Vulnerabilities > Incorrect Default Permissions
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-09-16 | CVE-2019-16355 | Incorrect Default Permissions vulnerability in Beego 1.10.0 The File Session Manager in Beego 1.10.0 allows local users to read session files because of weak permissions for individual files. | 2.1 |
| 2019-09-10 | CVE-2019-16106 | Incorrect Default Permissions vulnerability in Humanica Humatrix 1.0.0.681/7.1.0.0.203 The Recruitment module in Humanica Humatrix 7 1.0.0.203 and 1.0.0.681 allows an unauthenticated attacker to change the password of any user via the recruitment_online/personalData/act_acounttab.cfm txtNewUserName and hdNP fields. | 5.0 |
| 2019-09-09 | CVE-2019-16186 | Incorrect Default Permissions vulnerability in Limesurvey In Limesurvey before 3.17.14, admin users can access the plugin manager without proper permissions. | 6.5 |
| 2019-09-09 | CVE-2019-16185 | Incorrect Default Permissions vulnerability in Limesurvey In Limesurvey before 3.17.14, admin users can view, update, or delete reserved menu entries without proper permissions. | 6.5 |
| 2019-09-09 | CVE-2019-16183 | Incorrect Default Permissions vulnerability in Limesurvey In Limesurvey before 3.17.14, admin users can run an integrity check without proper permissions. | 4.0 |
| 2019-08-28 | CVE-2019-15716 | Incorrect Default Permissions vulnerability in Wtfutil WTF WTF before 0.19.0 does not set the permissions of config.yml, which might make it easier for local attackers to read passwords or API keys if the permissions were misconfigured or were based on unsafe OS defaults. | 2.1 |
| 2019-08-06 | CVE-2019-5687 | Incorrect Default Permissions vulnerability in Nvidia GPU Driver NVIDIA Windows GPU Display Driver (all versions) contains a vulnerability in the kernel mode layer (nvlddmkm.sys) handler for DxgkDdiEscape in which an incorrect use of default permissions for an object exposes it to an unintended actor | 3.6 |
| 2019-07-08 | CVE-2019-9630 | Incorrect Default Permissions vulnerability in Sonatype Nexus Repository Manager Sonatype Nexus Repository Manager before 3.17.0 has a weak default of giving any unauthenticated user read permissions on the repository files and images. | 5.0 |
| 2019-06-18 | CVE-2019-7588 | Incorrect Default Permissions vulnerability in Exacq Enterprise System Manager 5.12.2 A vulnerability in the exacqVision Enterprise System Manager (ESM) v5.12.2 application whereby unauthorized privilege escalation can potentially be achieved. | 6.9 |
| 2019-06-11 | CVE-2019-12795 | Incorrect Default Permissions vulnerability in Gnome Gvfs daemon/gvfsdaemon.c in gvfsd from GNOME gvfs before 1.38.3, 1.40.x before 1.40.2, and 1.41.x before 1.41.3 opened a private D-Bus server socket without configuring an authorization rule. | 7.8 |