Weaknesses of type CWE-276
905 resultsCVE-2022-31244HIGHNokia OneNDS 17r2 has Insecure Permissions vulnerability that allows for privilege escalation.EPSS 0.3%CVE-2024-49504HIGHgrub2 allows bypassing TPM-bound disk encryption on SL(E)M encrypted ImagesEPSS 0.3%CVE-2022-46761HIGHThe system has a vulnerability that may cause dynamic hiding and restoring of app icons.Successful exploitation of this vulnerability may caEPSS 0.3%CVE-2020-7527—Incorrect Default Permission vulnerability exists in SoMove (V2.8.1) and prior which could cause elevation of privilege and provide full accEPSS 0.3%CVE-2025-40585CRITICALA vulnerability has been identified in Energy Services (All versions with G5DFR). Affected solutions using G5DFR contain default credentialsEPSS 0.3%CVE-2024-46544MEDIUMApache Tomcat Connectors: mod_jk: local users can view and modify configurationEPSS 0.3%CVE-2017-12699—An Incorrect Default Permissions issue was discovered in AzeoTech DAQFactory versions prior to 17.1. Local, non-administrative users may be EPSS 0.3%CVE-2025-62661MEDIUMDo permission checking when getting counts of global and local edits, new articles and thanksEPSS 0.3%CVE-2024-34474HIGHClario through 2024-04-11 for Desktop has weak permissions for %PROGRAMDATA%\Clario and tries to load DLLs from there as SYSTEM.EPSS 0.3%CVE-2025-27926MEDIUMIn Nintex Automation 5.6 and 5.7 before 5.8, the K2 SmartForms Designer folder has configuration files (web.config) containing passwords thaEPSS 0.3%CVE-2022-29483HIGHe-Design - Multiple vulnerabilitiesEPSS 0.3%CVE-2023-52379HIGHPermission control vulnerability in the calendarProvider module.Successful exploitation of this vulnerability may affect service confidentiaEPSS 0.3%CVE-2025-43519HIGHA permissions issue was addressed with additional restrictions. This issue is fixed in macOS Sequoia 15.7.3, macOS Sonoma 14.8.3, macOS TahoEPSS 0.3%CVE-2024-1488HIGHUnbound: unrestricted reconfiguration enabled to anyone that may lead to local privilege escalationEPSS 0.3%CVE-2025-15336MEDIUMTanium addressed an incorrect default permissions vulnerability in Performance.EPSS 0.3%CVE-2021-31998MEDIUMinn: %post calls user owned file allowing local privilege escalation to rootEPSS 0.3%CVE-2024-43430MEDIUMMoodle: lack of access control when using external methods for quiz overridesEPSS 0.3%CVE-2023-5042MEDIUMSensitive information disclosure due to insecure folder permissions. The following products are affected: Acronis Cyber Protect Home Office EPSS 0.3%CVE-2020-8903HIGHPriviged Escalation in Google Cloud Platform's Guest-OSLoginEPSS 0.3%CVE-2021-21911HIGHA privilege escalation vulnerability exists in the Windows version of installation for Advantech R-SeeNet Advantech R-SeeNet 2.4.15 (30.07.2EPSS 0.3%