Vulnerabilities > Incorrect Default Permissions
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2021-03-25 | CVE-2021-25355 | Incorrect Default Permissions vulnerability in Samsung Notes 2.0.02.31 Using unsafe PendingIntent in Samsung Notes prior to version 4.2.00.22 allows local attackers unauthorized action without permission via hijacking the PendingIntent. | 4.6 |
2021-03-22 | CVE-2021-22311 | Incorrect Default Permissions vulnerability in Huawei Manageone 8.0.0/8.0.1 There is an improper permission assignment vulnerability in Huawei ManageOne product. | 6.5 |
2021-03-22 | CVE-2021-21438 | Incorrect Default Permissions vulnerability in Otrs FAQ and Otrs Agents are able to see linked FAQ articles without permissions (defined in FAQ Category). | 4.0 |
2021-03-11 | CVE-2020-4976 | Incorrect Default Permissions vulnerability in multiple products IBM DB2 for Linux, UNIX and Windows (includes DB2 Connect Server) 9.7, 10.1, 10.5, 11.1, and 11.5 could allow a local user to read and write specific files due to weak file permissions. | 3.6 |
2021-03-10 | CVE-2021-0381 | Incorrect Default Permissions vulnerability in Google Android 11.0 In updateNotifications of DeviceStorageMonitorService.java, there is a possible permission bypass due to an unsafe PendingIntent. | 2.1 |
2021-03-09 | CVE-2020-8357 | Incorrect Default Permissions vulnerability in Lenovo Pcmanager 3.0.50.9162 A denial of service vulnerability was reported in Lenovo PCManager, prior to version 3.0.200.2042, that could allow configuration files to be written to non-standard locations. | 2.1 |
2021-03-04 | CVE-2021-25344 | Incorrect Default Permissions vulnerability in Google Android 10.0/11.0 Missing permission check in knox_custom service prior to SMR Mar-2021 Release 1 allows attackers to gain access to device's serial number without permission. | 2.1 |
2021-03-04 | CVE-2021-24032 | Incorrect Default Permissions vulnerability in Facebook Zstandard 1.4.1/1.4.2 Beginning in v1.4.1 and prior to v1.4.9, due to an incomplete fix for CVE-2021-24031, the Zstandard command-line utility created output files with default permissions and restricted those permissions immediately afterwards. | 1.9 |
2021-03-04 | CVE-2021-24031 | Incorrect Default Permissions vulnerability in Facebook Zstandard In the Zstandard command-line utility prior to v1.4.1, output files were created with default permissions. | 2.1 |
2021-03-03 | CVE-2020-13554 | Incorrect Default Permissions vulnerability in Advantech Webaccess/Scada 9.0.1 An exploitable local privilege elevation vulnerability exists in the file system permissions of Advantech WebAccess/SCADA 9.0.1 installation. | 7.8 |