Vulnerabilities > Incorrect Default Permissions
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-02-17 | CVE-2020-13551 | Incorrect Default Permissions vulnerability in Advantech Webaccess/Scada 9.0.1 An exploitable local privilege elevation vulnerability exists in the file system permissions of Advantech WebAccess/SCADA 9.0.1 installation. | 8.8 |
| 2021-02-17 | CVE-2020-8765 | Incorrect Default Permissions vulnerability in Intel Realsense Depth Camera Manager 1.5/2.2 Incorrect default permissions in the installer for the Intel(R) RealSense(TM) DCM may allow a privileged user to potentially enable escalation of privilege via local access. | 6.7 |
| 2021-02-17 | CVE-2020-8701 | Incorrect Default Permissions vulnerability in Intel Solid-State Drive Toolbox 1.0/3.3.6 Incorrect default permissions in installer for the Intel(R) SSD Toolbox versions before 2/9/2021 may allow a privileged user to potentially enable escalation of privilege via local access. | 6.7 |
| 2021-02-17 | CVE-2020-0524 | Incorrect Default Permissions vulnerability in Intel Ethernet Controller I210 Firmware Improper default permissions in the firmware for the Intel(R) Ethernet I210 Controller series of network adapters before version 3.30 may allow an authenticated user to potentially enable denial of service via local access. | 5.5 |
| 2021-02-17 | CVE-2021-20653 | Incorrect Default Permissions vulnerability in NEC products Calsos CSDJ (CSDJ-B 01.08.00 and earlier, CSDJ-H 01.08.00 and earlier, CSDJ-D 01.08.00 and earlier, and CSDJ-A 03.08.00 and earlier) allows remote attackers to bypass access restriction and to obtain unauthorized historical data without access privileges via unspecified vectors. | 5.3 |
| 2021-02-09 | CVE-2020-16144 | Incorrect Default Permissions vulnerability in Owncloud Files Antivirus When using an object storage like S3 as the file store, when a user creates a public link to a folder where anonymous users can upload files, and another user uploads a virus the files antivirus app would detect the virus but fails to delete it due to permission issues. | 5.7 |
| 2021-02-09 | CVE-2021-3394 | Incorrect Default Permissions vulnerability in Millewin 13.39.028/13.39.146.1/13.39.28.3342 Millennium Millewin (also known as "Cartella clinica") 13.39.028, 13.39.28.3342, and 13.39.146.1 has insecure folder permissions allowing a malicious user for a local privilege escalation. | 8.8 |
| 2021-02-08 | CVE-2021-21436 | Incorrect Default Permissions vulnerability in Otrs CIS in Customer Frontend 7.0.0/7.0.14 Agents are able to see and link Config Items without permissions, which are defined in General Catalog. | 4.3 |
| 2021-02-03 | CVE-2020-29582 | Incorrect Default Permissions vulnerability in multiple products In JetBrains Kotlin before 1.4.21, a vulnerable Java API was used for temporary file and folder creation. | 5.3 |
| 2021-02-03 | CVE-2020-25208 | Incorrect Default Permissions vulnerability in Jetbrains Youtrack In JetBrains YouTrack before 2020.4.4701, an attacker could enumerate users via the REST API without appropriate permissions. | 5.3 |