Weaknesses of type CWE-276
907 resultsCVE-2022-44548MEDIUMThere is a vulnerability in permission verification during the Bluetooth pairing process. Successful exploitation of this vulnerability may EPSS 0.2%CVE-2022-27500MEDIUMIncorrect default permissions for the Intel(R) Support Android application before 21.07.40 may allow an authenticated user to potentially enEPSS 0.2%CVE-2025-54530HIGHIn JetBrains TeamCity before 2025.07 privilege escalation was possible due to incorrect directory permissionsEPSS 0.2%CVE-2022-26344HIGHIncorrect default permissions in the installation binaries for Intel(R) SEAPI all versions may allow an authenticated user to potentially enEPSS 0.2%CVE-2022-4575MEDIUM
A vulnerability due to improper write protection of UEFI variables was reported in the BIOS of some ThinkPad models could allow an attackerEPSS 0.2%CVE-2025-29570HIGHAn issue in Shenzhen Libituo Technology Co., Ltd LBT-T300-T400 v3.2 allows a local attacker to escalate privileges via the function tftp_imaEPSS 0.2%CVE-2022-36367MEDIUMIncorrect default permissions in the Intel(R) Support Android application before version v22.02.28 may allow a privileged user to potentiallEPSS 0.2%CVE-2025-34332HIGHAudioCodes Fax/IVR Appliance <= 2.6.23 Insecure Service Control Scripts LPEEPSS 0.2%CVE-2025-34333HIGHAudioCodes Fax/IVR Appliance <= 2.6.23 World-Writable Webroot LPEEPSS 0.2%CVE-2024-54131HIGHKolide Agent Privilege Escalation (Windows, Versions >= 1.5.3, < 1.12.3)EPSS 0.2%CVE-2023-4088CRITICALMalicious Code Execution Vulnerability in FA Engineering Software ProductsEPSS 0.2%CVE-2026-25203HIGHSamsung MagicINFO 9 Server Incorrect Default Permissions Local Privilege Escalation Vulnerability
This issue affects MagicINFO 9 Server: lEPSS 0.2%CVE-2024-46464HIGHIn PRIMX ZED Enterprise up to 2024.3, technical files stored in local folders with common user access can be manipulated to render the host EPSS 0.2%CVE-2024-51440HIGHAn issue in Nothing Tech Nothing OS v.2.6 allows a local attacker to escalate privileges via the NtBpfService component.EPSS 0.2%CVE-2024-28862MEDIUMROTP 6.2.2 and 6.2.1 has 0666 permissions for the .rb files.EPSS 0.2%CVE-2023-38410—The issue was addressed with improved checks. This issue is fixed in iOS 16.6 and iPadOS 16.6, macOS Ventura 13.5. A user may be able to eleEPSS 0.2%CVE-2025-24915HIGHWhen installing Nessus Agent to a non-default location on a Windows host, Nessus Agent versions prior to 10.8.3 did not enforce secure permiEPSS 0.2%CVE-2025-2502HIGHAn improper default permissions vulnerability was reported in Lenovo PC Manager that could allow a local attacker to elevate privileges.EPSS 0.2%CVE-2023-43081MEDIUM
PowerProtect Agent for File System Version 19.14 and prior, contains an incorrect default permissions vulnerability in ddfscon component. AEPSS 0.2%CVE-2023-38294MEDIUMCertain software builds for the Itel Vision 3 Turbo Android device contain a vulnerable pre-installed app with a package name of com.transsiEPSS 0.2%