Fallos del tipo CWE-277
70 resultadosCVE-2023-27842HIGHInsecure Permissions vulnerability found in Extplorer File manager eXtplorer v.2.1.15 allows a remote attacker to execute arbitrary code viaEPSS 2.4%CVE-2024-39877HIGHApache Airflow: DAG Author Code Execution possibility in airflow-schedulerEPSS 1.7%CVE-2021-41170CRITICALEvaluation of closures can lead to execution of methods & functions in current program scopeEPSS 1.5%CVE-2024-36539CRITICALInsecure permissions in contour v1.28.3 allows attackers to access sensitive data and escalate privileges by obtaining the service account'sEPSS 1.3%CVE-2021-32725LOWDefault share permissions not respected for federated resharesEPSS 1.2%CVE-2024-42681HIGHInsecure Permissions vulnerability in xxl-job v.2.4.1 allows a remote attacker to execute arbitrary code via the Sub-Task ID component.EPSS 0.9%CVE-2024-7143MEDIUMPulpcore: rbac permissions incorrectly assigned in tasks that create objectsEPSS 0.6%CVE-2024-27834HIGHThe issue was addressed with improved checks. This issue is fixed in Safari 17.5, iOS 16.7.8 and iPadOS 16.7.8, iOS 17.5 and iPadOS 17.5, maEPSS 0.6%CVE-2024-34329HIGHInsecure permissions in Entrust Datacard XPS Card Printer Driver 8.5 and earlier without the dxp1-patch-E24-004 patch allows unauthenticatedEPSS 0.6%CVE-2019-5068MEDIUMAn exploitable shared memory permissions vulnerability exists in the functionality of X11 Mesa 3D Graphics Library 19.1.2. An attacker can aEPSS 0.5%CVE-2025-37174HIGHAuthenticated Arbitrary File Write Vulnerability in AOS 10 and AOS-8 Web-Based Management InterfaceEPSS 0.5%CVE-2024-36542HIGHInsecure permissions in kuma v2.7.0 allows attackers to access sensitive data and escalate privileges by obtaining the service account's tokEPSS 0.5%CVE-2024-41601HIGHInsecure Permissions vulnerability in lin-CMS v.0.2.0 and before allows a remote attacker to obtain sensitive information via the login methEPSS 0.5%CVE-2021-24031—In the Zstandard command-line utility prior to v1.4.1, output files were created with default permissions. Correct file permissions (matchinEPSS 0.4%CVE-2024-36540CRITICALInsecure permissions in external-secrets v0.9.16 allows attackers to access sensitive data and escalate privileges by obtaining the service EPSS 0.4%CVE-2024-6605HIGHFirefox Android missed activation delay to prevent tapjackingEPSS 0.4%CVE-2025-58437HIGHCoder's privilege escalation vulnerability could lead to a cross workspace compromiseEPSS 0.3%CVE-2021-24032—Beginning in v1.4.1 and prior to v1.4.9, due to an incomplete fix for CVE-2021-24031, the Zstandard command-line utility created output fileEPSS 0.3%CVE-2025-11554MEDIUMPortabilis i-Educar User Type AccessLevelController.php insecure inherited permissionsEPSS 0.3%CVE-2025-56019MEDIUMAn insecure permission vulnerability exists in the Agasta Easytouch+ version 9.3.97 The device allows unauthorized mobile applications to coEPSS 0.3%