Vulnerabilities > Incorrect Default Permissions
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-10-09 | CVE-2019-17124 | Incorrect Default Permissions vulnerability in Kramerav Viaware 2.5.0719.1034 Kramer VIAware 2.5.0719.1034 has Incorrect Access Control. | 9.8 |
| 2019-10-07 | CVE-2019-16913 | Incorrect Default Permissions vulnerability in Pcprotect Antivirus 4.14.31 PC Protect Antivirus v4.14.31 installs by default to %PROGRAMFILES(X86)%\PCProtect with very weak folder permissions, granting any user full permission "Everyone: (F)" to the contents of the directory and its subfolders. | 7.8 |
| 2019-10-07 | CVE-2019-3688 | Incorrect Default Permissions vulnerability in Suse Linux Enterprise Server 12/15 The /usr/sbin/pinger binary packaged with squid in SUSE Linux Enterprise Server 15 before and including version 4.8-5.8.1 and in SUSE Linux Enterprise Server 12 before and including 3.5.21-26.17.1 had squid:root, 0750 permissions. | 7.1 |
| 2019-10-01 | CVE-2019-17056 | Incorrect Default Permissions vulnerability in Linux Kernel llcp_sock_create in net/nfc/llcp_sock.c in the AF_NFC network module in the Linux kernel through 5.3.2 does not enforce CAP_NET_RAW, which means that unprivileged users can create a raw socket, aka CID-3a359798b176. | 3.3 |
| 2019-10-01 | CVE-2019-17054 | Incorrect Default Permissions vulnerability in Linux Kernel atalk_create in net/appletalk/ddp.c in the AF_APPLETALK network module in the Linux kernel through 5.3.2 does not enforce CAP_NET_RAW, which means that unprivileged users can create a raw socket, aka CID-6cc03e8aa36c. | 3.3 |
| 2019-10-01 | CVE-2019-17053 | Incorrect Default Permissions vulnerability in Linux Kernel ieee802154_create in net/ieee802154/socket.c in the AF_IEEE802154 network module in the Linux kernel through 5.3.2 does not enforce CAP_NET_RAW, which means that unprivileged users can create a raw socket, aka CID-e69dbd4619e7. | 3.3 |
| 2019-10-01 | CVE-2019-17052 | Incorrect Default Permissions vulnerability in multiple products ax25_create in net/ax25/af_ax25.c in the AF_AX25 network module in the Linux kernel 3.16 through 5.3.2 does not enforce CAP_NET_RAW, which means that unprivileged users can create a raw socket, aka CID-0614e2b73768. | 3.3 |
| 2019-09-27 | CVE-2018-19592 | Incorrect Default Permissions vulnerability in Corsair Link 4.9.7.35 The "CLink4Service" service is installed with Corsair Link 4.9.7.35 with insecure permissions by default. | 7.8 |
| 2019-09-25 | CVE-2019-12670 | Incorrect Default Permissions vulnerability in Cisco IOS 16.10.1 A vulnerability in the filesystem of Cisco IOS XE Software could allow an authenticated, local attacker within the IOx Guest Shell to modify the namespace container protections on an affected device. | 6.7 |
| 2019-09-19 | CVE-2019-3689 | Incorrect Default Permissions vulnerability in Linux-Nfs Nfs-Utils The nfs-utils package in SUSE Linux Enterprise Server 12 before and including version 1.3.0-34.18.1 and in SUSE Linux Enterprise Server 15 before and including version 2.1.1-6.10.2 the directory /var/lib/nfs is owned by statd:nogroup. | 9.8 |