Weaknesses of type CWE-276
905 resultsCVE-2021-21911HIGHA privilege escalation vulnerability exists in the Windows version of installation for Advantech R-SeeNet Advantech R-SeeNet 2.4.15 (30.07.2EPSS 0.3%CVE-2024-32368HIGHInsecure Permission vulnerability in Agasta Sanketlife 2.0 Pocket 12-Lead ECG Monitor FW Version 3.0 allows a local attacker to cause a deniEPSS 0.3%CVE-2025-15339MEDIUMTanium addressed an incorrect default permissions vulnerability in Discover.EPSS 0.3%CVE-2025-15338MEDIUMTanium addressed an incorrect default permissions vulnerability in Partner Integration.EPSS 0.3%CVE-2024-27674HIGHMacro Expert through 4.9.4 allows BUILTIN\Users:(OI)(CI)(M) access to the "%PROGRAMFILES(X86)%\GrassSoft\Macro Expert" folder and thus an unEPSS 0.3%CVE-2025-15340MEDIUMTanium addressed an incorrect default permissions vulnerability in Comply.EPSS 0.3%CVE-2024-5321MEDIUMIncorrect permissions on Windows containers logsEPSS 0.3%CVE-2025-15337MEDIUMTanium addressed an incorrect default permissions vulnerability in Patch.EPSS 0.3%CVE-2021-3981—A flaw in grub2 was found where its configuration file, known as grub.cfg, is being created with the wrong permission set allowing non priviEPSS 0.3%CVE-2024-36495HIGHRead/Write Permissions for Everyone on Configuration FileEPSS 0.3%CVE-2024-36063HIGHThe Goodwy com.goodwy.dialer (aka Right Dialer) application through 5.1.0 for Android enables any application (with no permissions) to placeEPSS 0.3%CVE-2020-8907CRITICALPriviged Escalation in Google Cloud Platform's Guest-OSLoginEPSS 0.3%CVE-2025-15343MEDIUMTanium addressed an incorrect default permissions vulnerability in Enforce.EPSS 0.3%CVE-2025-15341MEDIUMTanium addressed an incorrect default permissions vulnerability in Benchmark.EPSS 0.3%CVE-2018-9467CRITICALIn the getHost() function of UriTest.java, there is the possibility of incorrect web origin determination. This could lead to incorrect secuEPSS 0.3%CVE-2024-48293MEDIUMIncorrect access control in QuickHeal Antivirus Pro 24.1.0.182 and earlier allows authenticated attackers with low-level privileges to arbitEPSS 0.3%CVE-2024-4226LOWIt was identified that in certain versions of Octopus Server, that a user created with no permissions could view all users, user roles and pEPSS 0.3%CVE-2022-21704MEDIUMIncorrect Default Permissions in log4js-nodeEPSS 0.3%CVE-2024-26574HIGHInsecure Permissions vulnerability in Wondershare Filmora v.13.0.51 allows a local attacker to execute arbitrary code via a crafted script tEPSS 0.3%CVE-2019-18900MEDIUMlibzypp stores cookies world readableEPSS 0.3%