Vulnerabilities > Incorrect Default Permissions
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-04-11 | CVE-2022-27840 | Incorrect Default Permissions vulnerability in Samsung Recovery Improper access control vulnerability in SamsungRecovery prior to version 8.1.43.0 allows local attckers to delete arbitrary files as SamsungRecovery permission. | 4.4 |
| 2022-04-10 | CVE-2022-27958 | Incorrect Default Permissions vulnerability in Febs-Security Project Febs-Security 1.0 Insecure permissions configured in the userid parameter at /user/getuserprofile of FEBS-Security v1.0 allows attackers to access and arbitrarily modify users' personal information. | 5.4 |
| 2022-04-10 | CVE-2022-27960 | Incorrect Default Permissions vulnerability in Ofcms Project Ofcms 1.1.4 Insecure permissions configured in the user_id parameter at SysUserController.java of OFCMS v1.1.4 allows attackers to access and arbitrarily modify users' personal information. | 5.4 |
| 2022-04-08 | CVE-2022-26855 | Incorrect Default Permissions vulnerability in Dell EMC Powerscale Onefs Dell PowerScale OneFS, versions 8.2.x-9.3.0.x, contains an incorrect default permissions vulnerability. | 5.5 |
| 2022-04-04 | CVE-2022-27649 | Incorrect Default Permissions vulnerability in multiple products A flaw was found in Podman, where containers were started incorrectly with non-empty default permissions. | 7.5 |
| 2022-04-04 | CVE-2022-27650 | Incorrect Default Permissions vulnerability in multiple products A flaw was found in crun where containers were incorrectly started with non-empty default permissions. | 7.5 |
| 2022-04-04 | CVE-2022-27651 | Incorrect Default Permissions vulnerability in multiple products A flaw was found in buildah where containers were incorrectly started with non-empty default permissions. | 6.8 |
| 2022-03-30 | CVE-2021-1000 | Incorrect Default Permissions vulnerability in Google Android 12.1 In createBluetoothDeviceSlice of ConnectedDevicesSliceProvider.java, there is a possible permission bypass due to an unsafe PendingIntent. | 7.8 |
| 2022-03-30 | CVE-2021-1033 | Incorrect Default Permissions vulnerability in Google Android 12.1 In createGeneralSlice of ConnectedDevicesSliceProvider.java.java, there is a possible permission bypass due to an unsafe PendingIntent. | 7.8 |
| 2022-03-30 | CVE-2021-39747 | Incorrect Default Permissions vulnerability in Google Android 12.1 In Settings Provider, there is a possible way to list values of non-readable global settings due to a permissions bypass. | 5.5 |