Vulnerabilities > Incorrect Default Permissions
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-04-22 | CVE-2020-11692 | Incorrect Default Permissions vulnerability in Jetbrains Youtrack In JetBrains YouTrack before 2020.1.659, DB export was accessible to read-only administrators. | 2.7 |
| 2020-04-22 | CVE-2020-11689 | Incorrect Default Permissions vulnerability in Jetbrains Teamcity In JetBrains TeamCity before 2019.2.1, a user without appropriate permissions was able to import settings from the settings.kts file. | 6.5 |
| 2020-04-15 | CVE-2020-0547 | Incorrect Default Permissions vulnerability in Intel Data Migration 3.3 Incorrect default permissions in the installer for Intel(R) Data Migration Software versions 3.3 and earlier may allow an authenticated user to potentially enable escalation of privilege via local access. | 7.8 |
| 2020-04-15 | CVE-2020-4274 | Incorrect Default Permissions vulnerability in IBM Qradar Security Information and Event Manager IBM QRadar 7.3.0 to 7.3.3 Patch 2 could allow an authenticated user to access data and perform unauthorized actions due to inadequate permission checks. | 5.4 |
| 2020-04-15 | CVE-2020-4270 | Incorrect Default Permissions vulnerability in IBM Qradar Security Information and Event Manager IBM QRadar 7.3.0 to 7.3.3 Patch 2 could allow a local user to gain escalated privileges due to weak file permissions. | 7.8 |
| 2020-04-14 | CVE-2019-14326 | Incorrect Default Permissions vulnerability in Andyroid Andy OS 46.11.113 An issue was discovered in AndyOS Andy versions up to 46.11.113. | 7.8 |
| 2020-04-14 | CVE-2020-7802 | Incorrect Default Permissions vulnerability in S3India Husky RTU 6049-E70 Firmware 5.0 The Synergy Systems & Solutions (SSS) HUSKY RTU 6049-E70, with firmware Versions 5.0 and prior, has an Incorrect Default Permissions (CWE-276) vulnerability. | 5.3 |
| 2020-04-13 | CVE-2020-6456 | Incorrect Default Permissions vulnerability in multiple products Insufficient validation of untrusted input in clipboard in Google Chrome prior to 81.0.4044.92 allowed a local attacker to bypass site isolation via crafted clipboard contents. | 6.5 |
| 2020-04-13 | CVE-2020-6446 | Incorrect Default Permissions vulnerability in multiple products Insufficient policy enforcement in trusted types in Google Chrome prior to 81.0.4044.92 allowed a remote attacker to bypass content security policy via a crafted HTML page. | 6.5 |
| 2020-04-13 | CVE-2020-6445 | Incorrect Default Permissions vulnerability in multiple products Insufficient policy enforcement in trusted types in Google Chrome prior to 81.0.4044.92 allowed a remote attacker to bypass content security policy via a crafted HTML page. | 6.5 |