1703 matches found
CVE-2026-21015
Incorrect default permissions in FactoryCamera prior to SMR May-2026 Release 1 allows local attacker to access unique identifier...
CVE-2026-21013
Incorrect default permission in Galaxy Wearable prior to version 2.2.68.26 allows local attackers to access sensitive information...
CVE-2026-8487
Incorrect default permissions vulnerability in Progress Software MOVEit Automation allows Retrieve Embedded Sensitive Data. This issue affects MOVEit Automation: before 2025.0.11, from 2025.1.0 before 2025.1.7...
BIT-ACTIVEMQ-2026-49157 Apache ActiveMQ: Authenticated low-privilege Web users retain Jolokia broker-management capability by default
Incorrect Default Permissions vulnerability in Apache ActiveMQ. This issue affects Apache ActiveMQ: before 5.19.7, from 6.0.0 before 6.2.6. The default Jolokia authorization settings granted non-admin low-privilege web-login accounts access to Jolokia operations which allowed executing broker...
USN-8369-1 libapache-mod-jk vulnerability
It was discovered that Apache Tomcat Connectors used incorrect default permissions for shared memory on Unix-like systems. A local attacker could possibly use this issue to view or modify modjk configuration data in shared memory, resulting in sensitive information exposure or a denial of service...
Linux Distros Unpatched Vulnerability : CVE-2026-49157
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Incorrect Default Permissions vulnerability in Apache ActiveMQ. This issue affects Apache ActiveMQ: before 5.19.7, from 6.0.0 before 6.2.6. The default Jolokia...
Incorrect Default Permissions
Overview org.apache.activemq:activemq-all is a package that puts together an ActiveMQ jar bundle. Affected versions of this package are vulnerable to Incorrect Default Permissions due to the default authorization settings in Jolokia. An attacker can perform unauthorized broker management...
UBUNTU-CVE-2026-49157
Incorrect Default Permissions vulnerability in Apache ActiveMQ. This issue affects Apache ActiveMQ: before 5.19.7, from 6.0.0 before 6.2.6. The default Jolokia authorization settings granted non-admin low-privilege web-login accounts access to Jolokia operations which allowed executing broker...
CVE-2026-49157
Incorrect Default Permissions vulnerability in Apache ActiveMQ. This issue affects Apache ActiveMQ: before 5.19.7, from 6.0.0 before 6.2.6. The default Jolokia authorization settings granted non-admin low-privilege web-login accounts access to Jolokia operations which allowed executing broker...
CVE-2026-49157
Incorrect Default Permissions vulnerability in Apache ActiveMQ. This issue affects Apache ActiveMQ: before 5.19.7, from 6.0.0 before 6.2.6. The default Jolokia authorization settings granted non-admin low-privilege web-login accounts access to Jolokia operations which allowed executing broker...
CVE-2026-49157 Apache ActiveMQ: Authenticated low-privilege Web users retain Jolokia broker-management capability by default
Incorrect Default Permissions vulnerability in Apache ActiveMQ. This issue affects Apache ActiveMQ: before 5.19.7, from 6.0.0 before 6.2.6. The default Jolokia authorization settings granted non-admin low-privilege web-login accounts access to Jolokia operations which allowed executing broker...
CVE-2026-49157 Apache ActiveMQ: Authenticated low-privilege Web users retain Jolokia broker-management capability by default
Incorrect Default Permissions vulnerability in Apache ActiveMQ. This issue affects Apache ActiveMQ: before 5.19.7, from 6.0.0 before 6.2.6. The default Jolokia authorization settings granted non-admin low-privilege web-login accounts access to Jolokia operations which allowed executing broker...
CVE-2026-49157
CVE-2026-49157 affects Apache ActiveMQ prior to 5.19.7 and prior to 6.2.6 for 6.x. The vulnerability arises from default Jolokia authorization settings that grant non-admin (low-privilege) web-login accounts access to broker-management operations (e.g., addQueue, removeQueue). This can impact con...
PT-2026-45381
Name of the Vulnerable Software and Affected Versions Apache ActiveMQ versions prior to 5.19.7 Apache ActiveMQ versions 6.0.0 through 6.2.5 Description Incorrect default permissions in Jolokia authorization settings allow authenticated low-privilege web-login accounts to access operations intende...
Incorrect Default Permissions
Overview Affected versions of this package are vulnerable to Incorrect Default Permissions due to insecure default permissions that grant regular users elevated privileges. An attacker can gain unauthorized access to host files and execute code with root-level privileges by leveraging authenticat...
Incorrect Default Permissions
Overview Affected versions of this package are vulnerable to Incorrect Default Permissions due to insecure default permissions that grant regular users elevated privileges. An attacker can gain unauthorized access to host files and execute code with root-level privileges by leveraging authenticat...
Incorrect Default Permissions
Overview Affected versions of this package are vulnerable to Incorrect Default Permissions due to insecure default permissions that grant regular users elevated privileges. An attacker can gain unauthorized access to host files and execute code with root-level privileges by leveraging authenticat...
Incorrect Default Permissions
Overview Affected versions of this package are vulnerable to Incorrect Default Permissions due to insecure default permissions that grant regular users elevated privileges. An attacker can gain unauthorized access to host files and execute code with root-level privileges by leveraging authenticat...
CVE-2026-33590 Insecure default permissions in Portainer CE
Insecure default settings of Portainer CE grant regular non-admin users privileges that allow host filesystem access and host-level code execution. An authenticated non-administrative user with endpoint access can exploit these settings to read host files or obtain root equivalent access on the...
CVE-2026-33590 Insecure default permissions in Portainer CE
Insecure default settings of Portainer CE grant regular non-admin users privileges that allow host filesystem access and host-level code execution. An authenticated non-administrative user with endpoint access can exploit these settings to read host files or obtain root equivalent access on the...