Vulnerabilities > Incorrect Default Permissions

DATE CVE VULNERABILITY TITLE RISK
2023-11-16 CVE-2023-47335 Incorrect Default Permissions vulnerability in Autelrobotics EVO Nano Drone Firmware 1.6.5
Insecure permissions in the setNFZEnable function of Autel Robotics EVO Nano drone v1.6.5 allows attackers to breach the geo-fence and fly into no-fly zones.
low complexity
autelrobotics CWE-276
6.5
6.5
2023-11-14 CVE-2023-27305 Incorrect Default Permissions vulnerability in Intel ARC a Graphics and Iris XE Graphics
Incorrect default permissions in some Intel(R) Arc(TM) Control software before version 1.73.5335.2 may allow an authenticated user to potentially enable escalation of privilege via local access.
local
low complexity
intel CWE-276
7.8
7.8
2023-11-14 CVE-2023-32638 Incorrect Default Permissions vulnerability in Intel ARC RGB Controller 1.03
Incorrect default permissions in some Intel Arc RGB Controller software before version 1.06 may allow an authenticated user to potentially enable escalation of privilege via local access.
local
low complexity
intel CWE-276
7.8
7.8
2023-11-09 CVE-2023-46743 Incorrect Default Permissions vulnerability in Xwiki Application-Collabora
application-collabora is an integration of Collabora Online in XWiki.
network
low complexity
xwiki CWE-276
4.3
4.3
2023-11-03 CVE-2023-41726 Incorrect Default Permissions vulnerability in Ivanti Avalanche
Ivanti Avalanche Incorrect Default Permissions allows Local Privilege Escalation Vulnerability
local
low complexity
ivanti CWE-276
7.8
7.8
2023-11-03 CVE-2023-4091 Incorrect Default Permissions vulnerability in multiple products
A vulnerability was discovered in Samba, where the flaw allows SMB clients to truncate files, even with read-only permissions when the Samba VFS module "acl_xattr" is configured with "acl_xattr:ignore system acls = yes".
network
low complexity
samba fedoraproject redhat CWE-276
6.5
6.5
2023-10-30 CVE-2022-4575 Incorrect Default Permissions vulnerability in Lenovo products
A vulnerability due to improper write protection of UEFI variables was reported in the BIOS of some ThinkPad models could allow an attacker with physical or local access and elevated privileges the ability to bypass Secure Boot.
local
low complexity
lenovo CWE-276
6.7
6.7
2023-10-25 CVE-2023-3112 Incorrect Default Permissions vulnerability in Ellipticlabs AI Virtual Presence Sensor and Virtual Lock Sensor
A vulnerability was reported in Elliptic Labs Virtual Lock Sensor for ThinkPad T14 Gen 3 that could allow an attacker with local access to execute code with elevated privileges.
local
low complexity
ellipticlabs CWE-276
7.8
7.8
2023-10-25 CVE-2023-45990 Incorrect Default Permissions vulnerability in Wenwen-Ai Wenwenai CMS 1.0
Insecure Permissions vulnerability in WenwenaiCMS v.1.0 allows a remote attacker to escalate privileges.
network
low complexity
wenwen-ai CWE-276
8.0
8.0
2023-10-19 CVE-2022-42150 Incorrect Default Permissions vulnerability in Tinylab Cloud LAB and Linux LAB
TinyLab linux-lab v1.1-rc1 and cloud-labv0.8-rc2, v1.1-rc1 are vulnerable to insecure permissions.
network
low complexity
tinylab CWE-276
critical
 10.0
10