Vulnerabilities > Incorrect Default Permissions

DATE CVE VULNERABILITY TITLE RISK
2017-11-16 CVE-2017-0847 Incorrect Default Permissions vulnerability in Google Android 8.0
An elevation of privilege vulnerability in the Android media framework (mediaanalytics).
network
low complexity
google CWE-276
critical
 9.8
9.8
2017-11-03 CVE-2017-16522 Incorrect Default Permissions vulnerability in Mitrastar Dsl-100Hn-T1 Firmware and Gpt-2541Gnac Firmware
MitraStar GPT-2541GNAC (HGU) 1.00(VNJ0)b1 and DSL-100HN-T1 ES_113WJY0b16 devices allow remote authenticated users to obtain root access by specifying /bin/sh as the command to execute.
network
low complexity
mitrastar CWE-276
8.8
8.8
2017-10-05 CVE-2017-1000089 Incorrect Default Permissions vulnerability in Jenkins Pipeline: Build Step
Builds in Jenkins are associated with an authentication that controls the permissions that the build has to interact with other elements in Jenkins.
network
low complexity
jenkins CWE-276
5.3
5.3
2017-10-05 CVE-2017-1000084 Incorrect Default Permissions vulnerability in Jenkins Parameterized Trigger
Parameterized Trigger Plugin fails to check Item/Build permission: The Parameterized Trigger Plugin did not check the build authentication it was running as and allowed triggering any other project in Jenkins.
network
low complexity
jenkins CWE-276
6.5
6.5
2017-09-29 CVE-2017-12230 Incorrect Default Permissions vulnerability in Cisco IOS XE 16.2.1
A vulnerability in the web-based user interface (web UI) of Cisco IOS XE 16.2 could allow an authenticated, remote attacker to elevate their privileges on an affected device.
network
low complexity
cisco CWE-276
8.8
8.8
2017-09-13 CVE-2017-14427 Incorrect Default Permissions vulnerability in Dlink Dir-850L Firmware
D-Link DIR-850L REV.
local
low complexity
dlink CWE-276
7.8
7.8
2017-09-13 CVE-2017-14425 Incorrect Default Permissions vulnerability in Dlink Dir-850L Firmware
D-Link DIR-850L REV.
local
low complexity
dlink CWE-276
7.8
7.8
2017-09-13 CVE-2017-14424 Incorrect Default Permissions vulnerability in Dlink Dir-850L Firmware
D-Link DIR-850L REV.
local
low complexity
dlink CWE-276
7.8
7.8
2017-09-09 CVE-2017-12699 Incorrect Default Permissions vulnerability in Azeotech Daqfactory
An Incorrect Default Permissions issue was discovered in AzeoTech DAQFactory versions prior to 17.1.
local
low complexity
azeotech CWE-276
7.1
7.1
2017-08-29 CVE-2017-12763 Incorrect Default Permissions vulnerability in Nomachine
An unspecified server utility in NoMachine before 5.3.10 on Mac OS X and Linux allows authenticated users to gain privileges by gaining access to local files.
network
low complexity
nomachine CWE-276
8.8
8.8