Vulnerabilities > Incorrect Default Permissions

DATE CVE VULNERABILITY TITLE RISK
2022-08-18 CVE-2021-44470 Incorrect Default Permissions vulnerability in Intel Connect M
Incorrect default permissions for the Intel(R) Connect M Android application before version 1.7.4 may allow an authenticated user to potentially enable information disclosure via local access.
local
low complexity
intel CWE-276
5.5
2022-08-18 CVE-2022-26344 Incorrect Default Permissions vulnerability in Intel Single Event API
Incorrect default permissions in the installation binaries for Intel(R) SEAPI all versions may allow an authenticated user to potentially enable escalation of privilege via local access.
local
low complexity
intel CWE-276
7.8
2022-08-18 CVE-2022-27500 Incorrect Default Permissions vulnerability in Intel Support
Incorrect default permissions for the Intel(R) Support Android application before 21.07.40 may allow an authenticated user to potentially enable information disclosure via local access.
local
low complexity
intel CWE-276
5.5
2022-08-16 CVE-2021-39087 Incorrect Default Permissions vulnerability in IBM Sterling B2B Integrator
IBM Sterling B2B Integrator Standard Edition 6.0.0.0 through 6.0.3.5, 6.1.0.0 through 6.1.0.4, and 6.1.1.0 through 6.1.1.1 could allow an authenticated user to obtain sensitive information due to improper permission controls.
network
low complexity
ibm CWE-276
6.5
2022-08-16 CVE-2021-30490 Incorrect Default Permissions vulnerability in Power-Software-Download Viewpower 1.0421012/1.0421353
upsMonitor in ViewPower (aka ViewPowerHTML) 1.04-21012 through 1.04-21353 has insecure permissions for the service binary that enable an Authenticated User to modify files, allowing for privilege escalation.
local
low complexity
power-software-download CWE-276
7.8
2022-08-12 CVE-2022-20272 Incorrect Default Permissions vulnerability in Google Android 13.0
In PermissionController, there is a possible misunderstanding about the default SMS application's permission set due to misleading text.
local
low complexity
google CWE-276
5.5
2022-08-11 CVE-2022-20246 Incorrect Default Permissions vulnerability in Google Android 13.0.0
In WindowManager, there is a possible bypass of the restrictions for starting activities from the background due to an incorrect UID/permission check.
local
low complexity
google CWE-276
7.8
2022-08-10 CVE-2022-37003 Incorrect Default Permissions vulnerability in Huawei Emui, Harmonyos and Magic UI
The AOD module has a vulnerability in permission assignment.
network
low complexity
huawei CWE-276
critical
9.8
2022-08-10 CVE-2022-37006 Incorrect Default Permissions vulnerability in Huawei Emui and Harmonyos
Permission control vulnerability in the network module.
network
low complexity
huawei CWE-276
7.5
2022-08-04 CVE-2022-37030 Incorrect Default Permissions vulnerability in Grommunio Gromox
Weak permissions on the configuration file in the PAM module in Grommunio Gromox 0.5 through 1.x before 1.28 allow a local unprivileged user in the gromox group to have the PAM stack execute arbitrary code upon loading the Gromox PAM module.
local
low complexity
grommunio CWE-276
7.8