Vulnerabilities > Incorrect Default Permissions
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-03-01 | CVE-2021-41652 | Incorrect Default Permissions vulnerability in Batflat 1.3.6 Insecure permissions in the file database.sdb of BatFlat CMS v1.3.6 allows attackers to dump the entire database. | 7.5 |
| 2022-02-25 | CVE-2021-37103 | Incorrect Default Permissions vulnerability in Huawei Emui and Magic UI There is an improper permission management vulnerability in the Wallet apps. | 5.5 |
| 2022-02-25 | CVE-2022-24337 | Incorrect Default Permissions vulnerability in Jetbrains Teamcity In JetBrains TeamCity before 2021.2, health items of pull requests were shown to users who lacked appropriate permissions. | 6.5 |
| 2022-02-25 | CVE-2022-24343 | Incorrect Default Permissions vulnerability in Jetbrains Youtrack In JetBrains YouTrack before 2021.4.31698, a custom logo could be set by a user who has read-only permissions. | 4.3 |
| 2022-02-25 | CVE-2022-25327 | Incorrect Default Permissions vulnerability in Google Fscrypt The PAM module for fscrypt doesn't adequately validate fscrypt metadata files, allowing users to create malicious metadata files that prevent other users from logging in. | 5.5 |
| 2022-02-24 | CVE-2022-23104 | Incorrect Default Permissions vulnerability in Win-911 2021 R1 and Win-911 2021 R2 WIN-911 2021 R1 and R2 are vulnerable to a permissions misconfiguration that may allow an attacker to locally write files to the program Operator Workspace directory, which holds DLL files and executables. | 7.8 |
| 2022-02-24 | CVE-2022-23922 | Incorrect Default Permissions vulnerability in Win-911 2021 R1 and Win-911 2021 R2 WIN-911 2021 R1 and R2 are vulnerable to a permissions misconfiguration that may allow an attacker to locally write files to the Program Announcer directory and elevate permissions whenever the program is executed. | 7.8 |
| 2022-02-20 | CVE-2021-45083 | Incorrect Default Permissions vulnerability in multiple products An issue was discovered in Cobbler before 3.3.1. | 7.1 |
| 2022-02-18 | CVE-2021-3948 | Incorrect Default Permissions vulnerability in multiple products An incorrect default permissions vulnerability was found in the mig-controller. | 6.3 |
| 2022-02-17 | CVE-2021-3155 | Incorrect Default Permissions vulnerability in Canonical Snapd snapd 2.54.2 and earlier created ~/snap directories in user home directories without specifying owner-only permissions. | 5.5 |