Vulnerabilities > Incorrect Default Permissions
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-11-03 | CVE-2022-43574 | Incorrect Default Permissions vulnerability in IBM products "IBM Robotic Process Automation 21.0.1, 21.0.2, 21.0.3, 21.0.4, and 21.0.5 is vulnerable to incorrect permission assignment which could allow access to application configurations. | 7.5 |
| 2022-11-01 | CVE-2020-36605 | Incorrect Default Permissions vulnerability in Hitachi products Incorrect Default Permissions vulnerability in Hitachi Infrastructure Analytics Advisor on Linux (Analytics probe component), Hitachi Ops Center Analyzer on Linux (Analyzer probe component), Hitachi Ops Center Viewpoint on Linux (Viewpoint RAID Agent component) allows local users to read and write specific files. This issue affects Hitachi Infrastructure Analytics Advisor: from 2.0.0-00 through 4.4.0-00; Hitachi Ops Center Analyzer: from 10.0.0-00 before 10.9.0-00; Hitachi Ops Center Viewpoint: from 10.8.0-00 before 10.9.0-00. | 4.4 |
| 2022-10-21 | CVE-2020-5355 | Incorrect Default Permissions vulnerability in Dell EMC Isilon Onefs The Dell Isilon OneFS versions 8.2.2 and earlier SSHD process improperly allows Transmission Control Protocol (TCP) and stream forwarding. | 4.3 |
| 2022-10-18 | CVE-2022-36438 | Incorrect Default Permissions vulnerability in Asus Asusswitch and System Control Interface AsusSwitch.exe on ASUS personal computers (running Windows) sets weak file permissions, leading to local privilege escalation (this also can be used to delete files within the system arbitrarily). | 7.8 |
| 2022-10-14 | CVE-2022-42464 | Incorrect Default Permissions vulnerability in Openharmony OpenHarmony-v3.1.2 and prior versions, 3.0.6 and prior versions have a Kernel memory pool override vulnerability in /dev/mmz_userdev device driver. | 7.8 |
| 2022-10-14 | CVE-2022-36803 | Incorrect Default Permissions vulnerability in Atlassian Jira Align The MasterUserEdit API in Atlassian Jira Align Server before version 10.109.2 allows An authenticated attacker with the People role permission to use the MasterUserEdit API to modify any users role to Super Admin. | 8.8 |
| 2022-10-13 | CVE-2022-40187 | Incorrect Default Permissions vulnerability in multiple products Foresight GC3 Launch Monitor 1.3.15.68 ships with a Target Communication Framework (TCF) service enabled. | 8.0 |
| 2022-10-12 | CVE-2022-33922 | Incorrect Default Permissions vulnerability in Dell Geodrive Dell GeoDrive, versions prior to 2.2, contains Insecure File and Folder Permissions vulnerabilities. | 7.8 |
| 2022-10-11 | CVE-2022-20435 | Incorrect Default Permissions vulnerability in Google Android There is a Unauthorized service in the system service, may cause the system reboot. | 7.8 |
| 2022-10-11 | CVE-2022-20436 | Incorrect Default Permissions vulnerability in Google Android There is an unauthorized service in the system service. | 7.8 |