Vulnerabilities > Incorrect Default Permissions
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-02-13 | CVE-2020-0562 | Incorrect Default Permissions vulnerability in Intel Raid web Console 2 Improper permissions in the installer for Intel(R) RWC2, all versions, may allow an authenticated user to potentially enable escalation of privilege via local access. | 7.8 |
| 2020-02-13 | CVE-2020-0560 | Incorrect Default Permissions vulnerability in Intel Renesas Electronics USB 3.0 Driver Improper permissions in the installer for the Intel(R) Renesas Electronics(R) USB 3.0 Driver, all versions, may allow an authenticated user to potentially enable escalation of privilege via local access. | 7.8 |
| 2020-02-13 | CVE-2019-2200 | Incorrect Default Permissions vulnerability in Google Android 10.0 In updatePermissions of PermissionManagerService.java, it may be possible for a malicious app to obtain a custom permission from another app due to a permission bypass. | 7.3 |
| 2020-02-12 | CVE-2020-2118 | Incorrect Default Permissions vulnerability in Jenkins Pipeline Github Notify Step A missing permission check in Jenkins Pipeline GitHub Notify Step Plugin 1.0.4 and earlier in form-related methods allowed users with Overall/Read access to enumerate credentials ID of credentials stored in Jenkins. | 4.3 |
| 2020-02-12 | CVE-2020-2117 | Incorrect Default Permissions vulnerability in Jenkins Pipeline Github Notify Step A missing permission check in Jenkins Pipeline GitHub Notify Step Plugin 1.0.4 and earlier allows attackers with Overall/Read permission to connect to an attacker-specified URL using attacker-specified credentials IDs obtained through another method, capturing credentials stored in Jenkins. | 4.3 |
| 2020-02-07 | CVE-2019-14002 | Incorrect Default Permissions vulnerability in Qualcomm products APKs without proper permission may bind to CallEnhancementService and can lead to unauthorized access to call status in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables in APQ8053, APQ8096AU, APQ8098, MSM8909W, MSM8917, MSM8920, MSM8937, MSM8940, MSM8953, MSM8996AU, Nicobar, QCA6574AU, QCS605, QM215, SA6155P, SDA660, SDM429, SDM429W, SDM439, SDM450, SDM630, SDM632, SDM636, SDM660, SDM845, SM6150, SM8150, SM8250, SXR2130 | 7.8 |
| 2020-02-06 | CVE-2019-20106 | Incorrect Default Permissions vulnerability in Atlassian products Comment properties in Atlassian Jira Server and Data Center before version 7.13.12, from 8.0.0 before version 8.5.4, and 8.6.0 before version 8.6.1 allows remote attackers to make comments on a ticket to which they do not have commenting permissions via a broken access control bug. | 4.3 |
| 2020-02-05 | CVE-2020-7977 | Incorrect Default Permissions vulnerability in Gitlab GitLab EE 8.8 and later through 12.7.2 has Insecure Permissions. | 5.3 |
| 2020-02-05 | CVE-2020-7972 | Incorrect Default Permissions vulnerability in Gitlab GitLab EE 12.2 has Insecure Permissions (issue 2 of 2). | 7.5 |
| 2020-02-05 | CVE-2020-7967 | Incorrect Default Permissions vulnerability in Gitlab GitLab EE 8.0 through 12.7.2 has Insecure Permissions (issue 1 of 2). | 4.3 |