Vulnerabilities > Incorrect Default Permissions
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-08-16 | CVE-2021-39087 | Incorrect Default Permissions vulnerability in IBM Sterling B2B Integrator IBM Sterling B2B Integrator Standard Edition 6.0.0.0 through 6.0.3.5, 6.1.0.0 through 6.1.0.4, and 6.1.1.0 through 6.1.1.1 could allow an authenticated user to obtain sensitive information due to improper permission controls. | 6.5 |
| 2022-08-16 | CVE-2021-30490 | Incorrect Default Permissions vulnerability in Power-Software-Download Viewpower 1.0421012/1.0421353 upsMonitor in ViewPower (aka ViewPowerHTML) 1.04-21012 through 1.04-21353 has insecure permissions for the service binary that enable an Authenticated User to modify files, allowing for privilege escalation. | 7.8 |
| 2022-08-12 | CVE-2022-20272 | Incorrect Default Permissions vulnerability in Google Android 13.0 In PermissionController, there is a possible misunderstanding about the default SMS application's permission set due to misleading text. | 5.5 |
| 2022-08-11 | CVE-2022-20246 | Incorrect Default Permissions vulnerability in Google Android 13.0.0 In WindowManager, there is a possible bypass of the restrictions for starting activities from the background due to an incorrect UID/permission check. | 7.8 |
| 2022-08-10 | CVE-2022-37003 | Incorrect Default Permissions vulnerability in Huawei Emui, Harmonyos and Magic UI The AOD module has a vulnerability in permission assignment. | 9.8 |
| 2022-08-10 | CVE-2022-37006 | Incorrect Default Permissions vulnerability in Huawei Emui and Harmonyos Permission control vulnerability in the network module. | 7.5 |
| 2022-08-04 | CVE-2022-37030 | Incorrect Default Permissions vulnerability in Grommunio Gromox Weak permissions on the configuration file in the PAM module in Grommunio Gromox 0.5 through 1.x before 1.28 allow a local unprivileged user in the gromox group to have the PAM stack execute arbitrary code upon loading the Gromox PAM module. | 7.8 |
| 2022-07-20 | CVE-2022-22424 | Incorrect Default Permissions vulnerability in IBM Qradar Security Information and Event Manager IBM QRadar SIEM 7.3, 7.4, and 7.5 could allow a local user to obtain sensitive information from the TLS key file due to incorrect file permissions. | 5.5 |
| 2022-07-12 | CVE-2022-2366 | Incorrect Default Permissions vulnerability in Mattermost Server Incorrect default configuration for trusted IP header in Mattermost version 6.7.0 and earlier allows attacker to bypass some of the rate limitations in place or use manipulated IPs for audit logging via manipulating the request headers. | 5.3 |
| 2022-07-12 | CVE-2022-30753 | Incorrect Default Permissions vulnerability in Google Android 10.0/11.0/12.0 Improper use of a unique device ID in unprotected SecSoterService prior to SMR Jul-2022 Release 1 allows local attackers to get the device ID without permission. | 3.3 |