Vulnerabilities > Incorrect Default Permissions
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2017-04-03 | CVE-2017-5686 | Incorrect Default Permissions vulnerability in Intel Nuc6I3Syh Bios and Nuc6I3Syk Bios The BIOS in Intel NUC systems based on 6th Gen Intel Core processors prior to version SY0059 may allow may allow an attacker with physical access to the system to gain access to personal information. | 3.9 |
| 2017-04-03 | CVE-2017-5685 | Incorrect Default Permissions vulnerability in Intel Nuc6I7Kyk Bios Kyskli70.86A.0042.2016.0929.1933 The BIOS in Intel NUC systems based on 6th Gen Intel Core processors prior to version KY0045 may allow may allow an attacker with physical access to the system to gain access to personal information. | 3.9 |
| 2017-04-03 | CVE-2017-5684 | Incorrect Default Permissions vulnerability in Intel Stk2Mv64Cc Bios Ccsklm5V.86A.0046.2017.0105.1608 The BIOS in Intel Compute Stick systems based on 6th Gen Intel Core processors prior to version CC047 may allow an attacker with physical access to the system to gain access to personal information. | 3.9 |
| 2017-04-03 | CVE-2017-5642 | Incorrect Default Permissions vulnerability in Apache Ambari 2.4.0/2.4.1/2.4.2 During installation of Ambari 2.4.0 through 2.4.2, Ambari Server artifacts are not created with proper ACLs. | 9.8 |
| 2017-03-26 | CVE-2017-5622 | Incorrect Default Permissions vulnerability in Oneplus Oxygenos 3.2.8/3.5.4/4.0.2 With OxygenOS before 4.0.3, when a charger is connected to a powered-off OnePlus 3 or 3T device, the platform starts with adbd enabled. | 5.9 |
| 2017-03-02 | CVE-2017-6404 | Incorrect Default Permissions vulnerability in Veritas Netbackup and Netbackup Appliance An issue was discovered in Veritas NetBackup Before 7.7 and NetBackup Appliance Before 2.7. | 5.5 |
| 2016-10-13 | CVE-2016-5425 | Incorrect Default Permissions vulnerability in Apache Tomcat The Tomcat package on Red Hat Enterprise Linux (RHEL) 7, Fedora, CentOS, Oracle Linux, and possibly other Linux distributions uses weak permissions for /usr/lib/tmpfiles.d/tomcat.conf, which allows local users to gain root privileges by leveraging membership in the tomcat group. | 7.8 |
| 2016-04-18 | CVE-2016-3943 | Incorrect Default Permissions vulnerability in Watchguard Panda Endpoint Administration Agent 7.49 Panda Endpoint Administration Agent before 7.50.00, as used in Panda Security for Business products for Windows, uses a weak ACL for the Panda Security/WaAgent directory and sub-directories, which allows local users to gain SYSTEM privileges by modifying an executable module. | 7.8 |
| 2016-04-18 | CVE-2015-7378 | Incorrect Default Permissions vulnerability in Watchguard Panda URL Filtering 4.3.1.8 Panda Security URL Filtering before 4.3.1.9 uses a weak ACL for the "Panda Security URL Filtering" directory and installed files, which allows local users to gain SYSTEM privileges by modifying Panda_URL_Filteringb.exe. | 7.8 |
| 2013-01-17 | CVE-2013-0632 | Incorrect Default Permissions vulnerability in Adobe Coldfusion administrator.cfc in Adobe ColdFusion 9.0, 9.0.1, 9.0.2, and 10 allows remote attackers to bypass authentication and possibly execute arbitrary code by logging in to the RDS component using the default empty password and leveraging this session to access the administrative web interface, as exploited in the wild in January 2013. | 9.8 |