Vulnerabilities > Incorrect Default Permissions

DATE CVE VULNERABILITY TITLE RISK
2024-12-11 CVE-2024-10251 Incorrect Default Permissions vulnerability in Ivanti Security Controls
Under specific circumstances, insecure permissions in Ivanti Security Controls before version 2024.4.1 allows a local authenticated attacker to achieve local privilege escalation.
local
low complexity
ivanti CWE-276
7.8
7.8
2024-12-11 CVE-2024-11597 Incorrect Default Permissions vulnerability in Ivanti Performance Manager 2023.3/2024.1/2024.3
Under specific circumstances, insecure permissions in Ivanti Performance Manager before version 2024.3 HF1, 2024.1 HF1, or 2023.3 HF1 allows a local authenticated attacker to achieve local privilege escalation.
local
low complexity
ivanti CWE-276
7.8
7.8
2024-12-11 CVE-2024-11598 Incorrect Default Permissions vulnerability in Ivanti Application Control 2023.3/2024.1/2024.3
Under specific circumstances, insecure permissions in Ivanti Application Control before version 2024.3 HF1, 2024.1 HF2, or 2023.3 HF3 allows a local authenticated attacker to achieve local privilege escalation.
local
low complexity
ivanti CWE-276
7.8
7.8
2024-12-11 CVE-2024-8496 Incorrect Default Permissions vulnerability in Ivanti Workspace Control
Under specific circumstances, insecure permissions in Ivanti Workspace Control before version 10.18.40.0 allows a local authenticated attacker to achieve local privilege escalation.
local
low complexity
ivanti CWE-276
7.8
7.8
2024-12-11 CVE-2024-9845 Incorrect Default Permissions vulnerability in Ivanti Automation
Under specific circumstances, insecure permissions in Ivanti Automation before version 2024.4.0.1 allows a local authenticated attacker to achieve local privilege escalation.
local
low complexity
ivanti CWE-276
7.8
7.8
2024-11-15 CVE-2017-13310 Incorrect Default Permissions vulnerability in Google Android
In createFromParcel of ViewPager.java, there is a possible read/write serialization issue leading to a permissions bypass.
local
low complexity
google CWE-276
7.8
7.8
2024-11-12 CVE-2024-21937 Incorrect Default Permissions vulnerability in AMD Radeon Software and Radeon Software for HIP
Incorrect default permissions in the AMD HIP SDK installation directory could allow an attacker to achieve privilege escalation potentially resulting in arbitrary code execution.
local
low complexity
amd CWE-276
7.8
7.8
2024-11-12 CVE-2024-21938 Incorrect Default Permissions vulnerability in AMD Management Plugin for Sccm
Incorrect default permissions in the AMD Management Plugin for the Microsoft® System Center Configuration Manager (SCCM) installation directory could allow an attacker to achieve privilege escalation, potentially resulting in arbitrary code execution.
local
low complexity
amd CWE-276
7.8
7.8
2024-11-12 CVE-2024-21939 Incorrect Default Permissions vulnerability in AMD Cloud Manageability Service
Incorrect default permissions in the AMD Cloud Manageability Service (ACMS) Software installation directory could allow an attacker to achieve privilege escalation potentially resulting in arbitrary code execution.
local
low complexity
amd CWE-276
7.3
7.3
2024-11-12 CVE-2024-21945 Incorrect Default Permissions vulnerability in AMD Ryzen Master Monitoring Software Development KIT
Incorrect default permissions in the AMD RyzenTM Master monitoring SDK installation directory could allow an attacker to achieve privilege escalation potentially resulting in arbitrary code execution.
local
low complexity
amd CWE-276
7.3
7.3