Vulnerabilities > Incorrect Default Permissions
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-09-21 | CVE-2023-42261 | Incorrect Default Permissions vulnerability in Opensecurity Mobile Security Framework Mobile Security Framework (MobSF) <=v3.7.8 Beta is vulnerable to Insecure Permissions. | 7.5 |
| 2023-09-20 | CVE-2023-43496 | Incorrect Default Permissions vulnerability in Jenkins Jenkins 2.423 and earlier, LTS 2.414.1 and earlier creates a temporary file in the system temporary directory with the default permissions for newly created files when installing a plugin from a URL, potentially allowing attackers with access to the system temporary directory to replace the file before it is installed in Jenkins, potentially resulting in arbitrary code execution. | 8.8 |
| 2023-09-20 | CVE-2023-5042 | Incorrect Default Permissions vulnerability in Acronis Cyber Protect Home Office Sensitive information disclosure due to insecure folder permissions. | 7.5 |
| 2023-09-20 | CVE-2023-4088 | Incorrect Default Permissions vulnerability in Mitsubishielectric GX Works3 Incorrect Default Permissions vulnerability in Mitsubishi Electric Corporation multiple FA engineering software products allows a malicious local attacker to execute a malicious code, resulting in information disclosure, tampering with and deletion, or a denial-of-service (DoS) condition, if the product is installed in a folder other than the default installation folder. | 7.8 |
| 2023-09-15 | CVE-2022-3466 | Incorrect Default Permissions vulnerability in multiple products The version of cri-o as released for Red Hat OpenShift Container Platform 4.9.48, 4.10.31, and 4.11.6 via RHBA-2022:6316, RHBA-2022:6257, and RHBA-2022:6658, respectively, included an incorrect version of cri-o missing the fix for CVE-2022-27652, which was previously fixed in OCP 4.9.41 and 4.10.12 via RHBA-2022:5433 and RHSA-2022:1600. | 5.3 |
| 2023-09-15 | CVE-2023-4664 | Incorrect Default Permissions vulnerability in Saphira Connect Incorrect Default Permissions vulnerability in Saphira Saphira Connect allows Privilege Escalation.This issue affects Saphira Connect: before 9. | 8.8 |
| 2023-09-12 | CVE-2023-37878 | Incorrect Default Permissions vulnerability in Wftpserver Wing FTP Server Insecure default permissions in Wing FTP Server (Admin Web Client) allows for privilege escalation.This issue affects Wing FTP Server: <= 7.2.0. | 8.8 |
| 2023-09-11 | CVE-2023-31067 | Incorrect Default Permissions vulnerability in Tsplus Remote Access An issue was discovered in TSplus Remote Access through 16.0.2.14. | 9.8 |
| 2023-09-11 | CVE-2023-31068 | Incorrect Default Permissions vulnerability in Tsplus Remote Access An issue was discovered in TSplus Remote Access through 16.0.2.14. | 9.8 |
| 2023-09-11 | CVE-2023-31468 | Incorrect Default Permissions vulnerability in Inosoft Visiwin 7 20222.1 An issue was discovered in Inosoft VisiWin 7 through 2022-2.1 (Runtime RT7.3 RC3 20221209.5). | 7.8 |