Vulnerabilities > Incorrect Default Permissions
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-11-26 | CVE-2018-17860 | Incorrect Default Permissions vulnerability in Cloudera CDH Cloudera CDH has Insecure Permissions because ALL cannot be revoked.This affects 5.x through 5.15.1 and 6.x through 6.0.1. | 7.2 |
| 2019-11-25 | CVE-2018-2025 | Incorrect Default Permissions vulnerability in IBM products IBM Spectrum Protect Backup-Archive Client and IBM Spectrum Protect for Virtual Environments 7.1 and 8.1 creates directories/files in the CIT sub directory that are read/writable by everyone. | 4.4 |
| 2019-11-25 | CVE-2019-13662 | Incorrect Default Permissions vulnerability in Google Chrome Insufficient policy enforcement in navigations in Google Chrome prior to 77.0.3865.75 allowed a remote attacker to bypass content security policy via a crafted HTML page. | 6.5 |
| 2019-11-25 | CVE-2012-5578 | Incorrect Default Permissions vulnerability in Python Keyring Python keyring has insecure permissions on new databases allowing world-readable files to be created | 6.2 |
| 2019-11-21 | CVE-2019-19202 | Incorrect Default Permissions vulnerability in Vtiger CRM 7.0/7.0.1/7.1.0 In Vtiger 7.x before 7.2.0, the My Preferences saving functionality allows a user without administrative privileges to change his own role by adding roleid=H2 to a POST request. | 8.8 |
| 2019-11-21 | CVE-2019-17421 | Incorrect Default Permissions vulnerability in Zohocorp products Incorrect file permissions on the packaged Nipper executable file in Zoho ManageEngine OpManager 12.4.072 and Firewall Analyzer 12.4.072 allow local users to elevate privileges to root by overwriting this file with a malicious payload. | 7.8 |
| 2019-11-20 | CVE-2012-6136 | Incorrect Default Permissions vulnerability in multiple products tuned 2.10.0 creates its PID file with insecure permissions which allows local users to kill arbitrary processes. | 5.5 |
| 2019-11-14 | CVE-2019-14602 | Incorrect Default Permissions vulnerability in Intel Nuvoton Consumer Infrared 1.02.1002 Improper permissions in the installer for the Nuvoton* CIR Driver versions 1.02.1002 and before may allow an authenticated user to potentially enable escalation of privilege via local access. | 7.8 |
| 2019-11-14 | CVE-2012-1157 | Incorrect Default Permissions vulnerability in multiple products Moodle before 2.2.2 has a default repository capabilities issue where all repositories are viewable by all users by default | 4.3 |
| 2019-11-13 | CVE-2010-5108 | Incorrect Default Permissions vulnerability in multiple products Trac 0.11.6 does not properly check workflow permissions before modifying a ticket. | 7.5 |