Vulnerabilities > Incorrect Default Permissions
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-06-09 | CVE-2020-9817 | Incorrect Default Permissions vulnerability in Apple mac OS X A permissions issue existed. | 7.8 |
| 2020-06-08 | CVE-2020-13885 | Incorrect Default Permissions vulnerability in Citrix Workspace APP 1909/1911/2002 Citrix Workspace App before 1912 on Windows has Insecure Permissions which allows local users to gain privileges during the uninstallation of the application. | 7.8 |
| 2020-06-08 | CVE-2020-13884 | Incorrect Default Permissions vulnerability in Citrix Workspace APP 1909/1911/2002 Citrix Workspace App before 1912 on Windows has Insecure Permissions and an Unquoted Path vulnerability which allows local users to gain privileges during the uninstallation of the application. | 7.8 |
| 2020-06-08 | CVE-2020-8954 | Incorrect Default Permissions vulnerability in Openbrowser Project Openbrowser 1.0.4.9 OpenSearch Web browser 1.0.4.9 allows Intent Scheme Hijacking.[a link that opens another app in the browser can be manipulated] | 5.4 |
| 2020-06-08 | CVE-2020-12695 | Incorrect Default Permissions vulnerability in multiple products The Open Connectivity Foundation UPnP specification before 2020-04-17 does not forbid the acceptance of a subscription request with a delivery URL on a different network segment than the fully qualified event-subscription URL, aka the CallStranger issue. | 7.5 |
| 2020-06-07 | CVE-2020-13894 | Incorrect Default Permissions vulnerability in Dext5 2.7.1402870/3.5.1402961 handler/upload_handler.jsp in DEXT5 Editor through 3.5.1402961 allows an attacker to download arbitrary files via the savefilepath field. | 7.5 |
| 2020-06-05 | CVE-2020-13867 | Incorrect Default Permissions vulnerability in multiple products Open-iSCSI targetcli-fb through 2.1.52 has weak permissions for /etc/target (and for the backup directory and backup files). | 5.5 |
| 2020-06-03 | CVE-2020-6504 | Incorrect Default Permissions vulnerability in Google Chrome Insufficient policy enforcement in notifications in Google Chrome prior to 74.0.3729.108 allowed a remote attacker to bypass notification restrictions via a crafted HTML page. | 4.3 |
| 2020-06-03 | CVE-2020-6502 | Incorrect Default Permissions vulnerability in Google Chrome Incorrect implementation in permissions in Google Chrome prior to 80.0.3987.87 allowed a remote attacker to spoof security UI via a crafted HTML page. | 6.5 |
| 2020-06-03 | CVE-2020-6501 | Incorrect Default Permissions vulnerability in Google Chrome Insufficient policy enforcement in CSP in Google Chrome prior to 80.0.3987.87 allowed a remote attacker to bypass content security policy via a crafted HTML page. | 6.5 |