Vulnerabilities > Incorrect Default Permissions
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-09-12 | CVE-2018-12175 | Incorrect Default Permissions vulnerability in Intel Distribution for Python 2018 Default install directory permissions in Intel Distribution for Python (IDP) version 2018 may allow an unprivileged user to escalate privileges via local access. | 4.6 |
| 2018-07-24 | CVE-2018-10604 | Incorrect Default Permissions vulnerability in Selinc SEL Compass 3.0.5.1 SEL Compass version 3.0.5.1 and prior allows all users full access to the SEL Compass directory, which may allow modification or overwriting of files within the Compass installation folder, resulting in escalation of privilege and/or malicious code execution. | 6.5 |
| 2018-07-23 | CVE-2018-6683 | Incorrect Default Permissions vulnerability in Mcafee Data Loss Prevention Endpoint Exploiting Incorrectly Configured Access Control Security Levels vulnerability in McAfee Data Loss Prevention (DLP) for Windows versions prior to 10.0.505 and 11.0.405 allows local users to bypass DLP policy via editing of local policy files when offline. | 7.4 |
| 2018-07-13 | CVE-2018-7535 | Incorrect Default Permissions vulnerability in Totalav 4.1.7/4.6.19 An issue was discovered in TotalAV v4.1.7. | 7.2 |
| 2018-06-11 | CVE-2017-7794 | Incorrect Default Permissions vulnerability in Mozilla Firefox On Linux systems, if the content process is compromised, the sandbox broker will allow files to be truncated even though the sandbox explicitly only has read access to the local file system and no write permissions. | 4.6 |
| 2018-06-11 | CVE-2017-7761 | Incorrect Default Permissions vulnerability in Mozilla Firefox and Firefox ESR The Mozilla Maintenance Service "helper.exe" application creates a temporary directory writable by non-privileged users. | 3.6 |
| 2018-06-07 | CVE-2017-16128 | Incorrect Default Permissions vulnerability in Npm-Script-Demo Project Npm-Script-Demo 0.0.1 The module npm-script-demo opened a connection to a command and control server. | 10.0 |
| 2018-06-07 | CVE-2017-16127 | Incorrect Default Permissions vulnerability in Pandora-Doomsday Project Pandora-Doomsday 0.0.1 The module pandora-doomsday infects other modules. | 10.0 |
| 2018-04-13 | CVE-2017-0369 | Incorrect Default Permissions vulnerability in multiple products Mediawiki before 1.28.1 / 1.27.2 / 1.23.16 contains a flaw, allowing a sysops to undelete pages, although the page is protected against it. | 4.0 |
| 2018-04-11 | CVE-2018-0023 | Incorrect Default Permissions vulnerability in Juniper Jsnapy JSNAPy is an open source python version of Junos Snapshot Administrator developed by Juniper available through github. | 2.1 |