Vulnerabilities > Incorrect Default Permissions

DATE CVE VULNERABILITY TITLE RISK
2024-08-14 CVE-2024-26025 Incorrect Default Permissions vulnerability in Intel Advisor and Oneapi Base Toolkit
Incorrect default permissions for some Intel(R) Advisor software before version 2024.1 may allow an authenticated user to potentially enable escalation of privilege via local access.
local
low complexity
intel CWE-276
7.8
7.8
2024-08-14 CVE-2024-27461 Incorrect Default Permissions vulnerability in Intel Memory and Storage Tool GUI
Incorrect default permissions in software installer for Intel(R) MAS (GUI) may allow an authenticated user to potentially enable denial of service via local access.
local
low complexity
intel CWE-276
5.5
5.5
2024-08-13 CVE-2023-31349 Incorrect Default Permissions vulnerability in AMD Uprof
Incorrect default permissions in the AMD µProf installation directory could allow an attacker to achieve privilege escalation, potentially resulting in arbitrary code execution.
local
low complexity
amd CWE-276
7.8
7.8
2024-08-07 CVE-2024-34616 Incorrect Default Permissions vulnerability in Samsung Android 12.0/13.0/14.0
Improper handling of insufficient permission in KnoxDualDARPolicy prior to SMR Aug-2024 Release 1 allows local attackers to access sensitive data.
local
low complexity
samsung CWE-276
5.5
5.5
2024-08-07 CVE-2024-34617 Incorrect Default Permissions vulnerability in Samsung Android 14.0
Improper handling of insufficient permission in Telephony prior to SMR Aug-2024 Release 1 allows local attackers to configure default Message application.
local
low complexity
samsung CWE-276
3.3
3.3
2024-08-06 CVE-2024-43114 Incorrect Default Permissions vulnerability in Jetbrains Teamcity
In JetBrains TeamCity before 2024.07.1 possible privilege escalation due to incorrect directory permissions
local
low complexity
jetbrains CWE-276
7.8
7.8
2024-08-06 CVE-2024-7525 Incorrect Default Permissions vulnerability in Mozilla Firefox
It was possible for a web extension with minimal permissions to create a `StreamFilter` which could be used to read and modify the response body of requests on any site.
network
low complexity
mozilla CWE-276
8.1
8.1
2024-07-31 CVE-2024-6974 Incorrect Default Permissions vulnerability in Catonetworks Cato Client
Cato Networks Windows SDP Client Local Privilege Escalation via self-upgradeThis issue affects SDP Client: before 5.10.34.
local
low complexity
catonetworks CWE-276
7.8
7.8
2024-07-29 CVE-2024-27888 Incorrect Default Permissions vulnerability in Apple Macos
A permissions issue was addressed by removing vulnerable code and adding additional checks.
local
low complexity
apple CWE-276
5.5
5.5
2024-07-29 CVE-2024-40805 Incorrect Default Permissions vulnerability in Apple products
A permissions issue was addressed with additional restrictions.
local
low complexity
apple CWE-276
7.1
7.1