Vulnerabilities > Incorrect Default Permissions
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-09-01 | CVE-2020-24584 | Incorrect Default Permissions vulnerability in multiple products An issue was discovered in Django 2.2 before 2.2.16, 3.0 before 3.0.10, and 3.1 before 3.1.1 (when Python 3.7+ is used). | 7.5 |
| 2020-09-01 | CVE-2020-24583 | Incorrect Default Permissions vulnerability in multiple products An issue was discovered in Django 2.2 before 2.2.16, 3.0 before 3.0.10, and 3.1 before 3.1.1 (when Python 3.7+ is used). | 7.5 |
| 2020-08-31 | CVE-2020-13468 | Incorrect Default Permissions vulnerability in Gigadevice Gd32F130 Firmware Gigadevice GD32F130 devices allow physical attackers to escalate their debug interface permissions via fault injection into inter-IC bonding wires (which have insufficient physical protection). | 6.8 |
| 2020-08-27 | CVE-2020-24717 | Incorrect Default Permissions vulnerability in Openzfs OpenZFS before 2.0.0-rc1, when used on FreeBSD, misinterprets group permissions as user permissions, as demonstrated by mode 0770 being equivalent to mode 0777. | 7.8 |
| 2020-08-26 | CVE-2020-3485 | Incorrect Default Permissions vulnerability in Cisco Vision Dynamic Signage Director 6.2.0 A vulnerability in the role-based access control (RBAC) functionality of the web management software of Cisco Vision Dynamic Signage Director could allow an authenticated, remote attacker to access resources that they should not be able to access and perform actions that they should not be able to perform. | 6.3 |
| 2020-08-26 | CVE-2020-3484 | Incorrect Default Permissions vulnerability in Cisco Vision Dynamic Signage Director 6.2(0) A vulnerability in the web-based management interface of Cisco Vision Dynamic Signage Director could allow an unauthenticated, remote attacker to view potentially sensitive information on an affected device. | 5.3 |
| 2020-08-26 | CVE-2020-3152 | Incorrect Default Permissions vulnerability in Cisco Connected Mobile Experiences 10.6.0/10.6.1/10.6.2 A vulnerability in Cisco Connected Mobile Experiences (CMX) could allow an authenticated, local attacker with administrative credentials to execute arbitrary commands with root privileges. | 6.7 |
| 2020-08-25 | CVE-2020-7824 | Incorrect Default Permissions vulnerability in Ericssonlg Ipecs A vulnerability in the web-based management interface of iPECS could allow an authenticated, remote attacker to get administrator permission. | 6.5 |
| 2020-08-13 | CVE-2020-8763 | Incorrect Default Permissions vulnerability in Intel products Improper permissions in the installer for the Intel(R) RealSense(TM) D400 Series UWP driver for Windows* 10 may allow an authenticated user to potentially enable escalation of privilege via local access. | 7.8 |
| 2020-08-13 | CVE-2020-8743 | Incorrect Default Permissions vulnerability in Intel Mailbox Interface Driver Improper permissions in the installer for the Intel(R) Mailbox Interface driver, all versions, may allow an authenticated user to potentially enable escalation of privilege via local access. | 7.8 |