Vulnerabilities > Incorrect Default Permissions
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-05-26 | CVE-2021-33506 | Incorrect Default Permissions vulnerability in 8X8 Jitsi Meet jitsi-meet-prosody in Jitsi Meet before 2.0.5963-1 does not ensure that restrict_room_creation is set by default. | 7.5 |
| 2021-05-26 | CVE-2021-33038 | Incorrect Default Permissions vulnerability in multiple products An issue was discovered in management/commands/hyperkitty_import.py in HyperKitty through 1.3.4. | 7.5 |
| 2021-05-25 | CVE-2020-13599 | Incorrect Default Permissions vulnerability in Zephyrproject Zephyr Security problem with settings and littlefs. | 3.3 |
| 2021-05-25 | CVE-2020-9450 | Incorrect Default Permissions vulnerability in Acronis True Image 2020 24.5.22510 An issue was discovered in Acronis True Image 2020 24.5.22510. | 7.8 |
| 2021-05-25 | CVE-2020-9451 | Incorrect Default Permissions vulnerability in Acronis True Image 2020 24.5.22510 An issue was discovered in Acronis True Image 2020 24.5.22510. | 5.5 |
| 2021-05-24 | CVE-2020-28906 | Incorrect Default Permissions vulnerability in Nagios Fusion and Nagios XI Incorrect File Permissions in Nagios XI 5.7.5 and earlier and Nagios Fusion 4.1.8 and earlier allows for Privilege Escalation to root. | 8.8 |
| 2021-05-17 | CVE-2020-13667 | Incorrect Default Permissions vulnerability in Drupal Access bypass vulnerability in of Drupal Core Workspaces allows an attacker to access data without correct permissions. | 5.3 |
| 2021-05-17 | CVE-2021-29052 | Incorrect Default Permissions vulnerability in Liferay DXP and Liferay Portal The Data Engine module in Liferay Portal 7.3.0 through 7.3.5, and Liferay DXP 7.3 before fix pack 1 does not check permissions in DataDefinitionResourceImpl.getSiteDataDefinitionByContentTypeByDataDefinitionKey, which allows remote authenticated users to view DDMStructures via GET API calls. | 4.3 |
| 2021-05-13 | CVE-2020-21342 | Incorrect Default Permissions vulnerability in Zzcms 201910 Insecure permissions issue in zzcms 201910 via the reset any user password in /one/getpassword.php. | 7.5 |
| 2021-05-12 | CVE-2021-28649 | Incorrect Default Permissions vulnerability in Trendmicro Housecall for Home Networks 5.3.0.1063/5.3.1179 An incorrect permission vulnerability in the product installer for Trend Micro HouseCall for Home Networks version 5.3.1179 and below could allow an attacker to escalate privileges by placing arbitrary code on a specified folder and have that code be executed by an Administrator who is running a scan. | 7.3 |