5.3
2023-09-12 CVE-2023-37878 Incorrect Default Permissions vulnerability in Wftpserver Wing FTP Server
Insecure default permissions in Wing FTP Server (Admin Web Client) allows for privilege escalation.This issue affects Wing FTP Server: <= 7.2.0.
network
low complexity
wftpserver CWE-276
8.8
8.8
2023-09-11 CVE-2023-31067 Incorrect Default Permissions vulnerability in Tsplus Remote Access 16.0.0.0/16.0.2.14
An issue was discovered in TSplus Remote Access through 16.0.2.14.
network
low complexity
tsplus CWE-276
critical
 9.8
9.8
2023-09-11 CVE-2023-31068 Incorrect Default Permissions vulnerability in Tsplus Remote Access 16.0.0.0
An issue was discovered in TSplus Remote Access through 16.0.2.14.
network
low complexity
tsplus CWE-276
critical
 9.8
9.8
2023-09-11 CVE-2023-31468 Incorrect Default Permissions vulnerability in Inosoft Visiwin 7 20222.1
An issue was discovered in Inosoft VisiWin 7 through 2022-2.1 (Runtime RT7.3 RC3 20221209.5).
local
low complexity
inosoft CWE-276
7.8
7.8
2023-09-06 CVE-2023-34352 Incorrect Default Permissions vulnerability in Apple products
A permissions issue was addressed with improved redaction of sensitive information.
network
low complexity
apple CWE-276
5.3
5.3
2023-08-16 CVE-2023-2737 Incorrect Default Permissions vulnerability in Thalesgroup Safenet Authentication Service 3.4.0
Improper log permissions in SafeNet Authentication Service Version 3.4.0 on Windows allows an authenticated attacker to cause a denial of service via local privilege escalation.
local
low complexity
thalesgroup CWE-276
5.5
5.5
2023-08-11 CVE-2023-27392 Incorrect Default Permissions vulnerability in Intel Support 21.7.40/22.02.28
Incorrect default permissions in the Intel(R) Support android application before version v23.02.07 may allow a privileged user to potentially enable information disclosure via local access.
local
low complexity
intel CWE-276
4.4
4.4
2023-08-11 CVE-2023-27505 Incorrect Default Permissions vulnerability in Intel Advanced Link Analyzer
Incorrect default permissions in some Intel(R) Advanced Link Analyzer Standard Edition software installers before version 22.1 .1 may allow an authenticated user to potentially enable escalation of privilege via local access.
local
low complexity
intel CWE-276
7.8
7.8