Vulnerabilities > Incorrect Default Permissions

DATE CVE VULNERABILITY TITLE RISK
2020-04-07 CVE-2017-18668 Incorrect Default Permissions vulnerability in Google Android 6.0
An issue was discovered on Samsung mobile devices with M(6.0) software.
network
low complexity
google CWE-276
7.5
7.5
2020-04-03 CVE-2020-7004 Incorrect Default Permissions vulnerability in Visam Vbase Editor and Vbase Web-Remote
VISAM VBASE Editor version 11.5.0.2 and VBASE Web-Remote Module may allow weak or insecure permissions on the VBASE directory resulting in elevation of privileges or malicious effects on the system the next time a privileged user runs the application.
local
low complexity
visam CWE-276
8.8
8.8
2020-04-02 CVE-2020-11444 Incorrect Default Permissions vulnerability in Sonatype Nexus
Sonatype Nexus Repository Manager 3.x up to and including 3.21.2 has Incorrect Access Control.
network
low complexity
sonatype CWE-276
8.8
8.8
2020-04-01 CVE-2019-3944 Incorrect Default Permissions vulnerability in Parrot Anafi Firmware
Parrot ANAFI is vulnerable to Wi-Fi deauthentication attack, allowing remote and unauthenticated attackers to disconnect drone from controller during mid-flight.
network
low complexity
parrot CWE-276
7.5
7.5
2020-03-30 CVE-2020-5551 Incorrect Default Permissions vulnerability in Toyota Display Control Unit
Toyota 2017 Model Year DCU (Display Control Unit) allows an unauthenticated attacker within Bluetooth range to cause a denial of service attack and/or execute an arbitrary command.
low complexity
toyota CWE-276
8.8
8.8
2020-03-27 CVE-2020-10939 Incorrect Default Permissions vulnerability in Phoenixcontact PC Worx SRT
Insecure, default path permissions in PHOENIX CONTACT PC WORX SRT through 1.14 allow for local privilege escalation.
local
low complexity
phoenixcontact CWE-276
7.8
7.8
2020-03-25 CVE-2020-3766 Incorrect Default Permissions vulnerability in Adobe Genuine Integrity Service 6.4
Adobe Genuine Integrity Service versions Version 6.4 and earlier have an insecure file permissions vulnerability.
local
low complexity
adobe CWE-276
7.8
7.8
2020-03-24 CVE-2019-20536 Incorrect Default Permissions vulnerability in Google Android
An issue was discovered on Samsung mobile devices with N(7.1), O(8.x), and P(9.0) (released in China) software.
network
low complexity
google CWE-276
critical
 9.8
9.8
2020-03-23 CVE-2020-9392 Incorrect Default Permissions vulnerability in Supsystic Pricing Table BY Supsystic 1.8.0/1.8.1
An issue was discovered in the pricing-table-by-supsystic plugin before 1.8.2 for WordPress.
network
low complexity
supsystic CWE-276
7.3
7.3
2020-03-23 CVE-2020-10660 Incorrect Default Permissions vulnerability in Hashicorp Vault
HashiCorp Vault and Vault Enterprise versions 0.9.0 through 1.3.3 may, under certain circumstances, have an Entity's Group membership inadvertently include Groups the Entity no longer has permissions to.
network
low complexity
hashicorp CWE-276
5.3
5.3