Vulnerabilities > Incorrect Default Permissions
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-07-22 | CVE-2020-6527 | Incorrect Default Permissions vulnerability in multiple products Insufficient policy enforcement in CSP in Google Chrome prior to 84.0.4147.89 allowed a remote attacker to bypass content security policy via a crafted HTML page. | 4.3 |
| 2020-07-20 | CVE-2020-15852 | Incorrect Default Permissions vulnerability in multiple products An issue was discovered in the Linux kernel 5.5 through 5.7.9, as used in Xen through 4.13.x for x86 PV guests. | 7.8 |
| 2020-07-17 | CVE-2020-0122 | Incorrect Default Permissions vulnerability in Google Android In the permission declaration for com.google.android.providers.gsf.permission.WRITE_GSERVICES in AndroidManifest.xml, there is a possible permissions bypass. | 7.2 |
| 2020-07-17 | CVE-2020-0107 | Incorrect Default Permissions vulnerability in Google Android 10.0 In getUiccCardsInfo of PhoneInterfaceManager.java, there is a possible permissions bypass due to improper input validation. | 2.1 |
| 2020-07-15 | CVE-2020-6165 | Incorrect Default Permissions vulnerability in Silverstripe SilverStripe 4.5.0 allows attackers to read certain records that should not have been placed into a result set. | 5.0 |
| 2020-07-14 | CVE-2020-11955 | Incorrect Default Permissions vulnerability in Rittal products An issue was discovered on Rittal PDU-3C002DEC through 5.15.70 and CMCIII-PU-9333E0FB through 3.15.70 devices. | 9.0 |
| 2020-07-09 | CVE-2020-12415 | Incorrect Default Permissions vulnerability in multiple products When "%2F" was present in a manifest URL, Firefox's AppCache behavior may have become confused and allowed a manifest to be served from a subdirectory. | 6.5 |
| 2020-07-09 | CVE-2020-12424 | Incorrect Default Permissions vulnerability in multiple products When constructing a permission prompt for WebRTC, a URI was supplied from the content process. | 6.5 |
| 2020-07-08 | CVE-2020-5974 | Incorrect Default Permissions vulnerability in Nvidia Jetpack Software Development KIT 4.2/4.3 NVIDIA JetPack SDK, version 4.2 and 4.3, contains a vulnerability in its installation scripts in which permissions are incorrectly set on certain directories, which can lead to escalation of privileges. | 4.6 |
| 2020-07-07 | CVE-2020-15578 | Incorrect Default Permissions vulnerability in Google Android 8.0/8.1 An issue was discovered on Samsung mobile devices with O(8.x) software. | 2.1 |