Weaknesses of type CWE-276
907 resultsCVE-2025-62577HIGHETERNUS SF provided by Fsas Technologies Inc. contains an incorrect default permissions vulnerability. A low-privileged user with access to EPSS 0.2%CVE-2025-42598HIGHMultiple SEIKO EPSON printer drivers for Windows OS are configured with an improper access permission settings when installed or used in a lEPSS 0.2%CVE-2026-36742MEDIUMHiseeu C90 v5.7.15 is vulnerable to Insecure Permissions. The UART bootloader is accessible when battery is disconnected (hidden/debug mode)EPSS 0.2%CVE-2023-27392MEDIUMIncorrect default permissions in the Intel(R) Support android application before version v23.02.07 may allow a privileged user to potentiallEPSS 0.2%CVE-2023-44194HIGHJunos OS: An unauthenticated attacker with local access to the device can create a backdoor with root privilegesEPSS 0.2%CVE-2023-32638MEDIUMIncorrect default permissions in some Intel Arc RGB Controller software before version 1.06 may allow an authenticated user to potentially eEPSS 0.2%CVE-2026-57924MEDIUMIn JetBrains YouTrack before 2026.2.16593 default role configuration exposed excessive user profile detailsEPSS 0.2%CVE-2023-41231MEDIUMIncorrect default permissions in some ACAT software maintained by Intel(R) before version 2.0.0 may allow an authenticated user to potentialEPSS 0.2%CVE-2023-28739MEDIUMIncorrect default permissions in some Intel(R) Chipset Driver Software before version 10.1.19444.8378 may allow an authenticated user to potEPSS 0.2%CVE-2023-27305MEDIUMIncorrect default permissions in some Intel(R) Arc(TM) Control software before version 1.73.5335.2 may allow an authenticated user to potentEPSS 0.2%CVE-2023-34315MEDIUMIncorrect default permissions in some Intel(R) VROC software before version 8.0.8.1001 may allow an authenticated user to potentially enableEPSS 0.2%CVE-2025-27612MEDIUMLibcontainer is affected by capabilities elevationEPSS 0.2%CVE-2022-20495HIGHIn getEnabledAccessibilityServiceList of AccessibilityManager.java, there is a possible way to hide an accessibility service due to a logic EPSS 0.2%CVE-2023-40154MEDIUMIncorrect default permissions in the Intel(R) SUR for Gameplay Software before version 2.0.1901 may allow privillaged user to potentially enEPSS 0.2%CVE-2025-5963MEDIUMTCC Bypass via Dylib Injection in PostboxEPSS 0.2%CVE-2024-53921LOWAn issue was discovered in the installer in Samsung Magician 8.1.0 on Windows. An attacker can create arbitrary folders in the system permisEPSS 0.2%CVE-2025-57848MEDIUMContainer-native-virtualization: privilege escalation via excessive /etc/passwd permissionsEPSS 0.2%CVE-2022-48685HIGHAn issue was discovered in Logpoint 7.1 before 7.1.2. The daily executed cron file clean_secbi_old_logs is writable by all users and is execEPSS 0.2%CVE-2022-42718HIGHIncorrect default permissions in the installation folder for NI LabVIEW Command Line Interface (CLI) may allow an authenticated user to poteEPSS 0.2%CVE-2023-30905—The MC990 X and UV300 RMC component has and inadequate default configuration that could be exploited to obtain enhanced privilege.EPSS 0.2%