Vulnerabilities > Incorrect Default Permissions

DATE CVE VULNERABILITY TITLE RISK
2022-10-12 CVE-2022-33922 Incorrect Default Permissions vulnerability in Dell Geodrive
Dell GeoDrive, versions prior to 2.2, contains Insecure File and Folder Permissions vulnerabilities.
local
low complexity
dell CWE-276
7.8
2022-10-11 CVE-2022-20435 Incorrect Default Permissions vulnerability in Google Android
There is a Unauthorized service in the system service, may cause the system reboot.
local
low complexity
google CWE-276
7.8
2022-10-11 CVE-2022-20436 Incorrect Default Permissions vulnerability in Google Android
There is an unauthorized service in the system service.
local
low complexity
google CWE-276
7.8
2022-10-10 CVE-2022-41748 Incorrect Default Permissions vulnerability in Trendmicro Apex ONE 2019
A registry permissions vulnerability in the Trend Micro Apex One Data Loss Prevention (DLP) module could allow a local attacker with administrative credentials to bypass certain elements of the product's anti-tampering mechanisms on affected installations.
local
low complexity
trendmicro CWE-276
6.7
2022-10-07 CVE-2022-41414 Incorrect Default Permissions vulnerability in Liferay Portal
An insecure default in the component auth.login.prompt.enabled of Liferay Portal v7.0.0 through v7.4.2 allows attackers to enumerate usernames, site names, and pages.
network
low complexity
liferay CWE-276
5.3
2022-10-06 CVE-2022-26235 Incorrect Default Permissions vulnerability in Beckmancoulter Remisol Advance 2.0.12.1
A vulnerability was discovered in the Remisol Advance v2.0.12.1 and below for the Normand Message Server.
local
low complexity
beckmancoulter CWE-276
7.8
2022-09-23 CVE-2022-3263 Incorrect Default Permissions vulnerability in Measuresoft Scadapro Server 6.7
The security descriptor of Measuresoft ScadaPro Server version 6.7 has inconsistent permissions, which could allow a local user with limited privileges to modify the service binary path and start malicious commands with SYSTEM privileges.
local
low complexity
measuresoft CWE-276
7.8
2022-09-20 CVE-2021-46834 Incorrect Default Permissions vulnerability in Huawei Jad-Al50 Firmware 102.0.0.225(C00E220R3P4)
A permission bypass vulnerability in Huawei cross device task management could allow an attacker to access certain resource in the attacked devices.
local
low complexity
huawei CWE-276
5.5
2022-09-19 CVE-2022-38764 Incorrect Default Permissions vulnerability in Trendmicro Housecall 1.62.1.1133
A vulnerability on Trend Micro HouseCall version 1.62.1.1133 and below could allow a local attacker to escalate privlieges due to an overly permissive folder om the product installer.
local
low complexity
trendmicro CWE-276
7.8
2022-09-13 CVE-2022-38466 Incorrect Default Permissions vulnerability in Siemens Coreshield One-Way Gateway
A vulnerability has been identified in CoreShield One-Way Gateway (OWG) Software (All versions < V2.2).
local
low complexity
siemens CWE-276
7.8