Vulnerabilities > Incorrect Default Permissions
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-02-05 | CVE-2020-8114 | Incorrect Default Permissions vulnerability in Gitlab GitLab EE 8.9 and later through 12.7.2 has Insecure Permission | 9.8 |
| 2020-02-05 | CVE-2020-7979 | Incorrect Default Permissions vulnerability in Gitlab GitLab EE 8.9 and later through 12.7.2 has Insecure Permission | 5.3 |
| 2020-01-30 | CVE-2020-5231 | Incorrect Default Permissions vulnerability in Apereo Opencast In Opencast before 7.6 and 8.1, users with the role ROLE_COURSE_ADMIN can use the user-utils endpoint to create new users not including the role ROLE_ADMIN. | 6.5 |
| 2020-01-27 | CVE-2014-7303 | Incorrect Default Permissions vulnerability in HP SGI Tempo SGI Tempo, as used on SGI ICE-X systems, uses weak permissions for certain files, which allows local users to obtain password hashes and possibly other unspecified sensitive information by reading etc/dbdump.db. | 7.8 |
| 2020-01-27 | CVE-2014-7302 | Incorrect Default Permissions vulnerability in HP SGI Tempo SGI Tempo, as used on SGI ICE-X systems, uses weak permissions for certain files, which allows local users to change the permissions of arbitrary files by executing /opt/sgi/sgimc/bin/vx. | 7.8 |
| 2020-01-27 | CVE-2014-7301 | Incorrect Default Permissions vulnerability in HP SGI Tempo SGI Tempo, as used on SGI ICE-X systems, uses weak permissions for certain files, which allows local users to obtain password hashes and possibly other unspecified sensitive information by reading /etc/odapw. | 6.6 |
| 2020-01-27 | CVE-2019-17103 | Incorrect Default Permissions vulnerability in Bitdefender Antivirus An Incorrect Default Permissions vulnerability in the BDLDaemon component of Bitdefender AV for Mac allows an attacker to elevate permissions to read protected directories. | 5.5 |
| 2020-01-24 | CVE-2019-18900 | Incorrect Default Permissions vulnerability in Opensuse Libzypp : Incorrect Default Permissions vulnerability in libzypp of SUSE CaaS Platform 3.0, SUSE Linux Enterprise Server 12, SUSE Linux Enterprise Server 15 allowed local attackers to read a cookie store used by libzypp, exposing private cookies. | 3.3 |
| 2020-01-24 | CVE-2019-3687 | Incorrect Default Permissions vulnerability in Suse Linux Enterprise Server The permission package in SUSE Linux Enterprise Server allowed all local users to run dumpcap in the "easy" permission profile and sniff network traffic. | 3.3 |
| 2020-01-23 | CVE-2019-19896 | Incorrect Default Permissions vulnerability in Ixpdata Easyinstall 6.2.13723 In IXP EasyInstall 6.2.13723, there is Remote Code Execution via weak permissions on the Engine Service share. | 9.9 |