Vulnerabilities > Incorrect Default Permissions
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-05-17 | CVE-2022-0997 | Incorrect Default Permissions vulnerability in Fidelissecurity Deception and Network Improper file permissions in the CommandPost, Collector, and Sensor components of Fidelis Network and Deception enables an attacker with local, administrative access to the CLI to modify affected script files, which could result in arbitrary commands being run as root upon subsequent logon by a root user. | 7.8 |
| 2022-05-17 | CVE-2022-24890 | Incorrect Default Permissions vulnerability in Nextcloud Talk Nextcloud Talk is a video and audio conferencing app for Nextcloud. | 4.3 |
| 2022-05-13 | CVE-2022-30367 | Incorrect Default Permissions vulnerability in AIR Cargo Management System Project AIR Cargo Management System 1.0 Air Cargo Management System v1.0 is vulnerable to file deletion via /acms/classes/Master.php?f=delete_img. | 6.5 |
| 2022-05-13 | CVE-2022-30375 | Incorrect Default Permissions vulnerability in Simple Social Networking Site Project Simple Social Networking Site 1.0 Sourcecodester Simple Social Networking Site v1.0 is vulnerable to file deletion via /sns/classes/Master.php?f=delete_img. | 6.5 |
| 2022-05-06 | CVE-2022-23802 | Incorrect Default Permissions vulnerability in Ijoomla Guru 5.2.5 Joomla Guru extension 5.2.5 is affected by: Insecure Permissions. | 7.5 |
| 2022-04-28 | CVE-2022-29585 | Incorrect Default Permissions vulnerability in Mahara In Mahara before 20.10.5, 21.04.4, 21.10.2, and 22.04.0, a site using Isolated Institutions is vulnerable if more than ten groups are used. | 7.5 |
| 2022-04-26 | CVE-2022-28218 | Incorrect Default Permissions vulnerability in Ciphermail Webmail Messenger An issue was discovered in CipherMail Webmail Messenger 1.1.1 through 4.1.4. | 5.5 |
| 2022-04-22 | CVE-2021-3722 | Incorrect Default Permissions vulnerability in Lenovo Pcmanager A denial of service vulnerability was reported in Lenovo PCManager prior to version 4.0.40.2175 that could allow configuration files to be written to non-standard locations during installation. | 5.0 |
| 2022-04-21 | CVE-2022-20732 | Incorrect Default Permissions vulnerability in Cisco Virtualized Infrastructure Manager 3.6.0/4.0.0 A vulnerability in the configuration file protections of Cisco Virtualized Infrastructure Manager (VIM) could allow an authenticated, local attacker to access confidential information and elevate privileges on an affected device. | 7.8 |
| 2022-04-21 | CVE-2022-29547 | Incorrect Default Permissions vulnerability in Mediawiki Createredirect The CreateRedirect extension before 2022-04-14 for MediaWiki does not properly check whether the user has permissions to edit the target page. | 7.5 |