Vulnerabilities > Incorrect Default Permissions
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-09-09 | CVE-2019-16183 | Incorrect Default Permissions vulnerability in Limesurvey In Limesurvey before 3.17.14, admin users can run an integrity check without proper permissions. | 2.7 |
| 2019-08-28 | CVE-2019-15716 | Incorrect Default Permissions vulnerability in Wtfutil WTF WTF before 0.19.0 does not set the permissions of config.yml, which might make it easier for local attackers to read passwords or API keys if the permissions were misconfigured or were based on unsafe OS defaults. | 5.5 |
| 2019-08-06 | CVE-2019-5687 | Incorrect Default Permissions vulnerability in Nvidia GPU Driver NVIDIA Windows GPU Display Driver (all versions) contains a vulnerability in the kernel mode layer (nvlddmkm.sys) handler for DxgkDdiEscape in which an incorrect use of default permissions for an object exposes it to an unintended actor | 7.1 |
| 2019-07-08 | CVE-2019-9630 | Incorrect Default Permissions vulnerability in Sonatype Nexus Repository Manager Sonatype Nexus Repository Manager before 3.17.0 has a weak default of giving any unauthenticated user read permissions on the repository files and images. | 7.5 |
| 2019-06-18 | CVE-2019-7588 | Incorrect Default Permissions vulnerability in Exacq Enterprise System Manager 5.12.2 A vulnerability in the exacqVision Enterprise System Manager (ESM) v5.12.2 application whereby unauthorized privilege escalation can potentially be achieved. | 7.0 |
| 2019-06-11 | CVE-2019-12795 | Incorrect Default Permissions vulnerability in Gnome Gvfs daemon/gvfsdaemon.c in gvfsd from GNOME gvfs before 1.38.3, 1.40.x before 1.40.2, and 1.41.x before 1.41.3 opened a private D-Bus server socket without configuring an authorization rule. | 7.8 |
| 2019-05-29 | CVE-2019-12450 | Incorrect Default Permissions vulnerability in multiple products file_copy_fallback in gio/gfile.c in GNOME GLib 2.15.0 through 2.61.1 does not properly restrict file permissions while a copy operation is in progress. | 9.8 |
| 2019-05-22 | CVE-2018-7822 | Incorrect Default Permissions vulnerability in Schneider-Electric Modicon M221 Firmware and Somachine Basic An Incorrect Default Permissions (CWE-276) vulnerability exists in SoMachine Basic, all versions, and Modicon M221(all references, all versions prior to firmware V1.10.0.0) which could cause unauthorized access to SoMachine Basic resource files when logged on the system hosting SoMachine Basic. | 5.5 |
| 2019-04-09 | CVE-2019-3870 | Incorrect Default Permissions vulnerability in multiple products A vulnerability was found in Samba from version (including) 4.9 to versions before 4.9.6 and 4.10.2. | 6.1 |
| 2019-04-09 | CVE-2019-0683 | Incorrect Default Permissions vulnerability in Microsoft Windows 7 and Windows Server 2008 An elevation of privilege vulnerability exists in Active Directory Forest trusts due to a default setting that lets an attacker in the trusting forest request delegation of a TGT for an identity from the trusted forest, aka 'Active Directory Elevation of Privilege Vulnerability'. | 5.9 |