Vulnerabilities > Incorrect Default Permissions
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-03-11 | CVE-2020-9408 | Incorrect Default Permissions vulnerability in Tibco products The Spotfire library component of TIBCO Software Inc.'s TIBCO Spotfire Analytics Platform for AWS Marketplace and TIBCO Spotfire Server contains a vulnerability that theoretically allows an attacker with write permissions to the Spotfire Library, but not "Script Author" group permission, to modify attributes of files and objects saved to the library such that the system treats them as trusted. | 8.8 |
| 2020-03-09 | CVE-2020-5342 | Incorrect Default Permissions vulnerability in Dell Digital Delivery Dell Digital Delivery versions prior to 3.5.2015 contain an incorrect default permissions vulnerability. | 7.8 |
| 2020-03-03 | CVE-2019-19792 | Incorrect Default Permissions vulnerability in Eset Cyber Security A permissions issue in ESET Cyber Security before 6.8.300.0 for macOS allows a local attacker to escalate privileges by appending data to root-owned files. | 6.7 |
| 2020-02-27 | CVE-2020-3838 | Incorrect Default Permissions vulnerability in Apple products The issue was addressed with improved permissions logic. | 7.8 |
| 2020-02-22 | CVE-2020-9039 | Incorrect Default Permissions vulnerability in Couchbase Server Couchbase Server 4.0.0, 4.1.0, 4.1.1, 4.5.0, 4.5.1, 4.6.0 through 4.6.5, 5.0.0, 5.1.1, 5.5.0 and 5.5.1 have Insecure Permissions for the projector and indexer REST endpoints (they allow unauthenticated access).The /settings REST endpoint exposed by the projector process is an endpoint that administrators can use for various tasks such as updating configuration and collecting performance profiles. | 9.8 |
| 2020-02-13 | CVE-2020-0564 | Incorrect Default Permissions vulnerability in Intel Raid web Console 3 4.186/7.009.011.000 Improper permissions in the installer for Intel(R) RWC3 for Windows before version 7.010.009.000 may allow an authenticated user to potentially enable escalation of privilege via local access. | 7.8 |
| 2020-02-13 | CVE-2020-0562 | Incorrect Default Permissions vulnerability in Intel Raid web Console 2 Improper permissions in the installer for Intel(R) RWC2, all versions, may allow an authenticated user to potentially enable escalation of privilege via local access. | 7.8 |
| 2020-02-13 | CVE-2020-0560 | Incorrect Default Permissions vulnerability in Intel Renesas Electronics USB 3.0 Driver Improper permissions in the installer for the Intel(R) Renesas Electronics(R) USB 3.0 Driver, all versions, may allow an authenticated user to potentially enable escalation of privilege via local access. | 7.8 |
| 2020-02-13 | CVE-2019-2200 | Incorrect Default Permissions vulnerability in Google Android 10.0 In updatePermissions of PermissionManagerService.java, it may be possible for a malicious app to obtain a custom permission from another app due to a permission bypass. | 7.3 |
| 2020-02-12 | CVE-2020-2118 | Incorrect Default Permissions vulnerability in Jenkins Pipeline Github Notify Step A missing permission check in Jenkins Pipeline GitHub Notify Step Plugin 1.0.4 and earlier in form-related methods allowed users with Overall/Read access to enumerate credentials ID of credentials stored in Jenkins. | 4.3 |