Vulnerabilities > Incorrect Default Permissions

DATE	CVE	VULNERABILITY TITLE	RISK
2018-06-11	CVE-2017-7794	Incorrect Default Permissions vulnerability in Mozilla Firefox On Linux systems, if the content process is compromised, the sandbox broker will allow files to be truncated even though the sandbox explicitly only has read access to the local file system and no write permissions. local low complexity mozilla CWE-276	7.8
2018-06-11	CVE-2017-7761	Incorrect Default Permissions vulnerability in Mozilla Firefox The Mozilla Maintenance Service "helper.exe" application creates a temporary directory writable by non-privileged users. local low complexity mozilla CWE-276	5.5
2018-06-07	CVE-2017-16128	Incorrect Default Permissions vulnerability in Npm-Script-Demo Project Npm-Script-Demo 0.0.1 The module npm-script-demo opened a connection to a command and control server. network low complexity npm-script-demo-project CWE-276 critical	9.8
2018-06-07	CVE-2017-16127	Incorrect Default Permissions vulnerability in Pandora-Doomsday Project Pandora-Doomsday 0.0.1 The module pandora-doomsday infects other modules. network low complexity pandora-doomsday-project CWE-276 critical	9.8
2018-04-13	CVE-2017-0369	Incorrect Default Permissions vulnerability in multiple products Mediawiki before 1.28.1 / 1.27.2 / 1.23.16 contains a flaw, allowing a sysops to undelete pages, although the page is protected against it. network low complexity mediawiki debian CWE-276	6.5
2018-04-11	CVE-2018-0023	Incorrect Default Permissions vulnerability in Juniper Jsnapy JSNAPy is an open source python version of Junos Snapshot Administrator developed by Juniper available through github. local low complexity juniper CWE-276	5.5
2018-03-14	CVE-2018-7533	Incorrect Default Permissions vulnerability in Osisoft PI Data Archive 2017/3.4.430.460 An Incorrect Default Permissions issue was discovered in OSIsoft PI Data Archive versions 2017 and prior. local low complexity osisoft CWE-276	7.8
2017-12-27	CVE-2016-6914	Incorrect Default Permissions vulnerability in UI Unifi Video Ubiquiti UniFi Video before 3.8.0 for Windows uses weak permissions for the installation directory, which allows local users to gain SYSTEM privileges via a Trojan horse taskkill.exe file. local low complexity ui CWE-276	7.8
2017-11-16	CVE-2017-0847	Incorrect Default Permissions vulnerability in Google Android 8.0 An elevation of privilege vulnerability in the Android media framework (mediaanalytics). network low complexity google CWE-276 critical	9.8
2017-11-03	CVE-2017-16522	Incorrect Default Permissions vulnerability in Mitrastar Dsl-100Hn-T1 Firmware and Gpt-2541Gnac Firmware MitraStar GPT-2541GNAC (HGU) 1.00(VNJ0)b1 and DSL-100HN-T1 ES_113WJY0b16 devices allow remote authenticated users to obtain root access by specifying /bin/sh as the command to execute. network low complexity mitrastar CWE-276	8.8