Vulnerabilities > Incorrect Default Permissions
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-12-06 | CVE-2023-46773 | Incorrect Default Permissions vulnerability in Huawei Emui and Harmonyos Permission management vulnerability in the PMS module. | 9.8 |
| 2023-12-05 | CVE-2023-37572 | Incorrect Default Permissions vulnerability in Softing OPC Softing OPC Suite version 5.25 and before has Incorrect Access Control, allows attackers to obtain sensitive information via weak permissions in OSF_discovery service. | 7.5 |
| 2023-11-29 | CVE-2023-47462 | Incorrect Default Permissions vulnerability in Gl-Inet Gl-Ax1800 Firmware Insecure Permissions vulnerability in GL.iNet AX1800 v.3.215 and before allows a remote attacker to execute arbitrary code via the file sharing function. | 9.8 |
| 2023-11-27 | CVE-2023-42501 | Incorrect Default Permissions vulnerability in Apache Superset Unnecessary read permissions within the Gamma role would allow authenticated users to read configured CSS templates and annotations. This issue affects Apache Superset: before 2.1.2. Users should upgrade to version or above 2.1.2 and run `superset init` to reconstruct the Gamma role or remove `can_read` permission from the mentioned resources. | 4.3 |
| 2023-11-22 | CVE-2023-47250 | Incorrect Default Permissions vulnerability in M-Privacy Mprivacy-Tools, Rsbac-Policy-Tgpro and Tightgatevnc In mprivacy-tools before 2.0.406g in m-privacy TightGate-Pro Server, broken Access Control on X11 server sockets allows authenticated attackers (with access to a VNC session) to access the X11 desktops of other users by specifying their DISPLAY ID. | 8.8 |
| 2023-11-22 | CVE-2023-43081 | Incorrect Default Permissions vulnerability in Dell Powerprotect Agent for File System PowerProtect Agent for File System Version 19.14 and prior, contains an incorrect default permissions vulnerability in ddfscon component. | 3.3 |
| 2023-11-20 | CVE-2023-3116 | Incorrect Default Permissions vulnerability in Openatom Openharmony in OpenHarmony v3.2.2 and prior versions allow a local attacker get confidential information or rewrite sensitive file through incorrect default permissions. | 7.1 |
| 2023-11-20 | CVE-2023-42774 | Incorrect Default Permissions vulnerability in Openatom Openharmony in OpenHarmony v3.2.2 and prior versions allow a local attacker get confidential information through incorrect default permissions. | 5.5 |
| 2023-11-18 | CVE-2023-40363 | Incorrect Default Permissions vulnerability in IBM Infosphere Information Server 11.7 IBM InfoSphere Information Server 11.7 could allow an authenticated user to change installation files due to incorrect file permission settings. | 6.5 |
| 2023-11-17 | CVE-2023-48648 | Incorrect Default Permissions vulnerability in Concretecms Concrete CMS Concrete CMS before 8.5.13 and 9.x before 9.2.2 allows unauthorized access because directories can be created with insecure permissions. | 9.8 |