Vulnerabilities > Incorrect Default Permissions
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-03-07 | CVE-2023-1229 | Incorrect Default Permissions vulnerability in Google Chrome Inappropriate implementation in Permission prompts in Google Chrome prior to 111.0.5563.64 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page. | 4.3 |
| 2023-02-28 | CVE-2023-25540 | Incorrect Default Permissions vulnerability in Dell EMC Powerscale Onefs Dell PowerScale OneFS 9.4.0.x contains an incorrect default permissions vulnerability. | 7.1 |
| 2023-02-28 | CVE-2020-36652 | Incorrect Default Permissions vulnerability in Hitachi products Incorrect Default Permissions vulnerability in Hitachi Automation Director on Linux, Hitachi Infrastructure Analytics Advisor on Linux (Hitachi Infrastructure Analytics Advisor, Analytics probe server components), Hitachi Ops Center Automator on Linux, Hitachi Ops Center Analyzer on Linux (Hitachi Ops Center Analyzer, Analyzer probe server components), Hitachi Ops Center Viewpoint on Linux (Viewpoint RAID Agent component) allows local users to read and write specific files. This issue affects Hitachi Automation Director: from 8.2.0-00 through 10.6.1-00; Hitachi Infrastructure Analytics Advisor: from 2.0.0-00 through 4.0.0-00; Hitachi Ops Center Automator: before 10.9.1-00; Hitachi Ops Center Analyzer: before 10.9.1-00; Hitachi Ops Center Viewpoint: before 10.9.1-00. | 7.1 |
| 2023-02-28 | CVE-2022-3884 | Incorrect Default Permissions vulnerability in Hitachi OPS Center Analyzer 10.9.000 Incorrect Default Permissions vulnerability in Hitachi Ops Center Analyzer on Windows (Hitachi Ops Center Analyzer RAID Agent component) allows local users to read and write specific files.This issue affects Hitachi Ops Center Analyzer: from 10.9.0-00 before 10.9.0-01. | 7.1 |
| 2023-02-17 | CVE-2021-34164 | Incorrect Default Permissions vulnerability in Lizhifaka Project Lizhifaka 2.2.0 Permissions vulnerability in LIZHIFAKA v.2.2.0 allows authenticated attacker to execute arbitrary commands via the set password function in the admin/index/email location. | 8.8 |
| 2023-02-17 | CVE-2021-34182 | Incorrect Default Permissions vulnerability in Ttyd Project Ttyd 1.6.3 An issue in ttyd v.1.6.3 allows attacker to execute arbitrary code via default configuration permissions. | 9.8 |
| 2023-02-17 | CVE-2022-40232 | Incorrect Default Permissions vulnerability in IBM Sterling B2B Integrator IBM Sterling B2B Integrator Standard Edition 6.1.0.0 through 6.1.1.1, and 6.1.2.0 could allow an authenticated user to perform actions they should not have access to due to improper permission controls. | 8.8 |
| 2023-02-16 | CVE-2022-33196 | Incorrect Default Permissions vulnerability in Intel products Incorrect default permissions in some memory controller configurations for some Intel(R) Xeon(R) Processors when using Intel(R) Software Guard Extensions which may allow a privileged user to potentially enable escalation of privilege via local access. | 6.7 |
| 2023-02-16 | CVE-2022-36397 | Incorrect Default Permissions vulnerability in Intel Quickassist Technology 1.7.L.4.10.0/4.2 Incorrect default permissions in the software installer for some Intel(R) QAT drivers for Linux before version 4.17 may allow an authenticated user to potentially enable escalation of privilege via local access. | 7.8 |
| 2023-02-15 | CVE-2023-23848 | Incorrect Default Permissions vulnerability in Jenkins Synopsys Coverity Missing permission checks in Synopsys Jenkins Coverity Plugin 3.0.2 and earlier allow attackers with Overall/Read permission to connect to an attacker-specified HTTP server using attacker-specified credentials IDs obtained through another method, capturing credentials stored in Jenkins. | 4.3 |