Weaknesses of type CWE-276
907 resultsCVE-2025-24176HIGHA permissions issue was addressed with improved validation. This issue is fixed in macOS Sequoia 15.3, macOS Sonoma 14.7.3, macOS Ventura 13EPSS 0.2%CVE-2022-3466MEDIUMCri-o: security regression of cve-2022-27652EPSS 0.2%CVE-2023-43629HIGHIncorrect default permissions in some Intel(R) GPA software installers before version 2023.3 may allow an authenticated user to potentially EPSS 0.2%CVE-2025-5255MEDIUMTCC Bypass via Dylib Injection in Phoenix CodeEPSS 0.2%CVE-2020-8357MEDIUMA denial of service vulnerability was reported in Lenovo PCManager, prior to version 3.0.200.2042, that could allow configuration files to bEPSS 0.2%CVE-2025-32803MEDIUMInsecure file permissions can result in confidential information leakageEPSS 0.2%CVE-2023-31360HIGHIncorrect default permissions in the AMD Integrated Management Technology (AIM-T) Manageability Service installation directory could allow aEPSS 0.2%CVE-2024-35287MEDIUMA vulnerability in the NuPoint Messenger (NPM) component of Mitel MiCollab through version 9.8 SP1 (9.8.1.5) could allow an authenticated atEPSS 0.2%CVE-2024-21820HIGHIncorrect default permissions in some Intel(R) Xeon(R) processor memory controller configurations when using Intel(R) SGX may allow a privilEPSS 0.2%CVE-2022-23104MEDIUMWIN-911 2021 Incorrect Default PermissionsEPSS 0.2%CVE-2025-57849MEDIUMFuse: privilege escalation via excessive /etc/passwd permissionsEPSS 0.2%CVE-2022-23922MEDIUMWIN-911 2021 Incorrect Default PermissionsEPSS 0.2%CVE-2022-26839HIGHDelta Electronics DIAEnergie Incorrect Default PermissionsEPSS 0.2%CVE-2021-33129HIGHIncorrect default permissions in the software installer for the Intel(R) Advisor before version 2021.4.0 may allow an authenticated user to EPSS 0.2%CVE-2021-36781MEDIUMparsec: dangerous 777 permissions for /run/parsecEPSS 0.2%CVE-2024-11597HIGHUnder specific circumstances, insecure permissions in Ivanti Performance Manager before version 2024.3 HF1, 2024.1 HF1, or 2023.3 HF1 allowsEPSS 0.2%CVE-2022-3431MEDIUMA potential vulnerability in a driver used during manufacturing process on some consumer Lenovo Notebook devices that was mistakenly not deaEPSS 0.2%CVE-2024-9845HIGHUnder specific circumstances, insecure permissions in Ivanti Automation before version 2024.4.0.1 allows a local authenticated attacker to aEPSS 0.2%CVE-2024-8496HIGHUnder specific circumstances, insecure permissions in Ivanti Workspace Control before version 10.18.40.0 allows a local authenticated attackEPSS 0.2%CVE-2024-11598HIGHUnder specific circumstances, insecure permissions in Ivanti Application Control before version 2024.3 HF1, 2024.1 HF2, or 2023.3 HF3 allowsEPSS 0.2%