Vulnerabilities > Incorrect Default Permissions
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-06-24 | CVE-2021-41637 | Incorrect Default Permissions vulnerability in Melag FTP Server 2.2.0.4 Weak access control permissions in MELAG FTP Server 2.2.0.4 allow the "Everyone" group to read the local FTP configuration file, which includes among other information the unencrypted passwords of all FTP users. | 3.6 |
| 2022-06-21 | CVE-2022-1833 | Incorrect Default Permissions vulnerability in Redhat AMQ Broker 7.9.4 A flaw was found in AMQ Broker Operator 7.9.4 installed via UI using OperatorHub where a low-privilege user that has access to the namespace where the AMQ Operator is deployed has access to clusterwide edit rights by checking the secrets. | 6.5 |
| 2022-06-17 | CVE-2022-33912 | Incorrect Default Permissions vulnerability in multiple products A permission issue affects users that deployed the shipped version of the Checkmk Debian package. | 7.8 |
| 2022-06-15 | CVE-2022-31071 | Incorrect Default Permissions vulnerability in Octopoller Project Octopoller 0.2.0 Octopoller is a micro gem for polling and retrying. | 2.1 |
| 2022-06-15 | CVE-2022-31072 | Incorrect Default Permissions vulnerability in Octokit Project Octokit 4.23.0/4.24.0 Octokit is a Ruby toolkit for the GitHub API. | 2.1 |
| 2022-06-13 | CVE-2022-32562 | Incorrect Default Permissions vulnerability in Couchbase Server An issue was discovered in Couchbase Server before 7.0.4. | 6.5 |
| 2022-06-13 | CVE-2021-46811 | Incorrect Default Permissions vulnerability in Huawei Emui, Harmonyos and Magic UI HwSEServiceAPP has a vulnerability in permission management. | 5.0 |
| 2022-06-09 | CVE-2022-25804 | Incorrect Default Permissions vulnerability in Igel Universal Management Suite 6.07.100 An issue was discovered in the IGEL Universal Management Suite (UMS) 6.07.100. | 2.1 |
| 2022-06-07 | CVE-2022-30747 | Incorrect Default Permissions vulnerability in Samsung Smartthings 1.7.73.22/1.7.85.12 PendingIntent hijacking vulnerability in Smart Things prior to 1.7.85.25 allows local attackers to access files without permission via implicit Intent. | 2.1 |
| 2022-06-02 | CVE-2022-28702 | Incorrect Default Permissions vulnerability in ABB E-Design Incorrect Default Permissions vulnerability in ABB e-Design allows attacker to install malicious software executing with SYSTEM permissions violating confidentiality, integrity, and availability of the target machine. | 5.5 |