Vulnerabilities > Incorrect Default Permissions
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-07-01 | CVE-2020-5906 | Incorrect Default Permissions vulnerability in F5 products In versions 13.1.0-13.1.3.3, 12.1.0-12.1.5.2, and 11.6.1-11.6.5.2, the BIG-IP system does not properly enforce the access controls for the scp.blacklist files. | 8.1 |
| 2020-06-26 | CVE-2020-15351 | Incorrect Default Permissions vulnerability in Idrive IDrive before 6.7.3.19 on Windows installs by default to %PROGRAMFILES(X86)%\IDriveWindows with weak folder permissions granting any user modify permission (i.e., NT AUTHORITY\Authenticated Users:(OI)(CI)(M)) to the contents of the directory and its sub-folders. | 7.8 |
| 2020-06-22 | CVE-2020-8933 | Incorrect Default Permissions vulnerability in multiple products A vulnerability in Google Cloud Platform's guest-oslogin versions between 20190304 and 20200507 allows a user that is only granted the role "roles/compute.osLogin" to escalate privileges to root. | 7.8 |
| 2020-06-22 | CVE-2020-8907 | Incorrect Default Permissions vulnerability in multiple products A vulnerability in Google Cloud Platform's guest-oslogin versions between 20190304 and 20200507 allows a user that is only granted the role "roles/compute.osLogin" to escalate privileges to root. | 7.8 |
| 2020-06-22 | CVE-2020-8903 | Incorrect Default Permissions vulnerability in multiple products A vulnerability in Google Cloud Platform's guest-oslogin versions between 20190304 and 20200507 allows a user that is only granted the role "roles/compute.osLogin" to escalate privileges to root. | 7.8 |
| 2020-06-22 | CVE-2020-3626 | Incorrect Default Permissions vulnerability in Qualcomm products Any application can bind to it and exercise the APIs due to no protection for AIDL uimlpaservice in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables in APQ8053, APQ8096AU, APQ8098, MSM8905, MSM8909W, MSM8917, MSM8920, MSM8937, MSM8940, MSM8953, MSM8996AU, MSM8998, Nicobar, QCA6574AU, QCS605, QM215, Rennell, Saipan, SDA660, SDM429, SDM429W, SDM439, SDM450, SDM630, SDM632, SDM636, SDM660, SDM670, SDM710, SDM845, SM6150, SM7150, SM8150, SM8250, SXR1130, SXR2130 | 7.8 |
| 2020-06-19 | CVE-2017-18915 | Incorrect Default Permissions vulnerability in Mattermost Server An issue was discovered in Mattermost Server before 3.8.2, 3.7.5, and 3.6.7. | 9.8 |
| 2020-06-19 | CVE-2019-20889 | Incorrect Default Permissions vulnerability in Mattermost Server An issue was discovered in Mattermost Server before 5.7, 5.6.3, 5.5.2, and 4.10.5. | 5.3 |
| 2020-06-19 | CVE-2019-20882 | Incorrect Default Permissions vulnerability in Mattermost Server An issue was discovered in Mattermost Server before 5.8.0. | 5.3 |
| 2020-06-19 | CVE-2020-14019 | Incorrect Default Permissions vulnerability in Rtslib-Fb Project Rtslib-Fb Open-iSCSI rtslib-fb through 2.1.72 has weak permissions for /etc/target/saveconfig.json because shutil.copyfile (instead of shutil.copy) is used, and thus permissions are not preserved. | 7.8 |