Fallos del tipo CWE-276
908 resultadosCVE-2025-48516MEDIUMInsecure default configuration state of DDR5 memory module by AGESA Bootloader Firmware could allow an attacker with local user privilege toEPSS 0.1%CVE-2025-27711MEDIUMIncorrect default permissions for some Intel(R) One Boot Flash Update (Intel(R) OFU) software before version 14.1.31 within Ring 3: User AppEPSS 0.1%CVE-2022-20611HIGHIn deletePackageVersionedInternal of DeletePackageHelper.java, there is a possible way to bypass carrier restrictions due to a permissions bEPSS 0.1%CVE-2024-53841HIGHIn startListeningForDeviceStateChanges, there is a possible Permission Bypass due to a confused deputy. This could lead to local escalation EPSS 0.1%CVE-2023-21128—In various functions of AppStandbyController.java, there is a possible way to break manageability scenarios due to a logic error in the codeEPSS 0.1%CVE-2026-50255MEDIUMIncorrect default permissions issue exists in Optical Disc Archive Software for Windows 5.5.3 and earlier. If this vulnerability is exploiteEPSS 0.1%CVE-2023-21175—In onCreate of DataUsageSummary.java, there is a possible method for a guest user to enable or disable mobile data due to a permissions bypaEPSS 0.1%CVE-2026-27653MEDIUMThe installers for multiple products provided by Soliton Systems K.K. contain an issue with incorrect default permissions, which may allow aEPSS 0.1%CVE-2025-8421MEDIUMAn improper default permission vulnerability was reported in Lenovo Dock Manager that, under certain conditions during installation, could aEPSS 0.1%CVE-2023-21126—In bindOutputSwitcherAndBroadcastButton of MediaControlPanel.java, there is a possible launch arbitrary activity under SysUI due to Unsafe IEPSS 0.1%CVE-2023-21107HIGHIn retrieveAppEntry of NotificationAccessDetails.java, there is a missing permission check. This could lead to local escalation of privilegeEPSS 0.1%CVE-2025-31940MEDIUMIncorrect default permissions for some Intel(R) Thread Director Visualizer software before version 1.1.1 within Ring 3: User Applications maEPSS 0.1%CVE-2025-30518MEDIUMIncorrect default permissions for some Intel(R) PresentMon before version 2.3.1 within Ring 3: User Applications may allow an escalation of EPSS 0.1%CVE-2023-40132HIGHIn setActualDefaultRingtoneUri of RingtoneManager.java, there is a possible way to bypass content providers read permissions due to a missinEPSS 0.1%CVE-2023-21139—In bindPlayer of MediaControlPanel.java, there is a possible launch arbitrary activity in SysUI due to Unsafe Intent. This could lead to locEPSS 0.1%CVE-2023-21121—In onResume of AppManagementFragment.java, there is a possible way to prevent users from forgetting a previously connected VPN due to impropEPSS 0.1%CVE-2023-21138—In onNullBinding of CallRedirectionProcessor.java, there is a possible long lived connection due to improper input validation. This could leEPSS 0.1%CVE-2026-20718MEDIUMIncorrect default permissions for some Intel(R) NPU Driver software installers before version 32.0.100.4511 within Ring 3: User ApplicationsEPSS 0.1%CVE-2023-21104MEDIUMIn applySyncTransaction of WindowOrganizer.java, a missing permission check could lead to local information disclosure with no additional exEPSS 0.1%CVE-2018-9431HIGHIn OSUInfo of OSUInfo.java, there is a possible escalation of privilege due to improper input validation. This could lead to local escalatioEPSS 0.1%