Weaknesses of type CWE-276
905 resultsCVE-2026-30811HIGHMissing Authorization in Configuration Ajax Endpoint leads to Information DisclosureEPSS 0.3%CVE-2021-25317LOWcups: ownership of /var/log/cups allows the lp user to create files as rootEPSS 0.3%CVE-2023-25645HIGHThere is a permission and access control vulnerability in some ZTE AndroidTV STBs. Due to improper permission settings, non-privileged appliEPSS 0.3%CVE-2021-3701—A flaw was found in ansible-runner where the default temporary files configuration in ansible-2.0.0 are written to world R/W locations. ThisEPSS 0.3%CVE-2019-17103MEDIUMGet-task-allow entitlement via BDLDaemon on macOSEPSS 0.3%CVE-2024-21937HIGHIncorrect default permissions in the AMD HIP SDK installation directory could allow an attacker to achieve privilege escalation potentially EPSS 0.3%CVE-2024-46894MEDIUMA vulnerability has been identified in SINEC INS (All versions < V1.0 SP2 Update 3). The affected application does not properly validate autEPSS 0.3%CVE-2020-10049—A vulnerability has been identified in SIMATIC RTLS Locating Manager (All versions < V2.10.2). The start-stop scripts for the services of thEPSS 0.3%CVE-2025-21532HIGHVulnerability in the Oracle Analytics Desktop product of Oracle Analytics (component: Install). Supported versions that are affected are PrEPSS 0.3%CVE-2022-3430MEDIUMA potential vulnerability in the WMI Setup driver on some consumer Lenovo Notebook devices may allow an attacker with elevated privileges toEPSS 0.3%CVE-2023-52717MEDIUMPermission verification vulnerability in the lock screen module.
Impact: Successful exploitation of this vulnerability will affect availabilEPSS 0.3%CVE-2023-38960HIGHInsecure Permissions issue in Raiden Professional Server RaidenFTPD v.2.4 build 4005 allows a local attacker to gain privileges and execute EPSS 0.3%CVE-2021-3155LOWsnapd created ~/snap with too-wide permissionsEPSS 0.3%CVE-2023-50612HIGHInsecure Permissions vulnerability in fit2cloud Cloud Explorer Lite version 1.4.1, allow local attackers to escalate privileges and obtain sEPSS 0.3%CVE-2021-25319HIGHvirtualbox: missing sticky bit for /etc/vbox allows local root exploit for members of vboxusers groupEPSS 0.3%CVE-2025-24234HIGHThis issue was addressed by removing the vulnerable code. This issue is fixed in macOS Sequoia 15.4, macOS Sonoma 14.7.5, macOS Ventura 13.7EPSS 0.3%CVE-2020-1985HIGHSecdo: Incorrect Default PermissionsEPSS 0.3%CVE-2022-31072LOWOctokit gem published with world-writable filesEPSS 0.3%CVE-2023-3323MEDIUM Code Execution through overwriting project file on zenon engineering studio systemEPSS 0.3%CVE-2024-55398MEDIUM4C Strategies Exonaut before v22.4 was discovered to contain insecure permissions.EPSS 0.3%