Vulnerabilities > Incorrect Default Permissions
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2017-08-08 | CVE-2017-11741 | Incorrect Default Permissions vulnerability in Hashicorp Vagrant VMWare Fusion HashiCorp Vagrant VMware Fusion plugin (aka vagrant-vmware-fusion) before 4.0.24 uses weak permissions for the sudo helper scripts, allows local users to execute arbitrary code with root privileges by overwriting one of the scripts. | 8.8 |
| 2017-07-24 | CVE-2017-1382 | Incorrect Default Permissions vulnerability in IBM Websphere Application Server IBM WebSphere Application Server 7.0, 8.0, 8.5, and 9.0 might create files using the default permissions instead of the customized permissions when custom startup scripts are used. | 7.1 |
| 2017-06-15 | CVE-2017-9505 | Incorrect Default Permissions vulnerability in Atlassian Confluence Atlassian Confluence starting with 4.3.0 before 6.2.1 did not check if a user had permission to view a page when creating a workbox notification about new comments. | 4.3 |
| 2017-06-13 | CVE-2017-4975 | Incorrect Default Permissions vulnerability in Pivotal PCF Tile Generator 5.0.7 An issue was discovered in Pivotal PCF Tile Generator versions prior to 6.0.0. | 7.5 |
| 2017-05-19 | CVE-2017-7968 | Incorrect Default Permissions vulnerability in Schneider-Electric Wonderware Indusoft web Studio 6.1/7.1/8.0 An Incorrect Default Permissions issue was discovered in Schneider Electric Wonderware InduSoft Web Studio v8.0 Patch 3 and prior versions. | 7.8 |
| 2017-04-03 | CVE-2017-5686 | Incorrect Default Permissions vulnerability in Intel Nuc6I3Syh Bios and Nuc6I3Syk Bios The BIOS in Intel NUC systems based on 6th Gen Intel Core processors prior to version SY0059 may allow may allow an attacker with physical access to the system to gain access to personal information. | 3.9 |
| 2017-04-03 | CVE-2017-5685 | Incorrect Default Permissions vulnerability in Intel Nuc6I7Kyk Bios Kyskli70.86A.0042.2016.0929.1933 The BIOS in Intel NUC systems based on 6th Gen Intel Core processors prior to version KY0045 may allow may allow an attacker with physical access to the system to gain access to personal information. | 3.9 |
| 2017-04-03 | CVE-2017-5684 | Incorrect Default Permissions vulnerability in Intel Stk2Mv64Cc Bios Ccsklm5V.86A.0046.2017.0105.1608 The BIOS in Intel Compute Stick systems based on 6th Gen Intel Core processors prior to version CC047 may allow an attacker with physical access to the system to gain access to personal information. | 3.9 |
| 2017-04-03 | CVE-2017-5642 | Incorrect Default Permissions vulnerability in Apache Ambari 2.4.0/2.4.1/2.4.2 During installation of Ambari 2.4.0 through 2.4.2, Ambari Server artifacts are not created with proper ACLs. | 9.8 |
| 2017-03-26 | CVE-2017-5622 | Incorrect Default Permissions vulnerability in Oneplus Oxygenos 3.2.8/3.5.4/4.0.2 With OxygenOS before 4.0.3, when a charger is connected to a powered-off OnePlus 3 or 3T device, the platform starts with adbd enabled. | 5.9 |