Vulnerabilities > Incorrect Default Permissions
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-06-23 | CVE-2023-23344 | Incorrect Default Permissions vulnerability in Hcltech Bigfix Webui Insights 14 A permission issue in BigFix WebUI Insights site version 14 allows an authenticated, unprivileged operator to access an administrator page. | 6.5 |
| 2023-06-16 | CVE-2023-25645 | Incorrect Default Permissions vulnerability in ZTE products There is a permission and access control vulnerability in some ZTE AndroidTV STBs. | 7.7 |
| 2023-06-13 | CVE-2022-33877 | Incorrect Default Permissions vulnerability in Fortinet Forticlient and Forticonverter An incorrect default permission [CWE-276] vulnerability in FortiClient (Windows) versions 7.0.0 through 7.0.6 and 6.4.0 through 6.4.8 and FortiConverter (Windows) versions 6.2.0 through 6.2.1, 7.0.0 and all versions of 6.0.0 may allow a local authenticated attacker to tamper with files in the installation folder, if FortiClient or FortiConverter is installed in an insecure folder. | 5.5 |
| 2023-06-07 | CVE-2023-31116 | Incorrect Default Permissions vulnerability in Samsung Exynos 5123 Firmware and Exynos 5300 Firmware An issue was discovered in the Shannon RCS component in Samsung Exynos Modem 5123 and 5300. | 9.8 |
| 2023-06-07 | CVE-2023-33282 | Incorrect Default Permissions vulnerability in Marvalglobal MSM 15.0 Marval MSM through 14.19.0.12476 and 15.0 has a System account with default credentials. | 9.8 |
| 2023-05-31 | CVE-2023-33966 | Incorrect Default Permissions vulnerability in Deno and Deno Runtime Deno is a runtime for JavaScript and TypeScript. | 9.8 |
| 2023-05-31 | CVE-2023-2749 | Incorrect Default Permissions vulnerability in Asustor Download Center Download Center fails to properly validate the file path submitted by a user, An attacker can exploit this vulnerability to gain unauthorized access to sensitive files or directories without appropriate permission restrictions. | 7.5 |
| 2023-05-30 | CVE-2023-29731 | Incorrect Default Permissions vulnerability in Loka Solive 1.6.14/1.6.16/1.6.20 SoLive 1.6.14 thru 1.6.20 for Android has an exposed component that provides a method to modify the SharedPreference file. | 7.5 |
| 2023-05-30 | CVE-2023-29732 | Incorrect Default Permissions vulnerability in Loka Solive 1.6.14/1.6.16/1.6.20 SoLive 1.6.14 thru 1.6.20 for Android exists exposed component, the component provides the method to modify the SharedPreference file. | 9.8 |
| 2023-05-30 | CVE-2022-45853 | Incorrect Default Permissions vulnerability in Zyxel products The privilege escalation vulnerability in the Zyxel GS1900-8 firmware version V2.70(AAHH.3) and the GS1900-8HP firmware version V2.70(AAHI.3) could allow an authenticated, local attacker with administrator privileges to execute some system commands as 'root' on a vulnerable device via SSH. | 6.7 |