Vulnerabilities > Incorrect Default Permissions
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-10-23 | CVE-2019-14718 | Incorrect Default Permissions vulnerability in Verifone Mx900 Firmware 30251000 Verifone MX900 series Pinpad Payment Terminals with OS 30251000 have Insecure Permissions, with resultant svc_netcontrol arbitrary command injection and privilege escalation. | 6.7 |
| 2020-10-22 | CVE-2020-27665 | Incorrect Default Permissions vulnerability in Strapi In Strapi before 3.2.5, there is no admin::hasPermissions restriction for CTB (aka content-type-builder) routes. | 7.5 |
| 2020-10-21 | CVE-2020-17381 | Incorrect Default Permissions vulnerability in Ghisler Total Commander 9.51 An issue was discovered in Ghisler Total Commander 9.51. | 7.3 |
| 2020-09-24 | CVE-2020-15843 | Incorrect Default Permissions vulnerability in Actfax 7.10 ActFax Version 7.10 Build 0335 (2020-05-25) is susceptible to a privilege escalation vulnerability due to insecure folder permissions on %PROGRAMFILES%\ActiveFax\Client\, %PROGRAMFILES%\ActiveFax\Install\ and %PROGRAMFILES%\ActiveFax\Terminal\. | 7.3 |
| 2020-09-24 | CVE-2020-15850 | Incorrect Default Permissions vulnerability in Nakivo Backup & Replication Director 9.4.0.R43656 Insecure permissions in Nakivo Backup & Replication Director version 9.4.0.r43656 on Linux allow local users to access the Nakivo Director web interface and gain root privileges. | 7.8 |
| 2020-09-24 | CVE-2020-26088 | Incorrect Default Permissions vulnerability in multiple products A missing CAP_NET_RAW check in NFC socket creation in net/nfc/rawsock.c in the Linux kernel before 5.8.2 could be used by local attackers to create raw sockets, bypassing security mechanisms, aka CID-26896f01467a. | 5.5 |
| 2020-09-18 | CVE-2020-0294 | Incorrect Default Permissions vulnerability in Google Android 11.0 In bindWallpaperComponentLocked of WallpaperManagerService.java, there is a possible permission bypass due to an unsafe PendingIntent. | 5.5 |
| 2020-09-17 | CVE-2020-0374 | Incorrect Default Permissions vulnerability in Google Android 11.0 In NFC, there is a possible permission bypass due to an unsafe PendingIntent. | 7.8 |
| 2020-09-17 | CVE-2020-0275 | Incorrect Default Permissions vulnerability in Google Android 11.0 In MediaProvider, there is a possible way to access ContentResolver and MediaStore entries the app shouldn't have access to due to a permissions bypass. | 7.8 |
| 2020-09-17 | CVE-2020-0390 | Incorrect Default Permissions vulnerability in Google Android 10.0/11.0 In the app zygote SE Policy, there is a possible permissions bypass. | 5.5 |