Vulnerabilities > Incorrect Default Permissions
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-11-28 | CVE-2022-4020 | Incorrect Default Permissions vulnerability in Acer products Vulnerability in the HQSwSmiDxe DXE driver on some consumer Acer Notebook devices may allow an attacker with elevated privileges to modify UEFI Secure Boot settings by modifying an NVRAM variable. | 8.2 |
| 2022-11-22 | CVE-2022-41943 | Incorrect Default Permissions vulnerability in Sourcegraph sourcegraph is a code intelligence platform. | 7.2 |
| 2022-11-15 | CVE-2022-42130 | Incorrect Default Permissions vulnerability in Liferay Digital Experience Platform and Liferay Portal The Dynamic Data Mapping module in Liferay Portal 7.1.0 through 7.4.3.4, and Liferay DXP 7.1 before fix pack 27, 7.2 before fix pack 19, 7.3 before update 4, and 7.4 GA does not properly check permission of form entries, which allows remote authenticated users to view and access all form entries. | 4.3 |
| 2022-11-15 | CVE-2022-42127 | Incorrect Default Permissions vulnerability in Liferay Digital Experience Platform and Liferay Portal The Friendly Url module in Liferay Portal 7.4.3.5 through 7.4.3.36, and Liferay DXP 7.4 update 1 though 36 does not properly check user permissions, which allows remote attackers to obtain the history of all friendly URLs that was assigned to a page. | 5.3 |
| 2022-11-15 | CVE-2022-42128 | Incorrect Default Permissions vulnerability in Liferay Digital Experience Platform and Liferay Portal The Hypermedia REST APIs module in Liferay Portal 7.4.1 through 7.4.3.4, and Liferay DXP 7.4 GA does not properly check permissions, which allows remote attackers to obtain a WikiNode object via the WikiNodeResource.getSiteWikiNodeByExternalReferenceCode API. | 5.3 |
| 2022-11-11 | CVE-2022-36367 | Incorrect Default Permissions vulnerability in Intel Support 21.7.40 Incorrect default permissions in the Intel(R) Support Android application before version v22.02.28 may allow a privileged user to potentially enable information disclosure via local access. | 4.4 |
| 2022-11-11 | CVE-2022-36377 | Incorrect Default Permissions vulnerability in Intel NUC KIT Wireless Adapter Driver Installer Insecure inherited permissions in some Intel(R) Wireless Adapter Driver installation software for Intel(R) NUC Kits & Mini PCs before version 22.190.0.3 for Windows may allow an authenticated user to potentially enable escalation of privilege via local access. | 7.8 |
| 2022-11-09 | CVE-2022-44548 | Incorrect Default Permissions vulnerability in Huawei Emui and Harmonyos There is a vulnerability in permission verification during the Bluetooth pairing process. | 4.3 |
| 2022-11-09 | CVE-2022-44561 | Incorrect Default Permissions vulnerability in Huawei Emui and Harmonyos The preset launcher module has a permission verification vulnerability. | 7.5 |
| 2022-11-08 | CVE-2022-34824 | Incorrect Default Permissions vulnerability in NEC products Weak File and Folder Permissions vulnerability in CLUSTERPRO X 5.0 for Windows and earlier, EXPRESSCLUSTER X 5.0 for Windows and earlier, CLUSTERPRO X 5.0 SingleServerSafe for Windows and earlier, EXPRESSCLUSTER X 5.0 SingleServerSafe for Windows and earlier allows a remote unauthenticated attacker to overwrite existing files on the file system and to potentially execute arbitrary code. | 9.8 |