Weaknesses of type CWE-276
905 resultsCVE-2023-29057HIGHA valid XCC user's local account permissions overrides their active directory permissions under specific configurations. This could lead to EPSS 0.5%CVE-2025-15615MEDIUMWazuh Manager authd service Improper SSL/TLS Renegotiation Handling leading to Denial of ServiceEPSS 0.5%CVE-2024-27171HIGHInsecure permissionsEPSS 0.5%CVE-2024-43166CRITICALIncorrect Default Permissions vulnerability in Apache DolphinScheduler.
This issue affects Apache DolphinScheduler: before 3.2.2.
Users arEPSS 0.5%CVE-2020-8024MEDIUMProblematic permissions in hylafax+ packaging allow escalation from uucp to other usersEPSS 0.5%CVE-2020-13551HIGHAn exploitable local privilege elevation vulnerability exists in the file system permissions of Advantech WebAccess/SCADA 9.0.1 installationEPSS 0.5%CVE-2025-60262CRITICALAn issue in H3C M102G HM1A0V200R010 wireless controller and BA1500L SWBA1A0V100R006 wireless access point, there is a misconfiguration vulneEPSS 0.5%CVE-2024-44151MEDIUMA permissions issue was addressed with additional restrictions. This issue is fixed in macOS Sequoia 15, macOS Sonoma 14.7, macOS Ventura 13EPSS 0.5%CVE-2025-59030HIGHInsufficient validation of incoming notifies over TCP can lead to a denial of service in RecursorEPSS 0.5%CVE-2024-25605MEDIUMThe Journal module in Liferay Portal 7.2.0 through 7.4.3.4, and older unsupported versions, and Liferay DXP 7.4.13, 7.3 before service pack EPSS 0.5%CVE-2025-43444MEDIUMA permissions issue was addressed with additional restrictions. This issue is fixed in iOS 18.7.2 and iPadOS 18.7.2, iOS 26.1 and iPadOS 26.EPSS 0.5%CVE-2024-34223MEDIUMInsecure permission vulnerability in /hrm/leaverequest.php in SourceCodester Human Resource Management System 1.0 allow attackers to approveEPSS 0.5%CVE-2024-30204LOWIn Emacs before 29.3, LaTeX preview is enabled by default for e-mail attachments.EPSS 0.5%CVE-2023-30281HIGHInsecure permissions vulnerability was discovered, due to a lack of permissions’s control in scquickaccounting before v3.7.3 from Store CommEPSS 0.5%CVE-2024-52946HIGHAn issue was discovered in LemonLDAP::NG before 2.20.1. An Improper Check during session refresh allows an authenticated user to raise theirEPSS 0.5%CVE-2020-13549HIGHAn exploitable local privilege elevation vulnerability exists in the file system permissions of Sytech XL Reporter v14.0.1 install directoryEPSS 0.5%CVE-2024-45494CRITICALAn issue was discovered in MSA FieldServer Gateway 5.0.0 through 6.5.2 (Fixed in 7.0.0). The FieldServer Gateway has an internally used sharEPSS 0.5%CVE-2024-6640MEDIUMpf incorrectly matches different ICMPv6 states in the state tableEPSS 0.5%CVE-2022-43574HIGH"IBM Robotic Process Automation 21.0.1, 21.0.2, 21.0.3, 21.0.4, and 21.0.5 is vulnerable to incorrect permission assignment which could alloEPSS 0.5%CVE-2022-30355CRITICALOvalEdge 5.2.8.0 and earlier is affected by an Account Takeover vulnerability via a POST request to /profile/updateProfile via the userId anEPSS 0.5%