Vulnerabilities > Incorrect Default Permissions
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-02-01 | CVE-2019-20468 | Incorrect Default Permissions vulnerability in Tk-Star Q90 Junior GPS Horloge Firmware 3.1042.9.8656 An issue was discovered in SeTracker2 for TK-Star Q90 Junior GPS horloge 3.1042.9.8656 devices. | 9.8 |
| 2021-01-26 | CVE-2020-26941 | Incorrect Default Permissions vulnerability in Eset products A local (authenticated) low-privileged user can exploit a behavior in an ESET installer to achieve arbitrary file overwrite (deletion) of any file via a symlink, due to insecure permissions. | 5.5 |
| 2021-01-19 | CVE-2020-11997 | Incorrect Default Permissions vulnerability in Apache Guacamole Apache Guacamole 1.2.0 and earlier do not consistently restrict access to connection history based on user visibility. | 4.3 |
| 2021-01-11 | CVE-2020-13922 | Incorrect Default Permissions vulnerability in Apache Dolphinscheduler 1.2.0/1.2.1/1.3.1 Versions of Apache DolphinScheduler prior to 1.3.2 allowed an ordinary user under any tenant to override another users password through the API interface. | 6.5 |
| 2021-01-08 | CVE-2021-1056 | Incorrect Default Permissions vulnerability in multiple products NVIDIA GPU Display Driver for Linux, all versions, contains a vulnerability in the kernel mode layer (nvidia.ko) in which it does not completely honor operating system file system permissions to provide GPU device-level isolation, which may lead to denial of service or information disclosure. | 7.1 |
| 2021-01-07 | CVE-2020-13452 | Incorrect Default Permissions vulnerability in Thecodingmachine Gotenberg In Gotenberg through 6.2.1, insecure permissions for tini (writable by user gotenberg) potentially allow an attacker to overwrite the file, which can lead to denial of service or code execution. | 9.8 |
| 2021-01-05 | CVE-2020-13541 | Incorrect Default Permissions vulnerability in Win911 Mobile-911 Server 2.5 An exploitable local privilege elevation vulnerability exists in the file system permissions of the Mobile-911 Server V2.5 install directory. | 8.8 |
| 2021-01-05 | CVE-2020-13540 | Incorrect Default Permissions vulnerability in Win911 Win-911 4.20.13 An exploitable local privilege elevation vulnerability exists in the file system permissions of the Win-911 Enterprise V4.20.13 install directory via WIN-911 Account Change Utility. | 7.8 |
| 2021-01-05 | CVE-2020-13539 | Incorrect Default Permissions vulnerability in Win911 Win-911 4.20.13 An exploitable local privilege elevation vulnerability exists in the file system permissions of the Win-911 Enterprise V4.20.13 install directory via “WIN-911 Mobile Runtime” service. | 7.8 |
| 2021-01-04 | CVE-2020-29492 | Incorrect Default Permissions vulnerability in Dell Wyse Thinos 8.6 Dell Wyse ThinOS 8.6 and prior versions contain an insecure default configuration vulnerability. | 10.0 |