Vulnerabilities > Incorrect Default Permissions
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-11-21 | CVE-2019-17421 | Incorrect Default Permissions vulnerability in Zohocorp products Incorrect file permissions on the packaged Nipper executable file in Zoho ManageEngine OpManager 12.4.072 and Firewall Analyzer 12.4.072 allow local users to elevate privileges to root by overwriting this file with a malicious payload. | 7.8 |
| 2019-11-20 | CVE-2012-6136 | Incorrect Default Permissions vulnerability in multiple products tuned 2.10.0 creates its PID file with insecure permissions which allows local users to kill arbitrary processes. | 5.5 |
| 2019-11-14 | CVE-2019-14602 | Incorrect Default Permissions vulnerability in Intel Nuvoton Consumer Infrared 1.02.1002 Improper permissions in the installer for the Nuvoton* CIR Driver versions 1.02.1002 and before may allow an authenticated user to potentially enable escalation of privilege via local access. | 7.8 |
| 2019-11-14 | CVE-2012-1157 | Incorrect Default Permissions vulnerability in multiple products Moodle before 2.2.2 has a default repository capabilities issue where all repositories are viewable by all users by default | 4.3 |
| 2019-11-13 | CVE-2010-5108 | Incorrect Default Permissions vulnerability in multiple products Trac 0.11.6 does not properly check workflow permissions before modifying a ticket. | 7.5 |
| 2019-11-12 | CVE-2019-4652 | Incorrect Default Permissions vulnerability in IBM Spectrum Protect Plus IBM Spectrum Protect Plus 10.1.0 through 10.1.4 uses insecure file permissions on restored files and directories in Windows which could allow a local user to obtain sensitive information or perform unauthorized actions. | 7.1 |
| 2019-11-07 | CVE-2013-1425 | Incorrect Default Permissions vulnerability in multiple products ldap-git-backup before 1.0.4 exposes password hashes due to incorrect directory permissions. | 5.5 |
| 2019-11-05 | CVE-2019-1982 | Incorrect Default Permissions vulnerability in Cisco products A vulnerability in the HTTP traffic filtering component of Cisco Firepower Threat Defense Software, Cisco FirePOWER Services Software for ASA, and Cisco Firepower Management Center Software could allow an unauthenticated, remote attacker to bypass filtering protections. | 5.3 |
| 2019-11-01 | CVE-2019-12752 | Incorrect Default Permissions vulnerability in Symantec Sonar The Symantec SONAR component, prior to 12.0.2, may be susceptible to a tamper protection bypass vulnerability which could potentially allow an attacker to circumvent the existing tamper protection in use on the resident system. | 6.1 |
| 2019-10-31 | CVE-2019-18369 | Incorrect Default Permissions vulnerability in Jetbrains Youtrack In JetBrains YouTrack before 2019.2.55152, removing tags from the issues list without the corresponding permission was possible. | 5.3 |