Weaknesses of type CWE-276
908 resultsCVE-2024-29083MEDIUMIncorrect default permissions in some Intel(R) Distribution for Python software before version 2024.2 may allow an authenticated user to potEPSS 0.2%CVE-2024-34011MEDIUMLocal privilege escalation due to insecure folder permissions. The following products are affected: Acronis Cyber Protect Cloud Agent (WindoEPSS 0.2%CVE-2024-43114HIGHIn JetBrains TeamCity before 2024.07.1 possible privilege escalation due to incorrect directory permissionsEPSS 0.2%CVE-2025-31261MEDIUMA permissions issue was addressed with additional sandbox restrictions. This issue is fixed in macOS Sequoia 15.4, macOS Sonoma 14.7.5, macOEPSS 0.2%CVE-2023-25540MEDIUM
Dell PowerScale OneFS 9.4.0.x contains an incorrect default permissions vulnerability. A local malicious user could potentially exploit thiEPSS 0.2%CVE-2021-46834MEDIUMA permission bypass vulnerability in Huawei cross device task management could allow an attacker to access certain resource in the attacked EPSS 0.2%CVE-2024-21615MEDIUMJunos OS and Junos OS Evolved: A low-privileged user can access confidential informationEPSS 0.2%CVE-2024-42419MEDIUMIncorrect default permissions for some Intel(R) GPA and Intel(R) GPA Framework software installers may allow an authenticated user to potentEPSS 0.2%CVE-2023-5623HIGHPrivilege Escalation EPSS 0.2%CVE-2020-36652MEDIUMFile and Directory Permissions Vulnerability in Hitachi Automation Director, Hitachi Infrastructure Analytics Advisor, Hitachi Ops CenterEPSS 0.1%CVE-2025-54866LOWWazuh installation fails to protected authd.pass on WindowsEPSS 0.1%CVE-2020-36611MEDIUMFile and Directory Permission Vulnerability in Hitachi Tuning ManagerEPSS 0.1%CVE-2025-23347HIGHNVIDIA Project G-Assist contains a vulnerability where an attacker might be able to escalate permissions. A successful exploit of this vulneEPSS 0.1%CVE-2024-40792LOWA permissions issue was addressed with additional restrictions. This issue is fixed in macOS Sequoia 15. A malicious app may be able to chanEPSS 0.1%CVE-2025-5199HIGHLPE on Multipass for macOSEPSS 0.1%CVE-2024-35201MEDIUMIncorrect default permissions in the Intel(R) SDP Tool for Windows software all versions may allow an authenticated user to enable escalatioEPSS 0.1%CVE-2021-37000HIGHSome Huawei wearables have a permission management vulnerability.EPSS 0.1%CVE-2026-48935LOWA flaw in Node.js Permission API can cause a file metadata to be modified even on a path that was set as read-only with e.g. `--allow-fs-reaEPSS 0.1%CVE-2024-36339HIGHA DLL hijacking vulnerability in the AMD Optimizing CPU Libraries could allow an attacker to achieve privilege escalation, potentially resulEPSS 0.1%CVE-2023-50236HIGHA vulnerability has been identified in Polarion ALM (All versions < V2404.0). The affected product is vulnerable due to weak file and folderEPSS 0.1%