Weaknesses of type CWE-276
905 resultsCVE-2019-18900MEDIUMlibzypp stores cookies world readableEPSS 0.3%CVE-2025-45467HIGHUnitree Go1 <= Go1_2022_05_11 is vulnerable to Insecure Permissions as the firmware update functionality (via Wi-Fi/Ethernet) implements an EPSS 0.3%CVE-2024-4030HIGHtempfile.mkdtemp() may be readable and writeable by all users on WindowsEPSS 0.3%CVE-2025-8672MEDIUMTCC Bypass via Inherited Permissions in Bundled Interpreter in GIMP.appEPSS 0.3%CVE-2022-2735—A vulnerability was found in the PCS project. This issue occurs due to incorrect permissions on a Unix socket used for internal communicatioEPSS 0.3%CVE-2024-55950HIGHTabby has a TCC Bypass via Unnecessary Permissive Entitlements in TabbyEPSS 0.3%CVE-2025-0797MEDIUMMicroWorld eScan Antivirus Quarantine Microworld default permissionEPSS 0.3%CVE-2023-47335MEDIUMInsecure permissions in the setNFZEnable function of Autel Robotics EVO Nano drone v1.6.5 allows attackers to breach the geo-fence and fly iEPSS 0.3%CVE-2025-49084MEDIUMElevation of privilege vulnerability in the Secure Access administrative console of Absolute Secure Access prior to version 13.56EPSS 0.3%CVE-2024-40514MEDIUMInsecure Permissions vulnerability in themesebrand Chatvia v.5.3.2 allows a remote attacker to escalate privileges via the User profile nameEPSS 0.3%CVE-2022-3432MEDIUMA potential vulnerability in a driver used during manufacturing process on the Ideapad Y700-14ISK that was mistakenly not deactivated may alEPSS 0.3%CVE-2024-45819MEDIUMlibxl leaks data to PVH guests via ACPI tablesEPSS 0.3%CVE-2020-10782MEDIUMAn exposure of sensitive information flaw was found in Ansible version 3.7.0. Sensitive information, such tokens and other secrets could be EPSS 0.3%CVE-2020-28392—A vulnerability has been identified in SIMARIS configuration (All versions < V4.0.1). During installation to default target folder, incorrecEPSS 0.3%CVE-2026-6819HIGHHKUDS OpenHarness Plugin Management Command ExposureEPSS 0.3%CVE-2024-23301MEDIUMRelax-and-Recover (aka ReaR) through 2.7 creates a world-readable initrd when using GRUB_RESCUE=y. This allows local attackers to gain accesEPSS 0.3%CVE-2024-13188MEDIUMMicroWorld eScan Antivirus Installation var default permissionEPSS 0.3%CVE-2020-10050—A vulnerability has been identified in SIMATIC RTLS Locating Manager (All versions < V2.10.2). The directory of service executables of the aEPSS 0.3%CVE-2022-29178HIGHIncorrect Default Permissions in CiliumEPSS 0.3%CVE-2024-0259HIGHPrivilege Escalation in Robot Schedule Enterprise Agent for Windows prior to version 3.04EPSS 0.3%