Vulnerabilities > Incorrect Default Permissions
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-02-06 | CVE-2019-20106 | Incorrect Default Permissions vulnerability in Atlassian products Comment properties in Atlassian Jira Server and Data Center before version 7.13.12, from 8.0.0 before version 8.5.4, and 8.6.0 before version 8.6.1 allows remote attackers to make comments on a ticket to which they do not have commenting permissions via a broken access control bug. | 4.3 |
| 2020-02-05 | CVE-2020-7977 | Incorrect Default Permissions vulnerability in Gitlab GitLab EE 8.8 and later through 12.7.2 has Insecure Permissions. | 5.3 |
| 2020-02-05 | CVE-2020-7972 | Incorrect Default Permissions vulnerability in Gitlab GitLab EE 12.2 has Insecure Permissions (issue 2 of 2). | 7.5 |
| 2020-02-05 | CVE-2020-7967 | Incorrect Default Permissions vulnerability in Gitlab GitLab EE 8.0 through 12.7.2 has Insecure Permissions (issue 1 of 2). | 4.3 |
| 2020-02-05 | CVE-2020-8114 | Incorrect Default Permissions vulnerability in Gitlab GitLab EE 8.9 and later through 12.7.2 has Insecure Permission | 9.8 |
| 2020-02-05 | CVE-2020-7979 | Incorrect Default Permissions vulnerability in Gitlab GitLab EE 8.9 and later through 12.7.2 has Insecure Permission | 5.3 |
| 2020-01-30 | CVE-2020-5231 | Incorrect Default Permissions vulnerability in Apereo Opencast In Opencast before 7.6 and 8.1, users with the role ROLE_COURSE_ADMIN can use the user-utils endpoint to create new users not including the role ROLE_ADMIN. | 6.5 |
| 2020-01-27 | CVE-2014-7303 | Incorrect Default Permissions vulnerability in HP SGI Tempo SGI Tempo, as used on SGI ICE-X systems, uses weak permissions for certain files, which allows local users to obtain password hashes and possibly other unspecified sensitive information by reading etc/dbdump.db. | 7.8 |
| 2020-01-27 | CVE-2014-7302 | Incorrect Default Permissions vulnerability in HP SGI Tempo SGI Tempo, as used on SGI ICE-X systems, uses weak permissions for certain files, which allows local users to change the permissions of arbitrary files by executing /opt/sgi/sgimc/bin/vx. | 7.8 |
| 2020-01-27 | CVE-2014-7301 | Incorrect Default Permissions vulnerability in HP SGI Tempo SGI Tempo, as used on SGI ICE-X systems, uses weak permissions for certain files, which allows local users to obtain password hashes and possibly other unspecified sensitive information by reading /etc/odapw. | 6.6 |