Vulnerabilities > Incorrect Default Permissions
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-12-02 | CVE-2019-19118 | Incorrect Default Permissions vulnerability in multiple products Django 2.1 before 2.1.15 and 2.2 before 2.2.8 allows unintended model editing. | 6.5 |
| 2019-12-02 | CVE-2019-19490 | Incorrect Default Permissions vulnerability in Litemanager 4.5.0 LiteManager 4.5.0 has weak permissions (Everyone: Full Control) in the "LiteManagerFree - Server" folder, as demonstrated by ROMFUSClient.exe. | 7.3 |
| 2019-11-26 | CVE-2018-20090 | Incorrect Default Permissions vulnerability in Cloudera Data Science Workbench 1.4.0/1.4.1/1.4.2 An issue was discovered in Cloudera Data Science Workbench (CDSW) 1.4.0 through 1.4.2. | 8.3 |
| 2019-11-26 | CVE-2018-17860 | Incorrect Default Permissions vulnerability in Cloudera CDH Cloudera CDH has Insecure Permissions because ALL cannot be revoked.This affects 5.x through 5.15.1 and 6.x through 6.0.1. | 7.2 |
| 2019-11-25 | CVE-2018-2025 | Incorrect Default Permissions vulnerability in IBM products IBM Spectrum Protect Backup-Archive Client and IBM Spectrum Protect for Virtual Environments 7.1 and 8.1 creates directories/files in the CIT sub directory that are read/writable by everyone. | 4.4 |
| 2019-11-25 | CVE-2019-13662 | Incorrect Default Permissions vulnerability in Google Chrome Insufficient policy enforcement in navigations in Google Chrome prior to 77.0.3865.75 allowed a remote attacker to bypass content security policy via a crafted HTML page. | 6.5 |
| 2019-11-25 | CVE-2012-5578 | Incorrect Default Permissions vulnerability in Python Keyring Python keyring has insecure permissions on new databases allowing world-readable files to be created | 6.2 |
| 2019-11-21 | CVE-2019-19202 | Incorrect Default Permissions vulnerability in Vtiger CRM 7.0/7.0.1/7.1.0 In Vtiger 7.x before 7.2.0, the My Preferences saving functionality allows a user without administrative privileges to change his own role by adding roleid=H2 to a POST request. | 8.8 |
| 2019-11-21 | CVE-2019-17421 | Incorrect Default Permissions vulnerability in Zohocorp products Incorrect file permissions on the packaged Nipper executable file in Zoho ManageEngine OpManager 12.4.072 and Firewall Analyzer 12.4.072 allow local users to elevate privileges to root by overwriting this file with a malicious payload. | 7.8 |
| 2019-11-20 | CVE-2012-6136 | Incorrect Default Permissions vulnerability in multiple products tuned 2.10.0 creates its PID file with insecure permissions which allows local users to kill arbitrary processes. | 5.5 |