Vulnerabilities > Incorrect Default Permissions
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2022-12-08 | CVE-2022-45118 | Incorrect Default Permissions vulnerability in Openharmony OpenHarmony-v3.1.2 and prior versions had a vulnerability that telephony in communication subsystem sends public events with personal data, but the permission is not set. | 5.5 |
2022-12-06 | CVE-2022-46382 | Incorrect Default Permissions vulnerability in Rackn Digital Rebar RackN Digital Rebar through 4.6.14, 4.7 through 4.7.22, 4.8 through 4.8.5, 4.9 through 4.9.12, and 4.10 through 4.10.8 has Insecure Permissions. | 8.8 |
2022-12-02 | CVE-2022-45562 | Incorrect Default Permissions vulnerability in Telosalliance Omnia MPX Node Firmware Insecure permissions in Telos Alliance Omnia MPX Node v1.0.0 to v1.4.9 allow attackers to manipulate and access system settings with backdoor account low privilege, this can lead to change hardware settings and execute arbitrary commands in vulnerable system functions that is requires high privilege to access. | 8.8 |
2022-12-01 | CVE-2022-42718 | Incorrect Default Permissions vulnerability in NI Labview Command Line Interface Incorrect default permissions in the installation folder for NI LabVIEW Command Line Interface (CLI) may allow an authenticated user to potentially enable escalation of privilege via local access. | 7.8 |
2022-11-28 | CVE-2022-4020 | Incorrect Default Permissions vulnerability in Acer products Vulnerability in the HQSwSmiDxe DXE driver on some consumer Acer Notebook devices may allow an attacker with elevated privileges to modify UEFI Secure Boot settings by modifying an NVRAM variable. | 8.2 |
2022-11-15 | CVE-2022-42130 | Incorrect Default Permissions vulnerability in Liferay Digital Experience Platform and Liferay Portal The Dynamic Data Mapping module in Liferay Portal 7.1.0 through 7.4.3.4, and Liferay DXP 7.1 before fix pack 27, 7.2 before fix pack 19, 7.3 before update 4, and 7.4 GA does not properly check permission of form entries, which allows remote authenticated users to view and access all form entries. | 4.3 |
2022-11-15 | CVE-2022-42127 | Incorrect Default Permissions vulnerability in Liferay Digital Experience Platform and Liferay Portal The Friendly Url module in Liferay Portal 7.4.3.5 through 7.4.3.36, and Liferay DXP 7.4 update 1 though 36 does not properly check user permissions, which allows remote attackers to obtain the history of all friendly URLs that was assigned to a page. | 5.3 |
2022-11-15 | CVE-2022-42128 | Incorrect Default Permissions vulnerability in Liferay Digital Experience Platform and Liferay Portal The Hypermedia REST APIs module in Liferay Portal 7.4.1 through 7.4.3.4, and Liferay DXP 7.4 GA does not properly check permissions, which allows remote attackers to obtain a WikiNode object via the WikiNodeResource.getSiteWikiNodeByExternalReferenceCode API. | 5.3 |
2022-11-11 | CVE-2022-36367 | Incorrect Default Permissions vulnerability in Intel Support 21.7.40 Incorrect default permissions in the Intel(R) Support Android application before version v22.02.28 may allow a privileged user to potentially enable information disclosure via local access. | 4.4 |
2022-11-11 | CVE-2022-36377 | Incorrect Default Permissions vulnerability in Intel NUC KIT Wireless Adapter Driver Installer Insecure inherited permissions in some Intel(R) Wireless Adapter Driver installation software for Intel(R) NUC Kits & Mini PCs before version 22.190.0.3 for Windows may allow an authenticated user to potentially enable escalation of privilege via local access. | 7.8 |