Vulnerabilities > Incorrect Default Permissions
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2022-10-11 | CVE-2022-20436 | Incorrect Default Permissions vulnerability in Google Android There is an unauthorized service in the system service. | 7.8 |
2022-10-10 | CVE-2022-41748 | Incorrect Default Permissions vulnerability in Trendmicro Apex ONE 2019 A registry permissions vulnerability in the Trend Micro Apex One Data Loss Prevention (DLP) module could allow a local attacker with administrative credentials to bypass certain elements of the product's anti-tampering mechanisms on affected installations. | 6.7 |
2022-10-07 | CVE-2022-41414 | Incorrect Default Permissions vulnerability in Liferay Portal An insecure default in the component auth.login.prompt.enabled of Liferay Portal v7.0.0 through v7.4.2 allows attackers to enumerate usernames, site names, and pages. | 5.3 |
2022-10-06 | CVE-2022-26235 | Incorrect Default Permissions vulnerability in Beckmancoulter Remisol Advance A vulnerability was discovered in the Remisol Advance v2.0.12.1 and below for the Normand Message Server. | 7.8 |
2022-09-07 | CVE-2022-31251 | Incorrect Default Permissions vulnerability in Opensuse Factory A Incorrect Default Permissions vulnerability in the packaging of the slurm testsuite of openSUSE Factory allows local attackers with control over the slurm user to escalate to root. | 6.3 |
2022-09-06 | CVE-2022-2735 | Incorrect Default Permissions vulnerability in multiple products A vulnerability was found in the PCS project. | 7.8 |
2022-09-02 | CVE-2022-36640 | Incorrect Default Permissions vulnerability in Influxdata Influxdb influxData influxDB before v1.8.10 contains no authentication mechanism or controls, allowing unauthenticated attackers to execute arbitrary commands. | 9.8 |
2022-09-01 | CVE-2022-32743 | Incorrect Default Permissions vulnerability in multiple products Samba does not validate the Validated-DNS-Host-Name right for the dNSHostName attribute which could permit unprivileged users to write it. | 7.5 |
2022-08-29 | CVE-2022-0336 | Incorrect Default Permissions vulnerability in multiple products The Samba AD DC includes checks when adding service principals names (SPNs) to an account to ensure that SPNs do not alias with those already in the database. | 8.8 |
2022-08-23 | CVE-2021-3701 | Incorrect Default Permissions vulnerability in Redhat Ansible Runner 2.0.0 A flaw was found in ansible-runner where the default temporary files configuration in ansible-2.0.0 are written to world R/W locations. | 6.6 |