Vulnerabilities > Incorrect Default Permissions

DATE CVE VULNERABILITY TITLE RISK
2020-04-15 CVE-2020-4274 Incorrect Default Permissions vulnerability in IBM Qradar Security Information and Event Manager
IBM QRadar 7.3.0 to 7.3.3 Patch 2 could allow an authenticated user to access data and perform unauthorized actions due to inadequate permission checks.
network
low complexity
ibm CWE-276
5.5
5.5
2020-04-15 CVE-2020-4270 Incorrect Default Permissions vulnerability in IBM Qradar Security Information and Event Manager
IBM QRadar 7.3.0 to 7.3.3 Patch 2 could allow a local user to gain escalated privileges due to weak file permissions.
local
low complexity
ibm CWE-276
4.6
4.6
2020-04-14 CVE-2019-14326 Incorrect Default Permissions vulnerability in Andyroid Andy OS 46.11.113
An issue was discovered in AndyOS Andy versions up to 46.11.113.
local
low complexity
andyroid CWE-276
7.2
7.2
2020-04-14 CVE-2020-7802 Incorrect Default Permissions vulnerability in S3India Husky RTU 6049-E70 Firmware 5.0
The Synergy Systems & Solutions (SSS) HUSKY RTU 6049-E70, with firmware Versions 5.0 and prior, has an Incorrect Default Permissions (CWE-276) vulnerability.
network
low complexity
s3india CWE-276
5.0
5.0
2020-04-13 CVE-2020-6456 Incorrect Default Permissions vulnerability in multiple products
Insufficient validation of untrusted input in clipboard in Google Chrome prior to 81.0.4044.92 allowed a local attacker to bypass site isolation via crafted clipboard contents.
network
low complexity
google debian fedoraproject opensuse CWE-276
6.5
6.5
2020-04-13 CVE-2020-6446 Incorrect Default Permissions vulnerability in multiple products
Insufficient policy enforcement in trusted types in Google Chrome prior to 81.0.4044.92 allowed a remote attacker to bypass content security policy via a crafted HTML page.
network
low complexity
google debian fedoraproject opensuse CWE-276
6.5
6.5
2020-04-13 CVE-2020-6445 Incorrect Default Permissions vulnerability in multiple products
Insufficient policy enforcement in trusted types in Google Chrome prior to 81.0.4044.92 allowed a remote attacker to bypass content security policy via a crafted HTML page.
network
low complexity
google debian fedoraproject opensuse CWE-276
6.5
6.5
2020-04-13 CVE-2020-6441 Incorrect Default Permissions vulnerability in multiple products
Insufficient policy enforcement in omnibox in Google Chrome prior to 81.0.4044.92 allowed a remote attacker to bypass security UI via a crafted HTML page.
network
low complexity
google debian fedoraproject opensuse CWE-276
4.3
4.3
2020-04-13 CVE-2020-6439 Incorrect Default Permissions vulnerability in multiple products
Insufficient policy enforcement in navigations in Google Chrome prior to 81.0.4044.92 allowed a remote attacker to bypass security UI via a crafted HTML page.
network
low complexity
google debian fedoraproject opensuse CWE-276
8.8
8.8
2020-04-13 CVE-2020-6431 Incorrect Default Permissions vulnerability in multiple products
Insufficient policy enforcement in full screen in Google Chrome prior to 81.0.4044.92 allowed a remote attacker to spoof security UI via a crafted HTML page.
network
low complexity
google debian fedoraproject opensuse CWE-276
4.3
4.3