Vulnerabilities > Incorrect Default Permissions
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-07-15 | CVE-2020-6165 | Incorrect Default Permissions vulnerability in Silverstripe SilverStripe 4.5.0 allows attackers to read certain records that should not have been placed into a result set. | 5.3 |
| 2020-07-14 | CVE-2020-11955 | Incorrect Default Permissions vulnerability in Rittal products An issue was discovered on Rittal PDU-3C002DEC through 5.15.70 and CMCIII-PU-9333E0FB through 3.15.70 devices. | 8.8 |
| 2020-07-09 | CVE-2020-12415 | Incorrect Default Permissions vulnerability in multiple products When "%2F" was present in a manifest URL, Firefox's AppCache behavior may have become confused and allowed a manifest to be served from a subdirectory. | 6.5 |
| 2020-07-09 | CVE-2020-12424 | Incorrect Default Permissions vulnerability in multiple products When constructing a permission prompt for WebRTC, a URI was supplied from the content process. | 6.5 |
| 2020-07-08 | CVE-2020-5974 | Incorrect Default Permissions vulnerability in Nvidia Jetpack Software Development KIT 4.2/4.3 NVIDIA JetPack SDK, version 4.2 and 4.3, contains a vulnerability in its installation scripts in which permissions are incorrectly set on certain directories, which can lead to escalation of privileges. | 7.8 |
| 2020-07-07 | CVE-2020-15578 | Incorrect Default Permissions vulnerability in Google Android 8.0/8.1 An issue was discovered on Samsung mobile devices with O(8.x) software. | 5.5 |
| 2020-07-01 | CVE-2020-5906 | Incorrect Default Permissions vulnerability in F5 products In versions 13.1.0-13.1.3.3, 12.1.0-12.1.5.2, and 11.6.1-11.6.5.2, the BIG-IP system does not properly enforce the access controls for the scp.blacklist files. | 8.1 |
| 2020-06-26 | CVE-2020-15351 | Incorrect Default Permissions vulnerability in Idrive IDrive before 6.7.3.19 on Windows installs by default to %PROGRAMFILES(X86)%\IDriveWindows with weak folder permissions granting any user modify permission (i.e., NT AUTHORITY\Authenticated Users:(OI)(CI)(M)) to the contents of the directory and its sub-folders. | 7.8 |
| 2020-06-22 | CVE-2020-8933 | Incorrect Default Permissions vulnerability in multiple products A vulnerability in Google Cloud Platform's guest-oslogin versions between 20190304 and 20200507 allows a user that is only granted the role "roles/compute.osLogin" to escalate privileges to root. | 7.8 |
| 2020-06-22 | CVE-2020-8907 | Incorrect Default Permissions vulnerability in multiple products A vulnerability in Google Cloud Platform's guest-oslogin versions between 20190304 and 20200507 allows a user that is only granted the role "roles/compute.osLogin" to escalate privileges to root. | 7.8 |