Falhas do tipo CWE-276

907 resultados
CVE-2021-3917A flaw was found in the coreos-installer, where it writes the Ignition config to the target system with world-readable access permissions. TEPSS 0.2%CVE-2026-45393HIGHLocal privilege escalation to SYSTEM in Cribl Edge for WindowsEPSS 0.2%CVE-2025-67230HIGHImproper permissions in the handler for the Custom URL Scheme in ToDesktop Builder v0.33.0 allows attackers with renderer-context access to EPSS 0.2%CVE-2022-21204HIGHImproper permissions for Intel(R) Quartus(R) Prime Pro Edition before version 21.3 may allow an authenticated user to potentially enable escEPSS 0.2%CVE-2022-33877MEDIUMAn incorrect default permission [CWE-276] vulnerability in FortiClient (Windows) versions 7.0.0 through 7.0.6 and 6.4.0 through 6.4.8 and FoEPSS 0.2%CVE-2025-6179CRITICALChromeOS Extension Disablement and Developer Mode Bypass via ExtHang3r and ExtPrint3r ExploitsEPSS 0.2%CVE-2023-44157LOWLocal privilege escalation due to insecure folder permissions. The following products are affected: Acronis Cyber Protect 15 (Windows) beforEPSS 0.2%CVE-2025-24107HIGHA permissions issue was addressed with additional restrictions. This issue is fixed in iOS 18.3 and iPadOS 18.3, macOS Sequoia 15.3, tvOS 18EPSS 0.2%CVE-2023-27593MEDIUMcilium-agent container can access the host via `hostPath` mountEPSS 0.2%CVE-2024-44135MEDIUMA permissions issue was addressed with additional restrictions. This issue is fixed in macOS Sequoia 15, macOS Sonoma 14.7. An app may be abEPSS 0.2%CVE-2025-10918HIGHInsecure default permissions in the agent of Ivanti Endpoint Manager before version 2024 SU4 allows a local authenticated attacker to write EPSS 0.2%CVE-2022-3155HIGHWhen saving or opening an email attachment on macOS, Thunderbird did not set attribute com.apple.quarantine on the received file. If the recEPSS 0.2%CVE-2022-31071LOWOctopoller gem published with world-writable filesEPSS 0.2%CVE-2024-25654MEDIUMInsecure permissions for log files of AVSystem Unified Management Platform (UMP) 23.07.0.16567~LTS allow members (with local access to the UEPSS 0.2%CVE-2023-7235HIGHThe OpenVPN GUI installer before version 2.6.9 did not set the proper access control restrictions to the installation directory of OpenVPN bEPSS 0.2%CVE-2026-48725HIGHWarp may allow terminal output to access the local clipboard through OSC 52EPSS 0.2%CVE-2025-24135HIGHThis issue was addressed with improved message validation. This issue is fixed in macOS Sequoia 15.3. An app may be able to gain elevated prEPSS 0.2%CVE-2021-33166MEDIUMIncorrect default permissions for the Intel(R) RXT for Chromebook application, all versions, may allow an authenticated user to potentially EPSS 0.2%CVE-2025-24176HIGHA permissions issue was addressed with improved validation. This issue is fixed in macOS Sequoia 15.3, macOS Sonoma 14.7.3, macOS Ventura 13EPSS 0.2%CVE-2022-3466MEDIUMCri-o: security regression of cve-2022-27652EPSS 0.2%