Fallos del tipo CWE-276
905 resultadosCVE-2023-52362HIGHPermission management vulnerability in the lock screen module.Successful exploitation of this vulnerability may affect availability.EPSS 0.4%CVE-2024-1156HIGHIncorrect directory permissions for the shared NI RabbitMQ service may allow a local authenticated user to read RabbitMQ configuration inforEPSS 0.4%CVE-2025-35062MEDIUMNewforma Info Exchange (NIX) default anonymous accessEPSS 0.4%CVE-2024-30415CRITICALVulnerability of improper permission control in the window management module.
Impact: Successful exploitation of this vulnerability will affEPSS 0.4%CVE-2023-52545HIGHVulnerability of undefined permissions in the Calendar app.
Impact: Successful exploitation of this vulnerability will affect availability.EPSS 0.4%CVE-2024-54564MEDIUMThis issue was addressed through improved state management. This issue is fixed in iOS 17.6 and iPadOS 17.6, macOS Sonoma 14.6, visionOS 1.3EPSS 0.3%CVE-2025-43595HIGHMSP360 Backup (for Linux) insecure filesystem permissionsEPSS 0.3%CVE-2018-7533—An Incorrect Default Permissions issue was discovered in OSIsoft PI Data Archive versions 2017 and prior. Insecure default configuration mayEPSS 0.3%CVE-2022-44561HIGHThe preset launcher module has a permission verification vulnerability. Successful exploitation of this vulnerability makes unauthorized appEPSS 0.3%CVE-2021-27285HIGHAn issue was discovered in Inspur ClusterEngine v4.0 that allows attackers to gain escalated Local privileges and execute arbitrary commandsEPSS 0.3%CVE-2023-26077—Atera Agent through 1.8.3.6 on Windows Creates a Temporary File in a Directory with Insecure Permissions.EPSS 0.3%CVE-2022-47040HIGHAn issue in ASKEY router RTF3505VW-N1 BR_SV_g000_R3505VMN1001_s32_7 allows attackers to escalate privileges via running the tcpdump command EPSS 0.3%CVE-2024-46916HIGHDiebold Nixdorf Vynamic Security Suite through 4.3.0 SR06 contains functionality that allows the removal of critical system files before theEPSS 0.3%CVE-2022-1109MEDIUMAn incorrect default permissions vulnerability in Lenovo Leyun cloud music application could allow denial of service.EPSS 0.3%CVE-2020-25245—A vulnerability has been identified in DIGSI 4 (All versions < V4.94 SP1 HF 1). Several folders in the %PATH% are writeable by normal users.EPSS 0.3%CVE-2026-6823HIGHHKUDS OpenHarness Insecure Default Remote Channel AllowlistEPSS 0.3%CVE-2023-29733—The Lock Master app 2.2.4 for Android allows unauthorized apps to modify the values in its SharedPreference files. These files hold data thaEPSS 0.3%CVE-2020-37129HIGHMemu Play 7.1.3 - Insecure Folder PermissionsEPSS 0.3%CVE-2019-3688MEDIUMsquid: /usr/sbin/pinger packaged with wrong permissionEPSS 0.3%CVE-2025-43507MEDIUMA privacy issue was addressed by moving sensitive data. This issue is fixed in iOS 18.7.2 and iPadOS 18.7.2, iOS 26.1 and iPadOS 26.1, macOSEPSS 0.3%