Vulnerabilities > Incorrect Default Permissions
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-06-07 | CVE-2017-16128 | Incorrect Default Permissions vulnerability in Npm-Script-Demo Project Npm-Script-Demo 0.0.1 The module npm-script-demo opened a connection to a command and control server. | 10.0 |
| 2018-06-07 | CVE-2017-16127 | Incorrect Default Permissions vulnerability in Pandora-Doomsday Project Pandora-Doomsday 0.0.1 The module pandora-doomsday infects other modules. | 10.0 |
| 2018-04-13 | CVE-2017-0369 | Incorrect Default Permissions vulnerability in multiple products Mediawiki before 1.28.1 / 1.27.2 / 1.23.16 contains a flaw, allowing a sysops to undelete pages, although the page is protected against it. | 4.0 |
| 2018-04-11 | CVE-2018-0023 | Incorrect Default Permissions vulnerability in Juniper Jsnapy JSNAPy is an open source python version of Junos Snapshot Administrator developed by Juniper available through github. | 2.1 |
| 2018-03-14 | CVE-2018-7533 | Incorrect Default Permissions vulnerability in Osisoft PI Data Archive 2017 An Incorrect Default Permissions issue was discovered in OSIsoft PI Data Archive versions 2017 and prior. | 7.2 |
| 2017-12-27 | CVE-2016-6914 | Incorrect Default Permissions vulnerability in UI Unifi Video Ubiquiti UniFi Video before 3.8.0 for Windows uses weak permissions for the installation directory, which allows local users to gain SYSTEM privileges via a Trojan horse taskkill.exe file. | 7.2 |
| 2017-11-16 | CVE-2017-0847 | Incorrect Default Permissions vulnerability in Google Android 8.0 An elevation of privilege vulnerability in the Android media framework (mediaanalytics). | 7.5 |
| 2017-11-03 | CVE-2017-16522 | Incorrect Default Permissions vulnerability in Mitrastar Dsl-100Hn-T1 Firmware and Gpt-2541Gnac Firmware MitraStar GPT-2541GNAC (HGU) 1.00(VNJ0)b1 and DSL-100HN-T1 ES_113WJY0b16 devices allow remote authenticated users to obtain root access by specifying /bin/sh as the command to execute. | 9.0 |
| 2017-10-05 | CVE-2017-1000089 | Incorrect Default Permissions vulnerability in Jenkins Pipeline: Build Step Builds in Jenkins are associated with an authentication that controls the permissions that the build has to interact with other elements in Jenkins. | 5.0 |
| 2017-10-05 | CVE-2017-1000084 | Incorrect Default Permissions vulnerability in Jenkins Parameterized Trigger Parameterized Trigger Plugin fails to check Item/Build permission: The Parameterized Trigger Plugin did not check the build authentication it was running as and allowed triggering any other project in Jenkins. | 4.0 |