Vulnerabilities > Incorrect Default Permissions
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2022-04-26 | CVE-2022-28218 | Incorrect Default Permissions vulnerability in Ciphermail Webmail Messenger An issue was discovered in CipherMail Webmail Messenger 1.1.1 through 4.1.4. | 5.5 |
2022-04-22 | CVE-2021-3722 | Incorrect Default Permissions vulnerability in Lenovo Pcmanager A denial of service vulnerability was reported in Lenovo PCManager prior to version 4.0.40.2175 that could allow configuration files to be written to non-standard locations during installation. | 5.0 |
2022-04-21 | CVE-2022-20732 | Incorrect Default Permissions vulnerability in Cisco Virtualized Infrastructure Manager 3.6.0/4.0.0 A vulnerability in the configuration file protections of Cisco Virtualized Infrastructure Manager (VIM) could allow an authenticated, local attacker to access confidential information and elevate privileges on an affected device. | 7.8 |
2022-04-21 | CVE-2022-29547 | Incorrect Default Permissions vulnerability in Mediawiki Createredirect The CreateRedirect extension before 2022-04-14 for MediaWiki does not properly check whether the user has permissions to edit the target page. | 7.5 |
2022-04-20 | CVE-2021-43986 | Incorrect Default Permissions vulnerability in Fanuc Roboguide 9.40083.00.05 The setup program for the affected product configures its files and folders with full access, which may allow unauthorized users permission to replace original binaries and achieve privilege escalation. | 7.0 |
2022-04-19 | CVE-2022-26595 | Incorrect Default Permissions vulnerability in Liferay Digital Experience Platform and Liferay Portal Liferay Portal 7.3.7, 7.4.0, and 7.4.1, and Liferay DXP 7.2 fix pack 13, and 7.3 fix pack 2 does not properly check user permission when accessing a list of sites/groups, which allows remote authenticated users to view sites/groups via the user's site membership assignment UI. | 4.3 |
2022-04-18 | CVE-2011-1762 | Incorrect Default Permissions vulnerability in Wordpress A flaw exists in Wordpress related to the 'wp-admin/press-this.php 'script improperly checking user permissions when publishing posts. | 6.5 |
2022-04-18 | CVE-2022-27652 | Incorrect Default Permissions vulnerability in multiple products A flaw was found in cri-o, where containers were incorrectly started with non-empty default permissions. | 5.3 |
2022-04-12 | CVE-2021-39794 | Incorrect Default Permissions vulnerability in Google Android 11.0/12.0/12.1 In broadcastPortInfo of AdbService.java, there is a possible way for apps to run code as the shell user, if wireless debugging is enabled, due to a missing permission check. | 7.8 |
2022-04-11 | CVE-2022-24804 | Incorrect Default Permissions vulnerability in Discourse Discourse is an open source platform for community discussion. | 5.3 |