Weaknesses of type CWE-732
691 resultsCVE-2022-22148—'Root Service' service implemented in the following Yokogawa Electric products creates some named pipe with improper ACL configuration. CENTEPSS 0.2%CVE-2024-9842HIGHIncorrect permissions in Ivanti Secure Access Client before version 22.7R4 allows a local authenticated attacker to create arbitrary foldersEPSS 0.2%CVE-2024-52328LOWECOVACS lawnmowers and vacuums insecurely store audio warning filesEPSS 0.2%CVE-2021-47742HIGHEpic Games Psyonix Rocket League <=1.95 Elevation of Privileges via Insecure PermissionsEPSS 0.2%CVE-2024-7245HIGHPanda Security Dome VPN Incorrect Permission Assignment Local Privilege Escalation VulnerabilityEPSS 0.2%CVE-2025-50675HIGHGPMAW 14, a bioinformatics software, has a critical vulnerability related to insecure file permissions in its installation directory. The diEPSS 0.2%CVE-2025-64324HIGHKubeVirt Vulnerable to Arbitrary Host File Read and WriteEPSS 0.2%CVE-2022-43517HIGHA vulnerability has been identified in Simcenter STAR-CCM+ (All versions < V2306). The affected application improperly assigns file permissiEPSS 0.2%CVE-2025-26169HIGHIXON VPN Client before 1.4.4 on Windows allows Local Privilege Escalation to SYSTEM because there is code execution from a configuration filEPSS 0.2%CVE-2024-10256HIGHInsufficient permissions in Ivanti Patch SDK before version 9.7.703 allows a local authenticated attacker to delete arbitrary files.EPSS 0.2%CVE-2019-18243—HMI/SCADA iFIX (Versions 6.1 and prior) allows a local authenticated user to modify system-wide iFIX configurations through the registry. ThEPSS 0.2%CVE-2019-18255—HMI/SCADA iFIX (Versions 6.1 and prior) allows a local authenticated user to modify system-wide iFIX configurations through section objects.EPSS 0.2%CVE-2026-21727LOWGrafana Correlations: Cross-Tenant Data Disclosure and Permanent Deletion via Legacy org_id=0 RecordEPSS 0.2%CVE-2026-41959HIGHiControl and tmsh REST vulnerabilityEPSS 0.2%CVE-2026-42937HIGHiControl REST and tmsh vulnerabilityEPSS 0.2%CVE-2019-25245HIGHRoss Video DashBoard 8.5.1 Privilege Escalation via Insecure PermissionsEPSS 0.2%CVE-2024-21703MEDIUMThis Medium severity Security Misconfiguration vulnerability was introduced in version 8.8.1 of Confluence Data Center and Server for WindowEPSS 0.2%CVE-2022-31465HIGHA vulnerability has been identified in Xpedition Designer VX.2.10 (All versions < VX.2.10 Update 13), Xpedition Designer VX.2.11 (All versioEPSS 0.2%CVE-2024-3250MEDIUMIt was discovered that Canonical's Pebble service manager read-file API and the associated pebble pull command, before v1.10.2, allowed unprEPSS 0.2%CVE-2024-1486HIGHElevation of privileges via misconfigured access control list in GE HealthCare ultrasound devicesEPSS 0.2%