Vulnerabilities > Incorrect Default Permissions
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2017-09-29 | CVE-2017-12230 | Incorrect Default Permissions vulnerability in Cisco IOS XE 16.2.1 A vulnerability in the web-based user interface (web UI) of Cisco IOS XE 16.2 could allow an authenticated, remote attacker to elevate their privileges on an affected device. | 9.0 |
| 2017-09-13 | CVE-2017-14427 | Incorrect Default Permissions vulnerability in Dlink Dir-850L Firmware D-Link DIR-850L REV. | 7.8 |
| 2017-09-13 | CVE-2017-14425 | Incorrect Default Permissions vulnerability in Dlink Dir-850L Firmware D-Link DIR-850L REV. | 7.8 |
| 2017-09-13 | CVE-2017-14424 | Incorrect Default Permissions vulnerability in Dlink Dir-850L Firmware D-Link DIR-850L REV. | 7.8 |
| 2017-09-09 | CVE-2017-12699 | Incorrect Default Permissions vulnerability in Azeotech Daqfactory An Incorrect Default Permissions issue was discovered in AzeoTech DAQFactory versions prior to 17.1. | 3.6 |
| 2017-08-29 | CVE-2017-12763 | Incorrect Default Permissions vulnerability in Nomachine An unspecified server utility in NoMachine before 5.3.10 on Mac OS X and Linux allows authenticated users to gain privileges by gaining access to local files. | 9.0 |
| 2017-08-23 | CVE-2017-11610 | Incorrect Default Permissions vulnerability in multiple products The XML-RPC server in supervisor before 3.0.1, 3.1.x before 3.1.4, 3.2.x before 3.2.4, and 3.3.x before 3.3.3 allows remote authenticated users to execute arbitrary commands via a crafted XML-RPC request, related to nested supervisord namespace lookups. | 8.8 |
| 2017-08-08 | CVE-2017-8625 | Incorrect Default Permissions vulnerability in Microsoft Internet Explorer 11 Internet Explorer in Windows 10 Gold, 1511, 1607, 1703, and Windows Server 2016 allows an attacker to bypass Device Guard User Mode Code Integrity (UMCI) policies due to Internet Explorer failing to validate UMCI policies, aka "Internet Explorer Security Feature Bypass Vulnerability". | 8.8 |
| 2017-08-08 | CVE-2017-11741 | Incorrect Default Permissions vulnerability in Hashicorp Vagrant VMWare Fusion HashiCorp Vagrant VMware Fusion plugin (aka vagrant-vmware-fusion) before 4.0.24 uses weak permissions for the sudo helper scripts, allows local users to execute arbitrary code with root privileges by overwriting one of the scripts. | 7.2 |
| 2017-07-24 | CVE-2017-1382 | Incorrect Default Permissions vulnerability in IBM Websphere Application Server IBM WebSphere Application Server 7.0, 8.0, 8.5, and 9.0 might create files using the default permissions instead of the customized permissions when custom startup scripts are used. | 3.6 |