Falhas do tipo CWE-732
690 resultadosCVE-2024-46897LOWIncorrect permission assignment for critical resource issue exists in Exment v6.1.4 and earlier and Exment v5.0.11 and earlier. A logged-in EPSS 0.4%CVE-2020-7314HIGHPrivilege Escalation vulnerability in McAfee DXL for MacEPSS 0.4%CVE-2022-45304MEDIUMInsecure permissions in Chocolatey Cmder package v1.3.20 and below grants all users in the Authenticated Users group write privileges for thEPSS 0.4%CVE-2025-62575HIGHMirion Medical EC2 Software NMIS BioDose Incorrect Permission Assignment for Critical ResourceEPSS 0.4%CVE-2024-21902MEDIUMQTS, QuTS heroEPSS 0.4%CVE-2022-45301MEDIUMInsecure permissions in Chocolatey Ruby package v3.1.2.1 and below grants all users in the Authenticated Users group write privileges for thEPSS 0.4%CVE-2022-45306MEDIUMInsecure permissions in Chocolatey Azure-Pipelines-Agent package v2.211.1 and below grants all users in the Authenticated Users group write EPSS 0.4%CVE-2022-45305MEDIUMInsecure permissions in Chocolatey Python3 package v3.11.0 and below grants all users in the Authenticated Users group write privileges for EPSS 0.4%CVE-2022-45307MEDIUMInsecure permissions in Chocolatey PHP package v8.1.12 and below grants all users in the Authenticated Users group write privileges for the EPSS 0.4%CVE-2024-30413HIGHVulnerability of improper permission control in the window management module.
Impact: Successful exploitation of this vulnerability will affEPSS 0.4%CVE-2023-52388HIGHPermission control vulnerability in the clock module.
Impact: Successful exploitation of this vulnerability will affect availability.EPSS 0.4%CVE-2023-52715HIGHThe SystemUI module has a vulnerability in permission management.
Impact: Successful exploitation of this vulnerability may affect availabilEPSS 0.4%CVE-2017-12713—An Incorrect Permission Assignment for Critical Resource issue was discovered in Advantech WebAccess versions prior to V8.2_20170817. MultipEPSS 0.4%CVE-2020-10699HIGHA flaw was found in Linux, in targetcli-fb versions 2.1.50 and 2.1.51 where the socket used by targetclid was world-writable. If a system enEPSS 0.3%CVE-2025-6297HIGHdpkg-deb: Fix cleanup for control member with restricted directoriesEPSS 0.3%CVE-2025-43808MEDIUMThe Commerce component in Liferay Portal 7.3.0 through 7.4.3.112, and Liferay DXP 2023.Q4.0 through 2023.Q4.8, 2023.Q3.1 through 2023.Q3.10,EPSS 0.3%CVE-2025-0590HIGHImproper permission settings for mobile applications (com.transsion.carlcare) may lead to
information leakage risk.EPSS 0.3%CVE-2025-45471HIGHInsecure permissions in measure-cold-start v1.4.1 allows attackers to escalate privileges and compromise the customer cloud account.EPSS 0.3%CVE-2024-27108MEDIUMNon privileged access to critical file vulnerability in GE HealthCare EchoPAC productsEPSS 0.3%CVE-2024-28589MEDIUMAn issue was discovered in Axigen Mail Server for Windows versions 10.5.18 and before, allows local low-privileged attackers to execute arbiEPSS 0.3%