Vulnerabilities > Incorrect Default Permissions
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2022-11-09 | CVE-2022-44548 | Incorrect Default Permissions vulnerability in Huawei Emui and Harmonyos There is a vulnerability in permission verification during the Bluetooth pairing process. | 4.3 |
2022-11-09 | CVE-2022-44561 | Incorrect Default Permissions vulnerability in Huawei Emui and Harmonyos The preset launcher module has a permission verification vulnerability. | 7.5 |
2022-11-08 | CVE-2022-34824 | Incorrect Default Permissions vulnerability in NEC products Weak File and Folder Permissions vulnerability in CLUSTERPRO X 5.0 for Windows and earlier, EXPRESSCLUSTER X 5.0 for Windows and earlier, CLUSTERPRO X 5.0 SingleServerSafe for Windows and earlier, EXPRESSCLUSTER X 5.0 SingleServerSafe for Windows and earlier allows a remote unauthenticated attacker to overwrite existing files on the file system and to potentially execute arbitrary code. | 9.8 |
2022-11-03 | CVE-2022-43574 | Incorrect Default Permissions vulnerability in IBM products "IBM Robotic Process Automation 21.0.1, 21.0.2, 21.0.3, 21.0.4, and 21.0.5 is vulnerable to incorrect permission assignment which could allow access to application configurations. | 7.5 |
2022-11-01 | CVE-2020-36605 | Incorrect Default Permissions vulnerability in Hitachi products Incorrect Default Permissions vulnerability in Hitachi Infrastructure Analytics Advisor on Linux (Analytics probe component), Hitachi Ops Center Analyzer on Linux (Analyzer probe component), Hitachi Ops Center Viewpoint on Linux (Viewpoint RAID Agent component) allows local users to read and write specific files. This issue affects Hitachi Infrastructure Analytics Advisor: from 2.0.0-00 through 4.4.0-00; Hitachi Ops Center Analyzer: from 10.0.0-00 before 10.9.0-00; Hitachi Ops Center Viewpoint: from 10.8.0-00 before 10.9.0-00. | 4.4 |
2022-10-21 | CVE-2020-5355 | Incorrect Default Permissions vulnerability in Dell EMC Isilon Onefs The Dell Isilon OneFS versions 8.2.2 and earlier SSHD process improperly allows Transmission Control Protocol (TCP) and stream forwarding. | 4.3 |
2022-10-18 | CVE-2022-36438 | Incorrect Default Permissions vulnerability in Asus Asusswitch and System Control Interface AsusSwitch.exe on ASUS personal computers (running Windows) sets weak file permissions, leading to local privilege escalation (this also can be used to delete files within the system arbitrarily). | 7.8 |
2022-10-14 | CVE-2022-42464 | Incorrect Default Permissions vulnerability in Openharmony OpenHarmony-v3.1.2 and prior versions, 3.0.6 and prior versions have a Kernel memory pool override vulnerability in /dev/mmz_userdev device driver. | 7.8 |
2022-10-14 | CVE-2022-36803 | Incorrect Default Permissions vulnerability in Atlassian Jira Align The MasterUserEdit API in Atlassian Jira Align Server before version 10.109.2 allows An authenticated attacker with the People role permission to use the MasterUserEdit API to modify any users role to Super Admin. | 8.8 |
2022-10-13 | CVE-2022-40187 | Incorrect Default Permissions vulnerability in multiple products Foresight GC3 Launch Monitor 1.3.15.68 ships with a Target Communication Framework (TCF) service enabled. | 8.0 |