Falhas do tipo CWE-276
908 resultadosCVE-2024-43085HIGHIn handleMessage of UsbDeviceManager.java, there is a possible method to access device contents over USB without unlocking the device due toEPSS 0.1%CVE-2025-11535HIGHMongoDB Connector for BI installation MSI leave ACLs unset on custom installation directoriesEPSS 0.1%CVE-2025-8098HIGHAn improper permission vulnerability was reported in Lenovo PC Manager that could allow a local attacker to escalate privileges.EPSS 0.1%CVE-2026-3315MEDIUMLocal Privilege Escalation Due to Writable Executable in Privileged Visionline Service PathEPSS 0.1%CVE-2025-48959MEDIUMLocal privilege escalation due to insecure file permissions. The following products are affected: Acronis Cyber Protect Cloud Agent (WindowsEPSS 0.1%CVE-2025-36511MEDIUMIncorrect default permissions for some Intel(R) Memory and Storage Tool before version 2.5.2 within Ring 3: User Applications may allow an eEPSS 0.1%CVE-2025-32453MEDIUMIncorrect default permissions for some Intel(R) Graphics Driver software within Ring 2: Privileged Process may allow an escalation of privilEPSS 0.1%CVE-2026-53870MEDIUMHermes Agent < 0.16.0 - Sensitive File Permission Vulnerability in Store FilesEPSS 0.1%CVE-2025-11567HIGHCWE-276: Incorrect Default Permissions vulnerability exists that could cause elevated system access when the target installation folder is nEPSS 0.1%CVE-2022-20448MEDIUMIn buzzBeepBlinkLocked of NotificationManagerService.java, there is a possible way to share data across users due to a permissions bypass. TEPSS 0.1%CVE-2025-64723MEDIUMArduino IDE for macOS has TCC Bypass via Dynamic Library InjectionEPSS 0.1%CVE-2025-48512HIGHIncorrect default permissions in the installation directory for the AMD general-purpose input/output controller (GPIO) could allow an attackEPSS 0.1%CVE-2025-58097MEDIUMThe installation directory of LogStare Collector is configured with incorrect access permissions. A non-administrative user may manipulate fEPSS 0.1%CVE-2026-2026MEDIUMImproper Access Control Allows Denial of ServiceEPSS 0.1%CVE-2026-28727HIGHLocal privilege escalation due to insecure Unix socket permissions. The following products are affected: Acronis Cyber Protect 17 (macOS) beEPSS 0.1%CVE-2025-27559MEDIUMIncorrect default permissions for some AI Playground software before version v2.3.0 alpha may allow an authenticated user to potentially enaEPSS 0.1%CVE-2026-44469HIGHIncorrect Default Permissions in CODESYS Development SystemEPSS 0.1%CVE-2025-20087MEDIUMIncorrect default permissions for some Intel(R) oneAPI DPC++/C++ Compiler software installers may allow an authenticated user to potentiallyEPSS 0.1%CVE-2026-0432HIGHIncorrect default permissions in the installation directory for the AMD chipset driver could allow an attacker to achieve privilege escalatiEPSS 0.1%CVE-2025-20023MEDIUMIncorrect default permissions for some Intel(R) Graphics Driver software installers may allow an authenticated user to potentially enable esEPSS 0.1%