Vulnerabilities > Incorrect Default Permissions
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-01-17 | CVE-2020-36611 | Incorrect Default Permissions vulnerability in Hitachi Tuning Manager Incorrect Default Permissions vulnerability in Hitachi Tuning Manager on Linux (Hitachi Tuning Manager server, Hitachi Tuning Manager - Agent for RAID, Hitachi Tuning Manager - Agent for NAS, Hitachi Tuning Manager - Agent for SAN Switch components) allows local users to read and write specific files.This issue affects Hitachi Tuning Manager: before 8.8.5-00. | 7.1 |
| 2022-12-22 | CVE-2022-29909 | Incorrect Default Permissions vulnerability in Mozilla Thunderbird Documents in deeply-nested cross-origin browsing contexts could have obtained permissions granted to the top-level origin, bypassing the existing prompt and wrongfully inheriting the top-level permissions. | 8.8 |
| 2022-12-20 | CVE-2022-47551 | Incorrect Default Permissions vulnerability in Apiman Apiman 1.5.7 through 2.2.3.Final has insufficient checks for read permissions within the Apiman Manager REST API. | 6.5 |
| 2022-12-13 | CVE-2022-20611 | Incorrect Default Permissions vulnerability in Google Android In deletePackageVersionedInternal of DeletePackageHelper.java, there is a possible way to bypass carrier restrictions due to a permissions bypass. | 7.8 |
| 2022-12-12 | CVE-2022-42446 | Incorrect Default Permissions vulnerability in Hcltech Sametime 12.0 Starting with Sametime 12, anonymous users are enabled by default. | 6.5 |
| 2022-12-08 | CVE-2022-45118 | Incorrect Default Permissions vulnerability in Openharmony OpenHarmony-v3.1.2 and prior versions had a vulnerability that telephony in communication subsystem sends public events with personal data, but the permission is not set. | 5.5 |
| 2022-12-06 | CVE-2022-46382 | Incorrect Default Permissions vulnerability in Rackn Digital Rebar RackN Digital Rebar through 4.6.14, 4.7 through 4.7.22, 4.8 through 4.8.5, 4.9 through 4.9.12, and 4.10 through 4.10.8 has Insecure Permissions. | 8.8 |
| 2022-12-02 | CVE-2022-45562 | Incorrect Default Permissions vulnerability in Telosalliance Omnia MPX Node Firmware Insecure permissions in Telos Alliance Omnia MPX Node v1.0.0 to v1.4.9 allow attackers to manipulate and access system settings with backdoor account low privilege, this can lead to change hardware settings and execute arbitrary commands in vulnerable system functions that is requires high privilege to access. | 8.8 |
| 2022-12-01 | CVE-2022-42718 | Incorrect Default Permissions vulnerability in NI Labview Command Line Interface Incorrect default permissions in the installation folder for NI LabVIEW Command Line Interface (CLI) may allow an authenticated user to potentially enable escalation of privilege via local access. | 7.8 |
| 2022-11-28 | CVE-2022-4020 | Incorrect Default Permissions vulnerability in Acer products Vulnerability in the HQSwSmiDxe DXE driver on some consumer Acer Notebook devices may allow an attacker with elevated privileges to modify UEFI Secure Boot settings by modifying an NVRAM variable. | 8.2 |