Weaknesses of type CWE-276
905 resultsCVE-2022-44557HIGHThe SmartTrimProcessEvent module has a vulnerability of obtaining the read and write permissions on arbitrary system files. Successful exploEPSS 0.4%CVE-2024-48533MEDIUMA discrepancy between responses for valid and invalid e-mail accounts in the Forgot your Login? module of eSoft Planner 3.24.08271-USA allowEPSS 0.4%CVE-2022-25776HIGHSensitive Data Exposure due to inadequate user permission settingsEPSS 0.4%CVE-2024-47825MEDIUMCIDR deny policies may not take effect when a more narrow CIDR allow is presentEPSS 0.4%CVE-2024-47593MEDIUMInformation Disclosure Vulnerability in SAP NetWeaver Application Server for ABAP and ABAP PlatformEPSS 0.4%CVE-2025-49006HIGHWasp has case insensitive OAuth ID vulnerabilityEPSS 0.4%CVE-2023-21513MEDIUMImproper privilege management vulnerability in CC Mode prior to SMR Jun-2023 Release 1 allows physical attackers to manipulate device to opeEPSS 0.4%CVE-2022-29162MEDIUMIncorrect Default Permissions in runcEPSS 0.4%CVE-2023-32698HIGHnfpm vulnerable to Incorrect Default PermissionsEPSS 0.4%CVE-2025-24140MEDIUMThis issue was addressed through improved state management. This issue is fixed in macOS Sequoia 15.3. Files downloaded from the internet maEPSS 0.4%CVE-2020-5355MEDIUMThe Dell Isilon OneFS versions 8.2.2 and earlier SSHD process improperly allows Transmission Control Protocol (TCP) and stream forwarding. TEPSS 0.4%CVE-2022-42446MEDIUMHCL Sametime 12.0 and 12.0FP1 anonymous users have directory lookup accessEPSS 0.4%CVE-2025-62668MEDIUMInsufficient permission checks in action=growthsetmentorEPSS 0.4%CVE-2025-8432HIGHCentreonBI user account on the MBI server can execute commands as root by modifying script runned by the CRONEPSS 0.4%CVE-2021-21912HIGHA privilege escalation vulnerability exists in the Windows version of installation for Advantech R-SeeNet Advantech R-SeeNet 2.4.15 (30.07.2EPSS 0.4%CVE-2024-56525CRITICALIn Public Knowledge Project (PKP) OJS, OMP, and OPS before 3.3.0.21 and 3.4.x before 3.4.0.8, an XXE attack by the Journal Editor Role can cEPSS 0.4%CVE-2023-1693HIGHThe Settings module has the file privilege escalation vulnerability.Successful exploitation of this vulnerability may affect confidentialityEPSS 0.4%CVE-2022-0486MEDIUMPrivileged Command Injection Vulnerability in Fidelis Network and DeceptionEPSS 0.4%CVE-2024-48292HIGHAn issue in the wssrvc.exe service of QuickHeal Antivirus Pro Version v24.0 and Quick Heal Total Security v24.0 allows authenticated attackeEPSS 0.4%CVE-2024-37038HIGHCWE-276: Incorrect Default Permissions vulnerability exists that could allow an authenticated
user with access to the device’s web interfaceEPSS 0.4%