Weaknesses of type CWE-732
691 resultsCVE-2024-39709HIGHIncorrect file permissions in Ivanti Connect Secure before version 22.6R2 (Not Applicable to 9.1Rx) and Ivanti Policy Secure before version EPSS 0.3%CVE-2025-0093HIGHIn handleBondStateChanged of AdapterService.java, there is a possible unapproved data access due to a missing permission check. This could lEPSS 0.3%CVE-2025-21520LOWVulnerability in the MySQL Server product of Oracle MySQL (component: Server: Options). Supported versions that are affected are 8.0.40 andEPSS 0.3%CVE-2025-52873HIGHCognex In-Sight Explorer and In-Sight Camera Firmware Incorrect Permission Assignment for Critical ResourceEPSS 0.3%CVE-2025-54497HIGHCognex In-Sight Explorer and In-Sight Camera Firmware Incorrect Permission Assignment for Critical ResourceEPSS 0.3%CVE-2012-0433LOWinsecure permissions on files containing confidential dataEPSS 0.3%CVE-2009-3482HIGHTrustPort Antivirus before 2.8.0.2266 and PC Security before 2.0.0.1291 use weak permissions (Everyone: Full Control) for files under %PROGREPSS 0.3%CVE-2020-8029LOWskuba: Insecure handling of private keyEPSS 0.3%CVE-2025-0374MEDIUMUnprivileged access to system filesEPSS 0.3%CVE-2025-12004CRITICALThe compare API module breaks Extension:LockdownEPSS 0.3%CVE-2025-22454HIGHInsufficiently restrictive permissions in Ivanti Secure Access Client before 22.7R4 allows a local authenticated attacker to escalate their EPSS 0.3%CVE-2019-0073MEDIUMJunos OS: PKI key pairs are exported with insecure file permissionsEPSS 0.3%CVE-2024-9244HIGHFoxit PDF Reader Update Service Incorrect Permission Assignment Local Privilege Escalation VulnerabilityEPSS 0.3%CVE-2025-34323HIGHNagios Log Server < 2026R1.0.1 Local Privilege Escalation via Writable Scripts and Sudo RulesEPSS 0.3%CVE-2025-21571HIGHVulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). Supported versions that are affected are PrioEPSS 0.3%CVE-2021-21364MEDIUMGenerated Code Contains Local Information Disclosure VulnerabilityEPSS 0.3%CVE-2026-32048HIGHOpenClaw < 2026.3.1 - Sandbox Escape via Cross-Agent sessions_spawnEPSS 0.3%CVE-2023-31871HIGHOpenText Documentum Content Server before 23.2 has a flaw that allows for privilege escalation from a non-privileged Documentum user to rootEPSS 0.3%CVE-2020-8473HIGHABB System 800xA Weak File Permissions - ABB System 800xA BaseEPSS 0.3%CVE-2026-24049HIGHwheel Allows Arbitrary File Permission Modification via Path TraversalEPSS 0.3%