Weaknesses of type CWE-276
907 resultsCVE-2024-3904HIGHIncorrect Default Permissions vulnerability in Smart Device Communication Gateway preinstalled on MELIPC Series MI5122-VW firmware versions EPSS 0.2%CVE-2024-4763HIGHAn insecure driver vulnerability was reported in Lenovo Display Control Center (LDCC) and Lenovo Accessories and Display Manager (LADM)
thEPSS 0.2%CVE-2020-29489MEDIUMDell EMC Unity, Unity XT, and UnityVSA versions prior to 5.0.4.0.5.012 contains a plain-text password storage vulnerability. A user credentiEPSS 0.2%CVE-2022-36439MEDIUMAsusSoftwareManager.exe in ASUS System Control Interface on ASUS personal computers (running Windows) allows a local user to write into the EPSS 0.2%CVE-2024-2175HIGHAn insecure permissions vulnerability was reported in Lenovo Display Control Center (LDCC) and Lenovo Accessories and Display Manager (LADM)EPSS 0.2%CVE-2025-57850MEDIUMCodeready-ws: privilege escalation via excessive /etc/passwd permissionsEPSS 0.2%CVE-2025-54086MEDIUMExcess Permissions in WarehouseEPSS 0.2%CVE-2022-36438HIGHAsusSwitch.exe on ASUS personal computers (running Windows) sets weak file permissions, leading to local privilege escalation (this also canEPSS 0.2%CVE-2024-32942MEDIUMIncorrect default permissions for some Intel(R) DSA installer for Windows before version 24.2.19.5 may allow an authenticated user to potentEPSS 0.2%CVE-2024-55957HIGHIn Thermo Fisher Scientific Xcalibur before 4.7 SP1 and Thermo Foundation Instrument Control Software (ICSW) before 3.1 SP10, the driver pacEPSS 0.2%CVE-2024-11969HIGHIncorrect default permissions in Cradlepoint NetCloud ExchangeEPSS 0.2%CVE-2025-0542HIGHG DATA Management Server Local privilege escalationEPSS 0.2%CVE-2023-28966HIGHJunos OS Evolved: Local low-privileged user with shell access can execute CLI commands as rootEPSS 0.2%CVE-2021-41614HIGHAn issue was discovered in the controller unit of the OpenRISC mor1kx processor. The read/write access permissions to the Exception Program EPSS 0.2%CVE-2025-8069HIGHLocal Privilege Escalation Vulnerability in AWS Client VPN Windows ClientEPSS 0.2%CVE-2025-43442LOWA permissions issue was addressed with additional restrictions. This issue is fixed in iOS 18.7.2 and iPadOS 18.7.2, iOS 26.1 and iPadOS 26.EPSS 0.2%CVE-2024-30977HIGHAn issue in Secnet Security Network Intelligent AC Management System v.1.02.040 allows a local attacker to escalate privileges via the passwEPSS 0.2%CVE-2026-21423MEDIUMDell PowerScale OneFS, versions prior to 9.10.1.6 and versions 9.11.0.0 through 9.12.0.1, contains an incorrect default permissions vulnerabEPSS 0.2%CVE-2023-25941HIGH
Dell PowerScale OneFS versions 8.2.x-9.5.0.x contain an elevation of privilege vulnerability. A low-privileged local attacker could potentiEPSS 0.2%CVE-2024-46466HIGHBy default, dedicated folders of ZONECENTRAL for Windows up to 2024.3 or up to Q.2021.2 (ANSSI qualification submission) can be accessed by EPSS 0.2%