Vulnerabilities > Incorrect Default Permissions

DATE CVE VULNERABILITY TITLE RISK
2024-07-16 CVE-2024-3779 Incorrect Default Permissions vulnerability in Eset products
Denial of service vulnerability present shortly after product installation or upgrade, potentially allowed an attacker to render ESET’s security product inoperable, provided non-default preconditions were met.
local
low complexity
eset CWE-276
5.5
5.5
2024-07-09 CVE-2024-31312 Incorrect Default Permissions vulnerability in Google Android
In multiple locations, there is a possible information leak due to a missing permission check.
local
low complexity
google CWE-276
5.5
5.5
2024-07-09 CVE-2024-22062 Incorrect Default Permissions vulnerability in ZTE Zxcloud Irai
There is a permissions and access control vulnerability in ZXCLOUD IRAI.An attacker can elevate non-administrator permissions to administrator permissions by modifying the configuration.
local
low complexity
zte CWE-276
8.8
8.8
2024-06-12 CVE-2024-37038 Incorrect Default Permissions vulnerability in Schneider-Electric Sage RTU Firmware
CWE-276: Incorrect Default Permissions vulnerability exists that could allow an authenticated user with access to the device’s web interface to perform unauthorized file and firmware uploads when crafting custom web requests.
network
low complexity
schneider-electric CWE-276
8.8
8.8
2024-05-16 CVE-2023-24460 Incorrect Default Permissions vulnerability in Intel Graphics Performance Analyzers
Incorrect default permissions in some Intel(R) GPA software installers before version 2023.3 may allow an authenticated user to potentially enable escalation of privilege via local access.
local
low complexity
intel CWE-276
7.8
7.8
2024-05-16 CVE-2023-43629 Incorrect Default Permissions vulnerability in Intel Graphics Performance Analyzers
Incorrect default permissions in some Intel(R) GPA software installers before version 2023.3 may allow an authenticated user to potentially enable escalation of privilege via local access.
local
low complexity
intel CWE-276
7.8
7.8
2024-04-19 CVE-2024-29962 Incorrect Default Permissions vulnerability in Broadcom Brocade Sannav
Brocade SANnav OVA before v2.3.1 and v2.3.0a have an insecure file permission setting that makes files world-readable.
local
low complexity
broadcom CWE-276
5.5
5.5
2024-04-19 CVE-2024-29967 Incorrect Default Permissions vulnerability in Broadcom Brocade Sannav
In Brocade SANnav before Brocade SANnav v2.31 and v2.3.0a, it was observed that Docker instances inside the appliance have insecure mount points, allowing reading and writing access to sensitive files.
local
low complexity
broadcom CWE-276
6.0
6.0
2024-03-08 CVE-2024-23201 Incorrect Default Permissions vulnerability in Apple products
A permissions issue was addressed with additional restrictions.
local
low complexity
apple CWE-276
5.5
5.5
2024-03-08 CVE-2024-23253 Incorrect Default Permissions vulnerability in Apple Macos
A permissions issue was addressed with additional restrictions.
local
low complexity
apple CWE-276
3.3
3.3