Fallos del tipo CWE-276
907 resultadosCVE-2024-10251HIGHUnder specific circumstances, insecure permissions in Ivanti Security Controls before version 2024.4.1 allows a local authenticated attackerEPSS 0.2%CVE-2024-11598HIGHUnder specific circumstances, insecure permissions in Ivanti Application Control before version 2024.3 HF1, 2024.1 HF2, or 2023.3 HF3 allowsEPSS 0.2%CVE-2025-7195MEDIUMOperator-sdk: privilege escalation due to incorrect permissions of /etc/passwdEPSS 0.2%CVE-2024-3779MEDIUMDenial of Service in ESET products for WindowsEPSS 0.2%CVE-2024-1605MEDIUMDLL side-loading in BMC Control-MEPSS 0.2%CVE-2025-7672LOWStored-XSS possibility in Namo CrossEditor4EPSS 0.2%CVE-2025-54990MEDIUMXWiki AdminTools application doesn't set permissions on the AdminTools spaceEPSS 0.2%CVE-2025-24267HIGHA permissions issue was addressed with additional restrictions. This issue is fixed in macOS Sequoia 15.4, macOS Sonoma 14.7.5, macOS VenturEPSS 0.2%CVE-2022-31251MEDIUMslurm: %post for slurm-testsuite operates as root in user owned directoryEPSS 0.2%CVE-2020-29503MEDIUMDell EMC PowerStore versions prior to 1.0.3.0.5.xxx contain a file permission Vulnerability. A locally authenticated attacker could potentiaEPSS 0.2%CVE-2024-2819MEDIUMFile Permission Vulnerability in Hitachi Ops Center Common ServicesEPSS 0.2%CVE-2021-3462MEDIUMA privilege escalation vulnerability in Lenovo Power Management Driver for Windows 10, prior to version 1.67.17.54, that could allow unauthoEPSS 0.2%CVE-2023-3112HIGHA vulnerability was reported in Elliptic Labs Virtual Lock Sensor for ThinkPad T14 Gen 3 that could allow an attacker with local access to eEPSS 0.2%CVE-2025-46803MEDIUMScreen creates by default world-writable PTYsEPSS 0.2%CVE-2023-35183HIGHSolarWinds Access Rights Manager Incorrect Default Permissions Local Privilege Escalation VulnerabilityEPSS 0.2%CVE-2025-32981HIGHNETSCOUT nGeniusONE before 6.4.0 b2350 allows local users to leverage Insecure Permissions for the nGeniusCLI File.EPSS 0.2%CVE-2025-52361HIGHInsecure permissions in the script /etc/init.d/lighttpd in AK-Nord USB-Server-LXL Firmware v0.0.16 Build 2023-03-13 allows a locally authentEPSS 0.2%CVE-2024-12903HIGHIncorrect default permissions in Biamp Evoko HomeEPSS 0.2%CVE-2021-47852HIGHRockstar Service - Insecure File PermissionsEPSS 0.2%CVE-2021-22817—A CWE-276: Incorrect Default Permissions vulnerability exists that could cause unauthorized access to the base installation directory leadinEPSS 0.2%