Vulnerabilities > Incorrect Default Permissions
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-04-20 | CVE-2021-43986 | Incorrect Default Permissions vulnerability in Fanuc Roboguide 9.40083.00.05 The setup program for the affected product configures its files and folders with full access, which may allow unauthorized users permission to replace original binaries and achieve privilege escalation. | 7.0 |
| 2022-04-19 | CVE-2022-26595 | Incorrect Default Permissions vulnerability in Liferay Digital Experience Platform and Liferay Portal Liferay Portal 7.3.7, 7.4.0, and 7.4.1, and Liferay DXP 7.2 fix pack 13, and 7.3 fix pack 2 does not properly check user permission when accessing a list of sites/groups, which allows remote authenticated users to view sites/groups via the user's site membership assignment UI. | 4.3 |
| 2022-04-18 | CVE-2011-1762 | Incorrect Default Permissions vulnerability in Wordpress A flaw exists in Wordpress related to the 'wp-admin/press-this.php 'script improperly checking user permissions when publishing posts. | 6.5 |
| 2022-04-18 | CVE-2022-27652 | Incorrect Default Permissions vulnerability in multiple products A flaw was found in cri-o, where containers were incorrectly started with non-empty default permissions. | 5.3 |
| 2022-04-12 | CVE-2021-39794 | Incorrect Default Permissions vulnerability in Google Android 11.0/12.0/12.1 In broadcastPortInfo of AdbService.java, there is a possible way for apps to run code as the shell user, if wireless debugging is enabled, due to a missing permission check. | 7.8 |
| 2022-04-11 | CVE-2022-24804 | Incorrect Default Permissions vulnerability in Discourse Discourse is an open source platform for community discussion. | 5.3 |
| 2022-04-11 | CVE-2022-27840 | Incorrect Default Permissions vulnerability in Samsung Recovery Improper access control vulnerability in SamsungRecovery prior to version 8.1.43.0 allows local attckers to delete arbitrary files as SamsungRecovery permission. | 4.4 |
| 2022-04-10 | CVE-2022-27958 | Incorrect Default Permissions vulnerability in Febs-Security Project Febs-Security 1.0 Insecure permissions configured in the userid parameter at /user/getuserprofile of FEBS-Security v1.0 allows attackers to access and arbitrarily modify users' personal information. | 5.4 |
| 2022-04-10 | CVE-2022-27960 | Incorrect Default Permissions vulnerability in Ofcms Project Ofcms 1.1.4 Insecure permissions configured in the user_id parameter at SysUserController.java of OFCMS v1.1.4 allows attackers to access and arbitrarily modify users' personal information. | 5.4 |
| 2022-04-08 | CVE-2022-26855 | Incorrect Default Permissions vulnerability in Dell EMC Powerscale Onefs Dell PowerScale OneFS, versions 8.2.x-9.3.0.x, contains an incorrect default permissions vulnerability. | 5.5 |