Vulnerabilities > Incorrect Default Permissions
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2017-08-23 | CVE-2017-11610 | Incorrect Default Permissions vulnerability in multiple products The XML-RPC server in supervisor before 3.0.1, 3.1.x before 3.1.4, 3.2.x before 3.2.4, and 3.3.x before 3.3.3 allows remote authenticated users to execute arbitrary commands via a crafted XML-RPC request, related to nested supervisord namespace lookups. | 8.8 |
| 2017-08-08 | CVE-2017-8625 | Incorrect Default Permissions vulnerability in Microsoft Internet Explorer 11 Internet Explorer in Windows 10 Gold, 1511, 1607, 1703, and Windows Server 2016 allows an attacker to bypass Device Guard User Mode Code Integrity (UMCI) policies due to Internet Explorer failing to validate UMCI policies, aka "Internet Explorer Security Feature Bypass Vulnerability". | 8.8 |
| 2017-08-08 | CVE-2017-11741 | Incorrect Default Permissions vulnerability in Hashicorp Vagrant VMWare Fusion HashiCorp Vagrant VMware Fusion plugin (aka vagrant-vmware-fusion) before 4.0.24 uses weak permissions for the sudo helper scripts, allows local users to execute arbitrary code with root privileges by overwriting one of the scripts. | 8.8 |
| 2017-07-24 | CVE-2017-1382 | Incorrect Default Permissions vulnerability in IBM Websphere Application Server IBM WebSphere Application Server 7.0, 8.0, 8.5, and 9.0 might create files using the default permissions instead of the customized permissions when custom startup scripts are used. | 7.1 |
| 2017-06-15 | CVE-2017-9505 | Incorrect Default Permissions vulnerability in Atlassian Confluence Atlassian Confluence starting with 4.3.0 before 6.2.1 did not check if a user had permission to view a page when creating a workbox notification about new comments. | 4.3 |
| 2017-06-13 | CVE-2017-4975 | Incorrect Default Permissions vulnerability in Pivotal PCF Tile Generator 5.0.7 An issue was discovered in Pivotal PCF Tile Generator versions prior to 6.0.0. | 7.5 |
| 2017-05-19 | CVE-2017-7968 | Incorrect Default Permissions vulnerability in Schneider-Electric Wonderware Indusoft web Studio 6.1/7.1/8.0 An Incorrect Default Permissions issue was discovered in Schneider Electric Wonderware InduSoft Web Studio v8.0 Patch 3 and prior versions. | 7.8 |
| 2017-04-03 | CVE-2017-5686 | Incorrect Default Permissions vulnerability in Intel Nuc6I3Syh Bios and Nuc6I3Syk Bios The BIOS in Intel NUC systems based on 6th Gen Intel Core processors prior to version SY0059 may allow may allow an attacker with physical access to the system to gain access to personal information. | 3.9 |
| 2017-04-03 | CVE-2017-5685 | Incorrect Default Permissions vulnerability in Intel Nuc6I7Kyk Bios Kyskli70.86A.0042.2016.0929.1933 The BIOS in Intel NUC systems based on 6th Gen Intel Core processors prior to version KY0045 may allow may allow an attacker with physical access to the system to gain access to personal information. | 3.9 |
| 2017-04-03 | CVE-2017-5684 | Incorrect Default Permissions vulnerability in Intel Stk2Mv64Cc Bios Ccsklm5V.86A.0046.2017.0105.1608 The BIOS in Intel Compute Stick systems based on 6th Gen Intel Core processors prior to version CC047 may allow an attacker with physical access to the system to gain access to personal information. | 3.9 |