Vulnerabilities > Incorrect Default Permissions
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-09-02 | CVE-2022-36640 | Incorrect Default Permissions vulnerability in Influxdata Influxdb influxData influxDB before v1.8.10 contains no authentication mechanism or controls, allowing unauthenticated attackers to execute arbitrary commands. | 9.8 |
| 2022-09-01 | CVE-2022-32743 | Incorrect Default Permissions vulnerability in multiple products Samba does not validate the Validated-DNS-Host-Name right for the dNSHostName attribute which could permit unprivileged users to write it. | 7.5 |
| 2022-08-30 | CVE-2022-37173 | Incorrect Default Permissions vulnerability in VIM Gvim 9.0.0000 An issue in the installer of gvim 9.0.0000 allows authenticated attackers to execute arbitrary code via a binary hijacking attack on C:\Program.exe. | 7.8 |
| 2022-08-29 | CVE-2022-0336 | Incorrect Default Permissions vulnerability in multiple products The Samba AD DC includes checks when adding service principals names (SPNs) to an account to ensure that SPNs do not alias with those already in the database. | 8.8 |
| 2022-08-23 | CVE-2021-3917 | Incorrect Default Permissions vulnerability in Redhat Coreos-Installer A flaw was found in the coreos-installer, where it writes the Ignition config to the target system with world-readable access permissions. | 5.5 |
| 2022-08-23 | CVE-2021-3701 | Incorrect Default Permissions vulnerability in Redhat Ansible Runner 2.0.0 A flaw was found in ansible-runner where the default temporary files configuration in ansible-2.0.0 are written to world R/W locations. | 6.6 |
| 2022-08-22 | CVE-2021-37289 | Incorrect Default Permissions vulnerability in Planex Mzk-Dp150N Firmware 1.42/1.43 Insecure Permissions in administration interface in Planex MZK-DP150N 1.42 and 1.43 allows attackers to execute system command as root via etc_ro/web/syscmd.asp. | 7.2 |
| 2022-08-18 | CVE-2021-44470 | Incorrect Default Permissions vulnerability in Intel Connect M Incorrect default permissions for the Intel(R) Connect M Android application before version 1.7.4 may allow an authenticated user to potentially enable information disclosure via local access. | 5.5 |
| 2022-08-18 | CVE-2022-26344 | Incorrect Default Permissions vulnerability in Intel Single Event API Incorrect default permissions in the installation binaries for Intel(R) SEAPI all versions may allow an authenticated user to potentially enable escalation of privilege via local access. | 7.8 |
| 2022-08-18 | CVE-2022-27500 | Incorrect Default Permissions vulnerability in Intel Support Incorrect default permissions for the Intel(R) Support Android application before 21.07.40 may allow an authenticated user to potentially enable information disclosure via local access. | 5.5 |