Vulnerabilities > Incorrect Default Permissions
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-03-30 | CVE-2020-5551 | Incorrect Default Permissions vulnerability in Toyota Display Control Unit Toyota 2017 Model Year DCU (Display Control Unit) allows an unauthenticated attacker within Bluetooth range to cause a denial of service attack and/or execute an arbitrary command. | 8.8 |
| 2020-03-27 | CVE-2020-10939 | Incorrect Default Permissions vulnerability in Phoenixcontact PC Worx SRT Insecure, default path permissions in PHOENIX CONTACT PC WORX SRT through 1.14 allow for local privilege escalation. | 7.8 |
| 2020-03-25 | CVE-2020-3766 | Incorrect Default Permissions vulnerability in Adobe Genuine Integrity Service 6.4 Adobe Genuine Integrity Service versions Version 6.4 and earlier have an insecure file permissions vulnerability. | 7.8 |
| 2020-03-24 | CVE-2019-20536 | Incorrect Default Permissions vulnerability in Google Android An issue was discovered on Samsung mobile devices with N(7.1), O(8.x), and P(9.0) (released in China) software. | 9.8 |
| 2020-03-23 | CVE-2020-9392 | Incorrect Default Permissions vulnerability in Supsystic Pricing Table BY Supsystic 1.8.0/1.8.1 An issue was discovered in the pricing-table-by-supsystic plugin before 1.8.2 for WordPress. | 7.3 |
| 2020-03-23 | CVE-2020-10660 | Incorrect Default Permissions vulnerability in Hashicorp Vault HashiCorp Vault and Vault Enterprise versions 0.9.0 through 1.3.3 may, under certain circumstances, have an Entity's Group membership inadvertently include Groups the Entity no longer has permissions to. | 5.3 |
| 2020-03-20 | CVE-2020-10792 | Incorrect Default Permissions vulnerability in It-Novum Openitcockpit openITCOCKPIT through 3.7.2 allows remote attackers to configure the self::DEVELOPMENT or self::STAGING option by placing a hostname containing "dev" or "staging" in the HTTP Host header. | 7.5 |
| 2020-03-19 | CVE-2019-16061 | Incorrect Default Permissions vulnerability in Netsas Enigma Network Management Solution A number of files on the NETSAS Enigma NMS server 65.0.0 and prior are granted weak world-readable and world-writable permissions, allowing any low privileged user with access to the system to read sensitive data (e.g., .htpasswd) and create/modify/delete content (e.g., under /var/www/html/docs) within the operating system. | 8.8 |
| 2020-03-19 | CVE-2014-2723 | Incorrect Default Permissions vulnerability in Fortinet products In FortiBalancer 400, 1000, 2000 and 3000, a platform-specific remote access vulnerability has been discovered that may allow a remote user to gain privileged access to affected systems using SSH. | 8.8 |
| 2020-03-19 | CVE-2014-2722 | Incorrect Default Permissions vulnerability in Fortinet products In FortiBalancer 400, 1000, 2000 and 3000, a platform-specific remote access vulnerability has been discovered that may allow a remote user to gain privileged access to affected systems using SSH. | 8.8 |