Vulnerabilities > Incorrect Default Permissions
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2023-10-30 | CVE-2022-4575 | Incorrect Default Permissions vulnerability in Lenovo products A vulnerability due to improper write protection of UEFI variables was reported in the BIOS of some ThinkPad models could allow an attacker with physical or local access and elevated privileges the ability to bypass Secure Boot. | 6.7 |
2023-10-25 | CVE-2023-3112 | Incorrect Default Permissions vulnerability in Ellipticlabs AI Virtual Presence Sensor and Virtual Lock Sensor A vulnerability was reported in Elliptic Labs Virtual Lock Sensor for ThinkPad T14 Gen 3 that could allow an attacker with local access to execute code with elevated privileges. | 7.8 |
2023-10-25 | CVE-2023-45990 | Incorrect Default Permissions vulnerability in Wenwen-Ai Wenwenai CMS 1.0 Insecure Permissions vulnerability in WenwenaiCMS v.1.0 allows a remote attacker to escalate privileges. | 8.0 |
2023-10-19 | CVE-2022-42150 | Incorrect Default Permissions vulnerability in Tinylab Cloud LAB and Linux LAB TinyLab linux-lab v1.1-rc1 and cloud-labv0.8-rc2, v1.1-rc1 are vulnerable to insecure permissions. | 10.0 |
2023-10-19 | CVE-2023-35181 | Incorrect Default Permissions vulnerability in Solarwinds Access Rights Manager The SolarWinds Access Rights Manager was susceptible to Privilege Escalation Vulnerability. | 7.8 |
2023-10-19 | CVE-2023-35183 | Incorrect Default Permissions vulnerability in Solarwinds Access Rights Manager The SolarWinds Access Rights Manager was susceptible to Privilege Escalation Vulnerability. | 7.8 |
2023-10-17 | CVE-2023-27133 | Incorrect Default Permissions vulnerability in Tsplus Remote Work TSplus Remote Work 16.0.0.0 has weak permissions for .exe, .js, and .html files under the %PROGRAMFILES(X86)%\TSplus-RemoteWork\Clients\www folder. | 9.8 |
2023-10-16 | CVE-2023-45690 | Incorrect Default Permissions vulnerability in Southrivertech Titan FTP Server and Titan MFT Server Default file permissions on South River Technologies' Titan MFT and Titan SFTP servers on Linux allows a user that's authentication to the OS to read sensitive files on the filesystem | 4.9 |
2023-10-13 | CVE-2023-44194 | Incorrect Default Permissions vulnerability in Juniper Junos An Incorrect Default Permissions vulnerability in Juniper Networks Junos OS allows an unauthenticated attacker with local access to the device to create a backdoor with root privileges. | 7.8 |
2023-10-09 | CVE-2022-3431 | Incorrect Default Permissions vulnerability in Lenovo products A potential vulnerability in a driver used during manufacturing process on some consumer Lenovo Notebook devices that was mistakenly not deactivated may allow an attacker with elevated privileges to modify secure boot setting by modifying an NVRAM variable. | 7.8 |