Vulnerabilities > Incorrect Default Permissions

DATE	CVE	VULNERABILITY TITLE	RISK
2022-04-19	CVE-2022-26595	Incorrect Default Permissions vulnerability in Liferay Digital Experience Platform and Liferay Portal Liferay Portal 7.3.7, 7.4.0, and 7.4.1, and Liferay DXP 7.2 fix pack 13, and 7.3 fix pack 2 does not properly check user permission when accessing a list of sites/groups, which allows remote authenticated users to view sites/groups via the user's site membership assignment UI. network low complexity liferay CWE-276	4.3
2022-04-18	CVE-2011-1762	Incorrect Default Permissions vulnerability in Wordpress A flaw exists in Wordpress related to the 'wp-admin/press-this.php 'script improperly checking user permissions when publishing posts. network low complexity wordpress CWE-276	6.5
2022-04-18	CVE-2022-27652	Incorrect Default Permissions vulnerability in multiple products A flaw was found in cri-o, where containers were incorrectly started with non-empty default permissions. local low complexity kubernetes fedoraproject mobyproject redhat CWE-276	5.3
2022-04-12	CVE-2021-39794	Incorrect Default Permissions vulnerability in Google Android 11.0/12.0/12.1 In broadcastPortInfo of AdbService.java, there is a possible way for apps to run code as the shell user, if wireless debugging is enabled, due to a missing permission check. local low complexity google CWE-276	7.8
2022-04-11	CVE-2022-24804	Incorrect Default Permissions vulnerability in Discourse Discourse is an open source platform for community discussion. network low complexity discourse CWE-276	5.3
2022-04-11	CVE-2022-27840	Incorrect Default Permissions vulnerability in Samsung Recovery Improper access control vulnerability in SamsungRecovery prior to version 8.1.43.0 allows local attckers to delete arbitrary files as SamsungRecovery permission. local low complexity samsung CWE-276	4.4
2022-04-10	CVE-2022-27958	Incorrect Default Permissions vulnerability in Febs-Security Project Febs-Security 1.0 Insecure permissions configured in the userid parameter at /user/getuserprofile of FEBS-Security v1.0 allows attackers to access and arbitrarily modify users' personal information. network low complexity febs-security-project CWE-276	5.4
2022-04-10	CVE-2022-27960	Incorrect Default Permissions vulnerability in Ofcms Project Ofcms 1.1.4 Insecure permissions configured in the user_id parameter at SysUserController.java of OFCMS v1.1.4 allows attackers to access and arbitrarily modify users' personal information. network low complexity ofcms-project CWE-276	5.4
2022-04-08	CVE-2022-26855	Incorrect Default Permissions vulnerability in Dell EMC Powerscale Onefs Dell PowerScale OneFS, versions 8.2.x-9.3.0.x, contains an incorrect default permissions vulnerability. local low complexity dell CWE-276	5.5
2022-04-04	CVE-2022-27649	Incorrect Default Permissions vulnerability in multiple products A flaw was found in Podman, where containers were started incorrectly with non-empty default permissions. network high complexity podman-project redhat fedoraproject CWE-276	7.5