Vulnerabilities > Incorrect Default Permissions
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-08-30 | CVE-2022-37173 | Incorrect Default Permissions vulnerability in VIM Gvim 9.0.0000 An issue in the installer of gvim 9.0.0000 allows authenticated attackers to execute arbitrary code via a binary hijacking attack on C:\Program.exe. | 7.8 |
| 2022-08-29 | CVE-2022-0336 | Incorrect Default Permissions vulnerability in multiple products The Samba AD DC includes checks when adding service principals names (SPNs) to an account to ensure that SPNs do not alias with those already in the database. | 8.8 |
| 2022-08-23 | CVE-2021-3917 | Incorrect Default Permissions vulnerability in Redhat Coreos-Installer A flaw was found in the coreos-installer, where it writes the Ignition config to the target system with world-readable access permissions. | 5.5 |
| 2022-08-23 | CVE-2021-3701 | Incorrect Default Permissions vulnerability in Redhat Ansible Runner 2.0.0 A flaw was found in ansible-runner where the default temporary files configuration in ansible-2.0.0 are written to world R/W locations. | 6.6 |
| 2022-08-22 | CVE-2021-37289 | Incorrect Default Permissions vulnerability in Planex Mzk-Dp150N Firmware 1.42/1.43 Insecure Permissions in administration interface in Planex MZK-DP150N 1.42 and 1.43 allows attackers to execute system command as root via etc_ro/web/syscmd.asp. | 7.2 |
| 2022-08-18 | CVE-2021-44470 | Incorrect Default Permissions vulnerability in Intel Connect M Incorrect default permissions for the Intel(R) Connect M Android application before version 1.7.4 may allow an authenticated user to potentially enable information disclosure via local access. | 5.5 |
| 2022-08-18 | CVE-2022-26344 | Incorrect Default Permissions vulnerability in Intel Single Event API Incorrect default permissions in the installation binaries for Intel(R) SEAPI all versions may allow an authenticated user to potentially enable escalation of privilege via local access. | 7.8 |
| 2022-08-18 | CVE-2022-27500 | Incorrect Default Permissions vulnerability in Intel Support Incorrect default permissions for the Intel(R) Support Android application before 21.07.40 may allow an authenticated user to potentially enable information disclosure via local access. | 5.5 |
| 2022-08-16 | CVE-2021-39087 | Incorrect Default Permissions vulnerability in IBM Sterling B2B Integrator IBM Sterling B2B Integrator Standard Edition 6.0.0.0 through 6.0.3.5, 6.1.0.0 through 6.1.0.4, and 6.1.1.0 through 6.1.1.1 could allow an authenticated user to obtain sensitive information due to improper permission controls. | 6.5 |
| 2022-08-16 | CVE-2021-30490 | Incorrect Default Permissions vulnerability in Power-Software-Download Viewpower 1.0421012/1.0421353 upsMonitor in ViewPower (aka ViewPowerHTML) 1.04-21012 through 1.04-21353 has insecure permissions for the service binary that enable an Authenticated User to modify files, allowing for privilege escalation. | 7.8 |