Vulnerabilities > Incorrect Default Permissions
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-03-30 | CVE-2021-39779 | Incorrect Default Permissions vulnerability in Google Android 12.0 In getCallStateUsingPackage of Telecom Service, there is a missing permission check. | 5.5 |
| 2022-03-30 | CVE-2021-39780 | Incorrect Default Permissions vulnerability in Google Android 12.0 In Traceur, there is a possible bypass of developer settings requirements for capturing system traces due to a missing permission check. | 7.8 |
| 2022-03-29 | CVE-2022-22948 | Incorrect Default Permissions vulnerability in VMWare Vcenter Server 6.5/6.7/7.0 The vCenter Server contains an information disclosure vulnerability due to improper permission of files. | 6.5 |
| 2022-03-29 | CVE-2022-26839 | Incorrect Default Permissions vulnerability in Deltaww Diaenergie 1.08.00/1.7.5/1.8.0 Delta Electronics DIAEnergie (All versions prior to 1.8.02.004) is vulnerable to an incorrect default permission in the DIAEnergie application, which may allow an attacker to plant new files (such as DLLs) or replace existing executable files. | 7.8 |
| 2022-03-25 | CVE-2021-40904 | Incorrect Default Permissions vulnerability in Checkmk 1.5.0 The web management console of CheckMK Raw Edition (versions 1.5.0 to 1.6.0) allows a misconfiguration of the web-app Dokuwiki (installed by default), which allows embedded php code. | 8.8 |
| 2022-03-25 | CVE-2021-44905 | Incorrect Default Permissions vulnerability in CEF Fortessa Ftbtld Firmware Incorrect permissions in the Bluetooth Services in the Fortessa FTBTLD Smart Lock as of 12-13-2022 allows a remote attacker to disable the lock via an unauthenticated edit to the lock name. | 8.2 |
| 2022-03-25 | CVE-2022-27919 | Incorrect Default Permissions vulnerability in Gradle Enterprise Gradle Enterprise before 2022.1 allows remote code execution if the installation process did not specify an initial configuration file. | 9.8 |
| 2022-03-25 | CVE-2021-44751 | Incorrect Default Permissions vulnerability in F-Secure Safe 17.9/18.4.0 A vulnerability affecting F-Secure SAFE browser was discovered. | 5.3 |
| 2022-03-21 | CVE-2022-25570 | Incorrect Default Permissions vulnerability in Clickstudios Passwordstate 9.4 In Click Studios (SA) Pty Ltd Passwordstate 9435, users with access to a passwordlist can gain access to additional password lists without permissions. | 6.5 |
| 2022-03-18 | CVE-2021-22571 | Incorrect Default Permissions vulnerability in Google Sa360 Webquery to Bigquery Exporter A local attacker could read files from some other users' SA360 reports stored in the /tmp folder during staging process before the files are loaded in BigQuery. | 5.5 |