Vulnerabilities > Incorrect Default Permissions
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-06-03 | CVE-2020-2191 | Incorrect Default Permissions vulnerability in Jenkins Self-Organizing Swarm Modules Jenkins Self-Organizing Swarm Plug-in Modules Plugin 3.20 and earlier does not check permissions on API endpoints that allow adding and removing agent labels. | 4.3 |
| 2020-05-21 | CVE-2017-18868 | Incorrect Default Permissions vulnerability in Digi Xbee 2 Firmware Digi XBee 2 devices do not have an effective protection mechanism against remote AT commands, because of issues related to the network stack upon which the ZigBee protocol is built. | 7.7 |
| 2020-05-21 | CVE-2020-6488 | Incorrect Default Permissions vulnerability in multiple products Insufficient policy enforcement in downloads in Google Chrome prior to 83.0.4103.61 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page. | 4.3 |
| 2020-05-21 | CVE-2020-6487 | Incorrect Default Permissions vulnerability in multiple products Insufficient policy enforcement in downloads in Google Chrome prior to 83.0.4103.61 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page. | 6.5 |
| 2020-05-21 | CVE-2020-6484 | Incorrect Default Permissions vulnerability in multiple products Insufficient data validation in ChromeDriver in Google Chrome prior to 83.0.4103.61 allowed a remote attacker to bypass navigation restrictions via a crafted request. | 6.5 |
| 2020-05-21 | CVE-2020-6483 | Incorrect Default Permissions vulnerability in multiple products Insufficient policy enforcement in payments in Google Chrome prior to 83.0.4103.61 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page. | 6.5 |
| 2020-05-21 | CVE-2020-6482 | Incorrect Default Permissions vulnerability in multiple products Insufficient policy enforcement in developer tools in Google Chrome prior to 83.0.4103.61 allowed an attacker who convinced a user to install a malicious extension to bypass navigation restrictions via a crafted Chrome Extension. | 6.5 |
| 2020-05-21 | CVE-2020-6480 | Incorrect Default Permissions vulnerability in multiple products Insufficient policy enforcement in enterprise in Google Chrome prior to 83.0.4103.61 allowed a local attacker to bypass navigation restrictions via UI actions. | 6.5 |
| 2020-05-21 | CVE-2020-6476 | Incorrect Default Permissions vulnerability in multiple products Insufficient policy enforcement in tab strip in Google Chrome prior to 83.0.4103.61 allowed an attacker who convinced a user to install a malicious extension to bypass navigation restrictions via a crafted Chrome Extension. | 6.5 |
| 2020-05-21 | CVE-2020-6471 | Incorrect Default Permissions vulnerability in multiple products Insufficient policy enforcement in developer tools in Google Chrome prior to 83.0.4103.61 allowed an attacker who convinced a user to install a malicious extension to potentially perform a sandbox escape via a crafted Chrome Extension. | 9.6 |