Vulnerabilities > Incorrect Default Permissions
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-05-12 | CVE-2021-31519 | Incorrect Default Permissions vulnerability in Trendmicro Housecall for Home Networks 5.3.0.1063 An incorrect permission vulnerability in the product installer folders for Trend Micro HouseCall for Home Networks version 5.3.1179 and below could allow an attacker to escalate privileges by placing arbitrary code on a specified folder and have that code be executed by an Administrator who is running a scan. | 4.4 |
| 2021-05-05 | CVE-2021-25317 | Incorrect Default Permissions vulnerability in multiple products A Incorrect Default Permissions vulnerability in the packaging of cups of SUSE Linux Enterprise Server 11-SP4-LTSS, SUSE Manager Server 4.0, SUSE OpenStack Cloud Crowbar 9; openSUSE Leap 15.2, Factory allows local attackers with control of the lp users to create files as root with 0644 permissions without the ability to set the content. | 3.3 |
| 2021-05-05 | CVE-2021-25319 | Incorrect Default Permissions vulnerability in Opensuse Factory A Incorrect Default Permissions vulnerability in the packaging of virtualbox of openSUSE Factory allows local attackers in the vboxusers groupu to escalate to root. | 7.2 |
| 2021-05-04 | CVE-2021-26804 | Incorrect Default Permissions vulnerability in Centreon web 19.10.18/20.04.8/20.10.2 Insecure Permissions in Centreon Web versions 19.10.18, 20.04.8, and 20.10.2 allows remote attackers to bypass validation by changing any file extension to ".gif", then uploading it in the "Administration/ Parameters/ Images" section of the application. | 6.5 |
| 2021-04-27 | CVE-2021-3451 | Incorrect Default Permissions vulnerability in Lenovo Pcmanager 3.0.200.2042/3.0.50.9162 A denial of service vulnerability was reported in Lenovo PCManager, prior to version 3.0.400.3252, that could allow configuration files to be written to non-standard locations. | 2.1 |
| 2021-04-27 | CVE-2021-28271 | Incorrect Default Permissions vulnerability in Soyal 701Clientsql, 701Server and 701Serversql Soyal Technologies SOYAL 701Server 9.0.1 suffers from an elevation of privileges vulnerability which can be used by an authenticated user to change the executable file with a binary choice. | 6.5 |
| 2021-04-26 | CVE-2021-20532 | Incorrect Default Permissions vulnerability in IBM products IBM Spectrum Protect Client 8.1.0.0 through 8.1.11.0 could allow a local user to escalate their privileges to take full control of the system due to insecure directory permissions. | 7.2 |
| 2021-04-22 | CVE-2021-0246 | Incorrect Default Permissions vulnerability in Juniper Junos 18.3/18.4/19.1 On SRX1500, SRX4100, SRX4200, SRX4600, SRX5000 Series with SPC2/SPC3, devices using tenant services on Juniper Networks Junos OS, due to incorrect default permissions assigned to tenant system administrators a tenant system administrator may inadvertently send their network traffic to one or more tenants while concurrently modifying the overall device system traffic management, affecting all tenants and the service provider. | 4.6 |
| 2021-04-22 | CVE-2021-0235 | Incorrect Default Permissions vulnerability in Juniper Junos On SRX1500, SRX4100, SRX4200, SRX4600, SRX5000 Series with SPC2/SPC3, vSRX Series devices using tenant services on Juniper Networks Junos OS, due to incorrect permission scheme assigned to tenant system administrators, a tenant system administrator may inadvertently send their network traffic to one or more tenants while concurrently modifying the overall device system traffic management, affecting all tenants and the service provider. | 4.6 |
| 2021-04-21 | CVE-2020-27569 | Incorrect Default Permissions vulnerability in Aviatrix Openvpn Arbitrary File Write exists in Aviatrix VPN Client 2.8.2 and earlier. | 5.0 |