Fallos del tipo CWE-732
691 resultadosCVE-2025-27446HIGHApache APISIX Java Plugin Runner: Local listening file permissions in APISIX plugin runner allow a local attacker to elevate privilegesEPSS 0.2%CVE-2025-21578MEDIUMVulnerability in Oracle Secure Backup (component: General). Supported versions that are affected are 12.1.0.1, 12.1.0.2, 12.1.0.3, 18.1.0.0EPSS 0.2%CVE-2022-44725HIGHOPC Foundation Local Discovery Server (LDS) through 1.04.403.478 uses a hard-coded file path to a configuration file. This allows a normal uEPSS 0.2%CVE-2022-36122HIGHThe Automox Agent before 40 on Windows incorrectly sets permissions on key files.EPSS 0.2%CVE-2024-13861HIGHA code injection vulnerability in the Debian package component of Taegis Endpoint Agent (Linux) versions older than 1.3.10 allows local userEPSS 0.2%CVE-2025-30661HIGHJunos OS: Low-privileged user can cause script to run as root, leading to privilege escalationEPSS 0.2%CVE-2024-21063MEDIUMVulnerability in the PeopleSoft Enterprise HCM Benefits Administration product of Oracle PeopleSoft (component: Benefits Administration). EPSS 0.2%CVE-2024-28827HIGHPrivilege escalation in Windows agentEPSS 0.2%CVE-2023-28960HIGHJunos OS Evolved: Docker repository is world-writeable, allowing low-privileged local user to inject files into Docker containersEPSS 0.2%CVE-2026-2637HIGHiBoysoft NTFS for Mac contains a local privilege escalation vulnerability in its privileged helper daemon ntfshelperd. The daemon exposes anEPSS 0.2%CVE-2026-28829MEDIUMA permissions issue was addressed with additional restrictions. This issue is fixed in macOS Sequoia 15.7.5, macOS Sonoma 14.8.5, macOS TahoEPSS 0.2%CVE-2025-26168HIGHIXON VPN Client before 1.4.4 on Linux and macOS allows Local Privilege Escalation to root because there is code execution from a configuratiEPSS 0.2%CVE-2026-35341HIGHuutils coreutils mkfifo Unauthorized Permission Change on Existing FilesEPSS 0.2%CVE-2024-10526HIGHRapid7 Velociraptor Local Privilege Escalation In Windows Velociraptor ServiceEPSS 0.2%CVE-2026-26422HIGHclash-verge-service-ipc before 2.3.0 has a world-reachable IPC endpoint, leading to local privilege escalation.EPSS 0.2%CVE-2023-1135HIGH
In Delta Electronics InfraSuite Device Master versions prior to 1.0.5, an attacker could set incorrect directory peEPSS 0.2%CVE-2025-2098HIGHDylib Hijacking in Fast CAD ReaderEPSS 0.2%CVE-2023-28123MEDIUMA permission misconfiguration in UI Desktop for Windows (Version 0.59.1.71 and earlier) could allow an user to hijack VPN credentials while EPSS 0.2%CVE-2022-39186MEDIUMEXFO - BV-10 Performance Endpoint Unit Misconfiguration EPSS 0.2%CVE-2025-13941HIGHFoxit PDF Reader Update Service Incorrect Permission Assignment Local Privilege Escalation VulnerabilityEPSS 0.2%