Vulnerabilities > Incorrect Default Permissions

DATE CVE VULNERABILITY TITLE RISK
2021-07-14 CVE-2021-0603 Incorrect Default Permissions vulnerability in Google Android 11.0
In onCreate of ContactSelectionActivity.java, there is a possible way to get access to contacts without permission due to a tapjacking/overlay attack.
local
google CWE-276
4.4
4.4
2021-07-13 CVE-2021-31217 Incorrect Default Permissions vulnerability in Solarwinds Dameware Mini Remote Control 12.0.1.200
In SolarWinds DameWare Mini Remote Control Server 12.0.1.200, insecure file permissions allow file deletion as SYSTEM.
network
low complexity
solarwinds CWE-276
critical
 9.4
9.4
2021-07-09 CVE-2021-33214 Incorrect Default Permissions vulnerability in Hms-Networks Ecatcher
In HMS Ewon eCatcher through 6.6.4, weak filesystem permissions could allow malicious users to access files that could lead to sensitive information disclosure, modification of configuration files, or disruption of normal system operation. 		6.0
6.0
2021-07-07 CVE-2021-26274 Incorrect Default Permissions vulnerability in Ninjarmm 5.0.909
The Agent in NinjaRMM 5.0.909 has Insecure Permissions.
local
low complexity
ninjarmm CWE-276
3.6
3.6
2021-06-30 CVE-2021-22346 Incorrect Default Permissions vulnerability in Huawei Emui and Magic UI
There is an Improper Permission Management Vulnerability in Huawei Smartphone.
network
low complexity
huawei CWE-276
5.0
5.0
2021-06-30 CVE-2021-22368 Incorrect Default Permissions vulnerability in Huawei Emui and Magic UI
There is a Permission Control Vulnerability in Huawei Smartphone.
network
low complexity
huawei CWE-276
5.0
5.0
2021-06-30 CVE-2021-22371 Incorrect Default Permissions vulnerability in Huawei Emui and Magic UI
There is an Improper Permission Management Vulnerability in Huawei Smartphone.
network
low complexity
huawei CWE-276
5.0
5.0
2021-06-29 CVE-2021-20490 Incorrect Default Permissions vulnerability in IBM Spectrum Protect Plus
IBM Spectrum Protect Plus 10.1.0 through 10.1.8 could allow a local user to cause a denial of service due to insecure file permission settings.
local
low complexity
ibm CWE-276
2.1
2.1
2021-06-24 CVE-2021-21737 Incorrect Default Permissions vulnerability in ZTE Zxv10 B860H V5.0 Firmware V83011303.0010/V83011303.0016
A smart STB product of ZTE is impacted by a permission and access control vulnerability.
network
low complexity
zte CWE-276
5.0
5.0
2021-06-22 CVE-2021-34395 Incorrect Default Permissions vulnerability in Nvidia Jetson Linux
Trusty TLK contains a vulnerability in its access permission settings where it does not properly restrict access to a resource from a user with local privileges, which might lead to limited information disclosure, a low risk of modifcations to data, and limited denial of service.
local
low complexity
nvidia CWE-276
4.6
4.6