Vulnerabilities > Incorrect Default Permissions
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2023-11-20 | CVE-2023-3116 | Incorrect Default Permissions vulnerability in Openharmony in OpenHarmony v3.2.2 and prior versions allow a local attacker get confidential information or rewrite sensitive file through incorrect default permissions. | 7.1 |
2023-11-20 | CVE-2023-42774 | Incorrect Default Permissions vulnerability in Openharmony in OpenHarmony v3.2.2 and prior versions allow a local attacker get confidential information through incorrect default permissions. | 5.5 |
2023-11-18 | CVE-2023-40363 | Incorrect Default Permissions vulnerability in IBM Infosphere Information Server 11.7 IBM InfoSphere Information Server 11.7 could allow an authenticated user to change installation files due to incorrect file permission settings. | 6.5 |
2023-11-17 | CVE-2023-48648 | Incorrect Default Permissions vulnerability in Concretecms Concrete CMS Concrete CMS before 8.5.13 and 9.x before 9.2.2 allows unauthorized access because directories can be created with insecure permissions. | 9.8 |
2023-11-16 | CVE-2023-47335 | Incorrect Default Permissions vulnerability in Autelrobotics EVO Nano Drone Firmware 1.6.5 Insecure permissions in the setNFZEnable function of Autel Robotics EVO Nano drone v1.6.5 allows attackers to breach the geo-fence and fly into no-fly zones. | 6.5 |
2023-11-14 | CVE-2023-27305 | Incorrect Default Permissions vulnerability in Intel ARC a Graphics and Iris XE Graphics Incorrect default permissions in some Intel(R) Arc(TM) & Iris(R) Xe Graphics - WHQL - Windows drivers before version 31.0.101.4255 may allow an authenticated user to potentially enable escalation of privilege via local access. | 7.8 |
2023-11-14 | CVE-2023-32638 | Incorrect Default Permissions vulnerability in Intel ARC RGB Controller 1.03 Incorrect default permissions in some Intel Arc RGB Controller software before version 1.06 may allow an authenticated user to potentially enable escalation of privilege via local access. | 7.8 |
2023-11-09 | CVE-2023-46743 | Incorrect Default Permissions vulnerability in Xwiki Application-Collabora application-collabora is an integration of Collabora Online in XWiki. | 4.3 |
2023-11-03 | CVE-2023-41726 | Incorrect Default Permissions vulnerability in Ivanti Avalanche Ivanti Avalanche Incorrect Default Permissions allows Local Privilege Escalation Vulnerability | 7.8 |
2023-11-03 | CVE-2023-4091 | Incorrect Default Permissions vulnerability in multiple products A vulnerability was discovered in Samba, where the flaw allows SMB clients to truncate files, even with read-only permissions when the Samba VFS module "acl_xattr" is configured with "acl_xattr:ignore system acls = yes". | 6.5 |