Vulnerabilities > Incorrect Default Permissions
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-05-22 | CVE-2023-29838 | Incorrect Default Permissions vulnerability in Allwaysync 19.0.3.0 Insecure Permission vulnerability found in Botkind/Siber Systems SyncApp v.19.0.3.0 allows a local attacker toe escalate privileges via the SyncService.exe file. | 7.8 |
| 2023-05-18 | CVE-2022-45452 | Incorrect Default Permissions vulnerability in Acronis Agent and Cyber Protect Local privilege escalation due to insecure folder permissions. | 7.8 |
| 2023-05-18 | CVE-2022-45459 | Incorrect Default Permissions vulnerability in Acronis Agent and Cyber Protect Sensitive information disclosure due to insecure registry permissions. | 7.5 |
| 2023-05-16 | CVE-2023-32996 | Incorrect Default Permissions vulnerability in Jenkins Saml Single Sign-On A missing permission check in Jenkins SAML Single Sign On(SSO) Plugin 2.0.0 and earlier allows attackers with Overall/Read permission to send an HTTP POST request with JSON body containing attacker-specified content, to miniOrange's API for sending emails. | 4.3 |
| 2023-05-16 | CVE-2023-32999 | Incorrect Default Permissions vulnerability in Jenkins Appspider A missing permission check in Jenkins AppSpider Plugin 1.0.15 and earlier allows attackers with Overall/Read permission to connect to an attacker-specified URL and send an HTTP POST request with a JSON payload consisting of attacker-specified credentials. | 4.3 |
| 2023-05-15 | CVE-2023-21104 | Incorrect Default Permissions vulnerability in Google Android 12.1/13.0 In applySyncTransaction of WindowOrganizer.java, a missing permission check could lead to local information disclosure with no additional execution privileges needed. | 5.5 |
| 2023-05-15 | CVE-2023-21107 | Incorrect Default Permissions vulnerability in Google Android In retrieveAppEntry of NotificationAccessDetails.java, there is a missing permission check. | 7.8 |
| 2023-05-10 | CVE-2022-30338 | Incorrect Default Permissions vulnerability in Intel Virtual Raid on CPU Incorrect default permissions in the Intel(R) VROC software before version 7.7.6.1003 may allow an authenticated user to potentially enable escalation of privilege via local access. | 7.8 |
| 2023-05-10 | CVE-2022-33963 | Incorrect Default Permissions vulnerability in Intel Unite Incorrect default permissions in the software installer for Intel(R) Unite(R) Client software for Windows before version 4.2.34870 may allow an authenticated user to potentially enable escalation of privilege via local access. | 7.8 |
| 2023-05-10 | CVE-2022-36391 | Incorrect Default Permissions vulnerability in Intel NUC PRO Software Suite Incorrect default permissions for the Intel(R) NUC Pro Software Suite before version 2.0.0.3 may allow an authenticated user to potentially enable escalation of privilege via local access. | 7.8 |