Vulnerabilities > Incorrect Default Permissions
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-11-19 | CVE-2020-12510 | Incorrect Default Permissions vulnerability in Beckhoff Twincat Extended Automation Runtime 3.1 The default installation path of the TwinCAT XAR 3.1 software in all versions is underneath C:\TwinCAT. | 7.3 |
| 2020-11-17 | CVE-2020-13351 | Incorrect Default Permissions vulnerability in Gitlab Insufficient permission checks in scheduled pipeline API in GitLab CE/EE 13.0+ allows an attacker to read variable names and values for scheduled pipelines on projects visible to the attacker. | 6.5 |
| 2020-11-12 | CVE-2020-24460 | Incorrect Default Permissions vulnerability in Intel Driver & Support Assistant Incorrect default permissions in the Intel(R) DSA before version 20.8.30.6 may allow an authenticated user to potentially enable denial of service via local access. | 5.5 |
| 2020-11-12 | CVE-2020-24456 | Incorrect Default Permissions vulnerability in Intel Board ID Tool 1.01 Incorrect default permissions in the Intel(R) Board ID Tool version v.1.01 may allow an authenticated user to potentially enable escalation of privilege via local access. | 7.8 |
| 2020-11-12 | CVE-2020-12346 | Incorrect Default Permissions vulnerability in Intel Battery Life Diagnostic Tool Improper permissions in the installer for the Intel(R) Battery Life Diagnostic Tool before version 1.0.7 may allow an authenticated user to potentially enable escalation of privilege via local access. | 7.8 |
| 2020-11-12 | CVE-2020-13770 | Incorrect Default Permissions vulnerability in Ivanti Endpoint Manager Several services are accessing named pipes in Ivanti Endpoint Manager through 2020.1.1 with default or overly permissive security attributes; as these services run as user ‘NT AUTHORITY\SYSTEM’, the issue can be used to escalate privileges from a local standard or service account having SeImpersonatePrivilege (eg. | 7.8 |
| 2020-11-12 | CVE-2020-12354 | Incorrect Default Permissions vulnerability in Intel Active Management Technology Software Development KIT Incorrect default permissions in Windows(R) installer in Intel(R) AMT SDK versions before 14.0.0.1 may allow an authenticated user to potentially enable escalation of privilege via local access. | 7.8 |
| 2020-11-12 | CVE-2020-12307 | Incorrect Default Permissions vulnerability in Intel High Definition Audio Driver Improper permissions in some Intel(R) High Definition Audio drivers before version 9.21.00.4561 may allow an authenticated user to potentially enable escalation of privilege via local access. | 7.8 |
| 2020-11-12 | CVE-2020-12306 | Incorrect Default Permissions vulnerability in Intel Realsense D400 Series Dynamic Calibration Tool Incorrect default permissions in the Intel(R) RealSense(TM) D400 Series Dynamic Calibration Tool before version 2.11, may allow an authenticated user to potentially enable escalation of privilege via local access. | 7.8 |
| 2020-11-10 | CVE-2020-26809 | Incorrect Default Permissions vulnerability in SAP Commerce Cloud SAP Commerce Cloud, versions- 1808,1811,1905,2005, allows an attacker to bypass existing authentication and permission checks via the '/medias' endpoint hence gaining access to Secure Media folders. | 5.3 |