Vulnerabilities > Incorrect Default Permissions
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-03-17 | CVE-2022-25364 | Incorrect Default Permissions vulnerability in Gradle Enterprise In Gradle Enterprise before 2021.4.2, the default built-in build cache configuration allowed anonymous write access. | 8.1 |
| 2022-03-16 | CVE-2021-39694 | Incorrect Default Permissions vulnerability in Google Android 12.0 In parse of RoleParser.java, there is a possible way for default apps to get permissions explicitly denied by the user due to a permissions bypass. | 7.8 |
| 2022-03-10 | CVE-2021-44215 | Incorrect Default Permissions vulnerability in Northern.Tech Cfengine Northern.tech CFEngine Enterprise 3.15.4 before 3.15.5 has Insecure Permissions that may allow unauthorized local users to have an unspecified impact. | 5.5 |
| 2022-03-10 | CVE-2021-44216 | Incorrect Default Permissions vulnerability in Northern.Tech Cfengine Northern.tech CFEngine Enterprise before 3.15.5 and 3.18.x before 3.18.1 has Insecure Permissions that may allow unauthorized local users to access the Apache and Mission Portal log files. | 5.5 |
| 2022-03-10 | CVE-2021-40049 | Incorrect Default Permissions vulnerability in Huawei Emui, Harmonyos and Magic UI There is a permission control vulnerability in the PMS module. | 7.5 |
| 2022-03-10 | CVE-2021-40053 | Incorrect Default Permissions vulnerability in Huawei Emui, Harmonyos and Magic UI There is a permission control vulnerability in the Nearby module.Successful exploitation of this vulnerability will affect availability and integrity. | 9.1 |
| 2022-03-10 | CVE-2021-40059 | Incorrect Default Permissions vulnerability in Huawei Emui and Magic UI There is a permission control vulnerability in the Wi-Fi module. | 6.5 |
| 2022-03-10 | CVE-2021-32006 | Incorrect Default Permissions vulnerability in Secomea Gatemanager 9.6.621421014 This issue affects: Secomea GateManager Version 9.6.621421014 and all prior versions. | 4.3 |
| 2022-03-09 | CVE-2022-25943 | Incorrect Default Permissions vulnerability in Kingsoft WPS Office The installer of WPS Office for Windows versions prior to v11.2.0.10258 fails to configure properly the ACL for the directory where the service program is installed. | 7.8 |
| 2022-03-02 | CVE-2021-38268 | Incorrect Default Permissions vulnerability in Liferay Digital Experience Platform and Liferay Portal The Dynamic Data Mapping module in Liferay Portal 7.0.0 through 7.3.6, and Liferay DXP 7.0 before fix pack 101, 7.1 before fix pack 21, 7.2 before fix pack 10 and 7.3 before fix pack 2 incorrectly sets default permissions for site members, which allows remote authenticated users with the site member role to add and duplicate forms, via the UI or the API. | 6.5 |