Vulnerabilities > Incorrect Default Permissions
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-06-22 | CVE-2020-8903 | Incorrect Default Permissions vulnerability in multiple products A vulnerability in Google Cloud Platform's guest-oslogin versions between 20190304 and 20200507 allows a user that is only granted the role "roles/compute.osLogin" to escalate privileges to root. | 7.8 |
| 2020-06-22 | CVE-2020-3626 | Incorrect Default Permissions vulnerability in Qualcomm products Any application can bind to it and exercise the APIs due to no protection for AIDL uimlpaservice in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables in APQ8053, APQ8096AU, APQ8098, MSM8905, MSM8909W, MSM8917, MSM8920, MSM8937, MSM8940, MSM8953, MSM8996AU, MSM8998, Nicobar, QCA6574AU, QCS605, QM215, Rennell, Saipan, SDA660, SDM429, SDM429W, SDM439, SDM450, SDM630, SDM632, SDM636, SDM660, SDM670, SDM710, SDM845, SM6150, SM7150, SM8150, SM8250, SXR1130, SXR2130 | 7.8 |
| 2020-06-19 | CVE-2017-18915 | Incorrect Default Permissions vulnerability in Mattermost Server An issue was discovered in Mattermost Server before 3.8.2, 3.7.5, and 3.6.7. | 9.8 |
| 2020-06-19 | CVE-2019-20889 | Incorrect Default Permissions vulnerability in Mattermost Server An issue was discovered in Mattermost Server before 5.7, 5.6.3, 5.5.2, and 4.10.5. | 5.3 |
| 2020-06-19 | CVE-2019-20882 | Incorrect Default Permissions vulnerability in Mattermost Server An issue was discovered in Mattermost Server before 5.8.0. | 5.3 |
| 2020-06-19 | CVE-2020-14019 | Incorrect Default Permissions vulnerability in Rtslib-Fb Project Rtslib-Fb Open-iSCSI rtslib-fb through 2.1.72 has weak permissions for /etc/target/saveconfig.json because shutil.copyfile (instead of shutil.copy) is used, and thus permissions are not preserved. | 7.8 |
| 2020-06-17 | CVE-2019-9943 | Incorrect Default Permissions vulnerability in Openmicroscopy Omero.Server 5.6.0 In ome.services.graphs.GraphTraversal.findObjectDetails in Open Microscopy Environment OMERO.server 5.1.0 through 5.6.0, permissions on OMERO model objects may be circumvented during certain operations such as move and delete, because group permissions are mishandled. | 7.5 |
| 2020-06-15 | CVE-2020-14156 | Incorrect Default Permissions vulnerability in Openbmc-Project Openbmc user_channel/passwd_mgr.cpp in OpenBMC phosphor-host-ipmid before 2020-04-03 does not ensure that /etc/ipmi-pass has strong file permissions. | 8.8 |
| 2020-06-11 | CVE-2020-0215 | Incorrect Default Permissions vulnerability in Google Android In onCreate of ConfirmConnectActivity.java, there is a possible leak of Bluetooth information due to a permissions bypass. | 7.8 |
| 2020-06-11 | CVE-2020-0209 | Incorrect Default Permissions vulnerability in Google Android 10.0 In multiple functions of AccountManager.java, there is a possible permissions bypass. | 7.8 |