Vulnerabilities > Incorrect Default Permissions
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-02-01 | CVE-2022-45099 | Incorrect Default Permissions vulnerability in Dell EMC Powerscale Onefs Dell PowerScale OneFS, versions 8.2.x-9.4.x, contain a weak encoding for a NDMP password. | 7.8 |
| 2023-01-26 | CVE-2022-3432 | Incorrect Default Permissions vulnerability in Lenovo Ideapad Y700-14Isk Firmware A potential vulnerability in a driver used during manufacturing process on the Ideapad Y700-14ISK that was mistakenly not deactivated may allow an attacker with elevated privileges to modify secure boot setting by modifying an NVRAM variable. | 6.7 |
| 2023-01-23 | CVE-2022-3430 | Incorrect Default Permissions vulnerability in Lenovo products A potential vulnerability in the WMI Setup driver on some consumer Lenovo Notebook devices may allow an attacker with elevated privileges to modify secure boot setting by modifying an NVRAM variable. | 6.7 |
| 2023-01-20 | CVE-2022-1109 | Incorrect Default Permissions vulnerability in Lenovo Leyun An incorrect default permissions vulnerability in Lenovo Leyun cloud music application could allow denial of service. | 7.5 |
| 2023-01-20 | CVE-2023-20043 | Incorrect Default Permissions vulnerability in Cisco CX Cloud Agent A vulnerability in Cisco CX Cloud Agent of could allow an authenticated, local attacker to elevate their privileges. This vulnerability is due to insecure file permissions. | 6.7 |
| 2023-01-17 | CVE-2020-36611 | Incorrect Default Permissions vulnerability in Hitachi Tuning Manager Incorrect Default Permissions vulnerability in Hitachi Tuning Manager on Linux (Hitachi Tuning Manager server, Hitachi Tuning Manager - Agent for RAID, Hitachi Tuning Manager - Agent for NAS, Hitachi Tuning Manager - Agent for SAN Switch components) allows local users to read and write specific files.This issue affects Hitachi Tuning Manager: before 8.8.5-00. | 7.1 |
| 2022-12-22 | CVE-2022-29909 | Incorrect Default Permissions vulnerability in Mozilla Thunderbird Documents in deeply-nested cross-origin browsing contexts could have obtained permissions granted to the top-level origin, bypassing the existing prompt and wrongfully inheriting the top-level permissions. | 8.8 |
| 2022-12-20 | CVE-2022-47551 | Incorrect Default Permissions vulnerability in Apiman Apiman 1.5.7 through 2.2.3.Final has insufficient checks for read permissions within the Apiman Manager REST API. | 6.5 |
| 2022-12-13 | CVE-2022-20611 | Incorrect Default Permissions vulnerability in Google Android In deletePackageVersionedInternal of DeletePackageHelper.java, there is a possible way to bypass carrier restrictions due to a permissions bypass. | 7.8 |
| 2022-12-12 | CVE-2022-42446 | Incorrect Default Permissions vulnerability in Hcltech Sametime 12.0 Starting with Sametime 12, anonymous users are enabled by default. | 6.5 |