Vulnerabilities > Incorrect Default Permissions
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-10-21 | CVE-2020-5355 | Incorrect Default Permissions vulnerability in Dell EMC Isilon Onefs The Dell Isilon OneFS versions 8.2.2 and earlier SSHD process improperly allows Transmission Control Protocol (TCP) and stream forwarding. | 4.3 |
| 2022-10-18 | CVE-2022-36438 | Incorrect Default Permissions vulnerability in Asus Asusswitch and System Control Interface AsusSwitch.exe on ASUS personal computers (running Windows) sets weak file permissions, leading to local privilege escalation (this also can be used to delete files within the system arbitrarily). | 7.8 |
| 2022-10-14 | CVE-2022-42464 | Incorrect Default Permissions vulnerability in Openharmony OpenHarmony-v3.1.2 and prior versions, 3.0.6 and prior versions have a Kernel memory pool override vulnerability in /dev/mmz_userdev device driver. | 7.8 |
| 2022-10-14 | CVE-2022-36803 | Incorrect Default Permissions vulnerability in Atlassian Jira Align The MasterUserEdit API in Atlassian Jira Align Server before version 10.109.2 allows An authenticated attacker with the People role permission to use the MasterUserEdit API to modify any users role to Super Admin. | 8.8 |
| 2022-10-13 | CVE-2022-40187 | Incorrect Default Permissions vulnerability in multiple products Foresight GC3 Launch Monitor 1.3.15.68 ships with a Target Communication Framework (TCF) service enabled. | 8.0 |
| 2022-10-12 | CVE-2022-33922 | Incorrect Default Permissions vulnerability in Dell Geodrive Dell GeoDrive, versions prior to 2.2, contains Insecure File and Folder Permissions vulnerabilities. | 7.8 |
| 2022-10-11 | CVE-2022-20435 | Incorrect Default Permissions vulnerability in Google Android There is a Unauthorized service in the system service, may cause the system reboot. | 7.8 |
| 2022-10-11 | CVE-2022-20436 | Incorrect Default Permissions vulnerability in Google Android There is an unauthorized service in the system service. | 7.8 |
| 2022-10-10 | CVE-2022-41748 | Incorrect Default Permissions vulnerability in Trendmicro Apex ONE 2019 A registry permissions vulnerability in the Trend Micro Apex One Data Loss Prevention (DLP) module could allow a local attacker with administrative credentials to bypass certain elements of the product's anti-tampering mechanisms on affected installations. | 6.7 |
| 2022-10-07 | CVE-2022-41414 | Incorrect Default Permissions vulnerability in Liferay Portal An insecure default in the component auth.login.prompt.enabled of Liferay Portal v7.0.0 through v7.4.2 allows attackers to enumerate usernames, site names, and pages. | 5.3 |