Vulnerabilities > Incorrect Default Permissions
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-06-09 | CVE-2022-25804 | Incorrect Default Permissions vulnerability in Igel Universal Management Suite 6.07.100 An issue was discovered in the IGEL Universal Management Suite (UMS) 6.07.100. | 5.5 |
| 2022-06-07 | CVE-2022-30747 | Incorrect Default Permissions vulnerability in Samsung Smartthings 1.7.73.22/1.7.85.12 PendingIntent hijacking vulnerability in Smart Things prior to 1.7.85.25 allows local attackers to access files without permission via implicit Intent. | 5.5 |
| 2022-06-02 | CVE-2022-28702 | Incorrect Default Permissions vulnerability in ABB E-Design Incorrect Default Permissions vulnerability in ABB e-Design allows attacker to install malicious software executing with SYSTEM permissions violating confidentiality, integrity, and availability of the target machine. | 5.5 |
| 2022-06-02 | CVE-2022-29483 | Incorrect Default Permissions vulnerability in ABB E-Design Incorrect Default Permissions vulnerability in ABB e-Design allows attacker to install malicious software executing with SYSTEM permissions violating confidentiality, integrity, and availability of the target machine. | 7.8 |
| 2022-06-02 | CVE-2022-31500 | Incorrect Default Permissions vulnerability in Knime Analytics Platform In KNIME Analytics Platform below 4.6.0, the Windows installer sets improper filesystem permissions. | 7.8 |
| 2022-05-23 | CVE-2022-28999 | Incorrect Default Permissions vulnerability in Bloodshed Dev-C++ 4.9.9.2 Insecure permissions in the install directories and binaries of Dev-CPP v4.9.9.2 allows attackers to execute arbitrary code via overwriting the binary devcpp.exe. | 8.8 |
| 2022-05-23 | CVE-2022-29376 | Incorrect Default Permissions vulnerability in Apachefriends Xampp Xampp for Windows v8.1.4 and below was discovered to contain insecure permissions for its install directory, allowing attackers to execute arbitrary code via overwriting binaries located in the directory. | 8.8 |
| 2022-05-23 | CVE-2022-28932 | Incorrect Default Permissions vulnerability in Dlink Dsl-G2452Dg Firmware D-Link DSL-G2452DG HW:T1\\tFW:ME_2.00 was discovered to contain insecure permissions. | 9.8 |
| 2022-05-17 | CVE-2022-0486 | Incorrect Default Permissions vulnerability in Fidelissecurity Deception and Network Improper file permissions in the CommandPost, Collector, Sensor, and Sandbox components of Fidelis Network and Deception enables an attacker with local, administrative access to the CLI to modify affected files and enable escalation of privileges equivalent to the root user. | 7.8 |
| 2022-05-17 | CVE-2022-0997 | Incorrect Default Permissions vulnerability in Fidelissecurity Deception and Network Improper file permissions in the CommandPost, Collector, and Sensor components of Fidelis Network and Deception enables an attacker with local, administrative access to the CLI to modify affected script files, which could result in arbitrary commands being run as root upon subsequent logon by a root user. | 7.8 |