Vulnerabilities > Incorrect Default Permissions
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-07-12 | CVE-2022-30758 | Incorrect Default Permissions vulnerability in Google Android 10.0/11.0/12.0 Implicit Intent hijacking vulnerability in Finder prior to SMR Jul-2022 Release 1 allow allows attackers to access some protected information with privilege of Finder. | 5.5 |
| 2022-07-12 | CVE-2022-34737 | Incorrect Default Permissions vulnerability in Huawei Emui, Harmonyos and Magic UI The application security module has a vulnerability in permission assignment. | 9.1 |
| 2022-07-07 | CVE-2022-32207 | Incorrect Default Permissions vulnerability in multiple products When curl < 7.84.0 saves cookies, alt-svc and hsts data to local files, it makes the operation atomic by finalizing the operation with a rename from a temporary name to the final target file name.In that rename operation, it might accidentally *widen* the permissions for the target file, leaving the updated file accessible to more users than intended. | 9.8 |
| 2022-07-07 | CVE-2022-33996 | Incorrect Default Permissions vulnerability in Devolutions Server Incorrect permission management in Devolutions Server before 2022.2 allows a new user with a preexisting username to inherit the permissions of that previous user. | 8.8 |
| 2022-07-01 | CVE-2022-2270 | Incorrect Default Permissions vulnerability in Gitlab An issue has been discovered in GitLab affecting all versions starting from 12.4 before 14.10.5, all versions starting from 15.0 before 15.0.4, all versions starting from 15.1 before 15.1.1. | 5.3 |
| 2022-06-29 | CVE-2022-33023 | Incorrect Default Permissions vulnerability in Openhwgroup Cva6 CVA6 commit 909d85a gives incorrect permission to use special multiplication units when the format of instructions is wrong. | 7.5 |
| 2022-06-24 | CVE-2021-41635 | Incorrect Default Permissions vulnerability in Melag FTP Server 2.2.0.4 When installed as Windows service MELAG FTP Server 2.2.0.4 is run as SYSTEM user, which grants remote attackers to abuse misconfigurations or vulnerabilities with administrative access over the entire host system. | 8.8 |
| 2022-06-24 | CVE-2021-41637 | Incorrect Default Permissions vulnerability in Melag FTP Server 2.2.0.4 Weak access control permissions in MELAG FTP Server 2.2.0.4 allow the "Everyone" group to read the local FTP configuration file, which includes among other information the unencrypted passwords of all FTP users. | 7.1 |
| 2022-06-21 | CVE-2022-1833 | Incorrect Default Permissions vulnerability in Redhat AMQ Broker 7.9.4 A flaw was found in AMQ Broker Operator 7.9.4 installed via UI using OperatorHub where a low-privilege user that has access to the namespace where the AMQ Operator is deployed has access to clusterwide edit rights by checking the secrets. | 8.8 |
| 2022-06-17 | CVE-2022-33912 | Incorrect Default Permissions vulnerability in multiple products A permission issue affects users that deployed the shipped version of the Checkmk Debian package. | 7.8 |