Vulnerabilities > Incorrect Default Permissions

DATE	CVE	VULNERABILITY TITLE	RISK
2018-11-27	CVE-2018-11906	Incorrect Default Permissions vulnerability in Google Android In all android releases(Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the linux kernel, there is a security concern with default privileged access to ADB and debug-fs. local low complexity google CWE-276	7.2
2018-11-16	CVE-2018-9085	Incorrect Default Permissions vulnerability in multiple products A write protection lock bit was left unset after boot on an older generation of Lenovo and IBM System x servers, potentially allowing an attacker with administrator access to modify the subset of flash memory containing Intel Server Platform Services (SPS) and the system Flash Descriptors. network low complexity lenovo ibm CWE-276	4.0
2018-10-11	CVE-2018-12441	Incorrect Default Permissions vulnerability in Corsair Utility Engine The CorsairService Service in Corsair Utility Engine is installed with insecure default permissions, which allows unprivileged local users to execute arbitrary commands via modification of the CorsairService BINARY_PATH_NAME, leading to complete control of the affected system. local low complexity corsair CWE-276	7.2
2018-09-26	CVE-2018-8848	Incorrect Default Permissions vulnerability in Philips E-Alert Firmware Philips e-Alert Unit (non-medical device), Version R2.1 and prior. network low complexity philips CWE-276	5.0
2018-09-12	CVE-2018-12175	Incorrect Default Permissions vulnerability in Intel Distribution for Python 2018 Default install directory permissions in Intel Distribution for Python (IDP) version 2018 may allow an unprivileged user to escalate privileges via local access. local low complexity intel CWE-276	4.6
2018-07-24	CVE-2018-10604	Incorrect Default Permissions vulnerability in Selinc SEL Compass 3.0.5.1 SEL Compass version 3.0.5.1 and prior allows all users full access to the SEL Compass directory, which may allow modification or overwriting of files within the Compass installation folder, resulting in escalation of privilege and/or malicious code execution. network low complexity selinc CWE-276	6.5
2018-07-23	CVE-2018-6683	Incorrect Default Permissions vulnerability in Mcafee Data Loss Prevention Endpoint Exploiting Incorrectly Configured Access Control Security Levels vulnerability in McAfee Data Loss Prevention (DLP) for Windows versions prior to 10.0.505 and 11.0.405 allows local users to bypass DLP policy via editing of local policy files when offline. low complexity mcafee CWE-276	7.4
2018-07-13	CVE-2018-7535	Incorrect Default Permissions vulnerability in Totalav 4.1.7/4.6.19 An issue was discovered in TotalAV v4.1.7. local low complexity totalav CWE-276	7.2
2018-06-11	CVE-2017-7794	Incorrect Default Permissions vulnerability in Mozilla Firefox On Linux systems, if the content process is compromised, the sandbox broker will allow files to be truncated even though the sandbox explicitly only has read access to the local file system and no write permissions. local low complexity mozilla linux CWE-276	4.6
2018-06-11	CVE-2017-7761	Incorrect Default Permissions vulnerability in Mozilla Firefox and Firefox ESR The Mozilla Maintenance Service "helper.exe" application creates a temporary directory writable by non-privileged users. local low complexity mozilla microsoft CWE-276	3.6