Loading...
Loading...
1,613 active CVEs classified under this weakness category. Sourced from NVD, GHSA, and vendor advisories. Full definition on MITRE →
Due to incorrect access control in Plone version v6.0.9, remote attackers can view and list all files hosted on the website via sending a crafted request.
A permissions issue was addressed with additional restrictions. This issue is fixed in iOS 17.3 and iPadOS 17.3, macOS Monterey 12.7.4, macOS Sonoma 14.3, macOS Ventura 13.6.5, tvOS 17.3, watchOS 10.3. An app may be able to cause a denial-…
A permissions issue was addressed with additional restrictions. This issue is fixed in macOS Sonoma 14.4. An app may be able to access a user's Photos Library.
A permissions issue was addressed to help ensure Personas are always protected. This issue is fixed in visionOS 1.1. An unauthenticated user may be able to use an unprotected Persona.
Relax-and-Recover (aka ReaR) through 2.7 creates a world-readable initrd when using GRUB_RESCUE=y. This allows local attackers to gain access to system secrets otherwise only readable by root.
Incorrect default permissions in some Intel(R) Distribution for GDB software before version 2024.0.1 may allow an authenticated user to potentially enable escalation of privilege via local access.
Incorrect default permissions issue exists in Unifier and Unifier Cast. If this vulnerability is exploited, arbitrary code may be executed with LocalSystem privilege. As a result, a malicious program may be installed, data may be altered o…
Incorrect default permissions in some Intel(R) ISH software installers may allow an authenticated user to potentially enable escalation of privilege via local access.
pkg is tool design to bundle Node.js projects into an executables. Any native code packages built by `pkg` are written to a hardcoded directory. On unix systems, this is `/tmp/pkg/*` which is a shared directory for all users on the same lo…
The Journal module in Liferay Portal 7.2.0 through 7.4.3.4, and older unsupported versions, and Liferay DXP 7.4.13, 7.3 before service pack 3, 7.2 before fix pack 17, and older unsupported versions grants guest users view permission to web…
Incorrect default permissions for some Intel(R) Binary Configuration Tool software for Windows before version 3.4.5 may allow an authenticated user to potentially enable escalation of privilege via local access.
Insecure permissions for log files of AVSystem Unified Management Platform (UMP) 23.07.0.16567~LTS allow members (with local access to the UMP application server) to access credentials to authenticate to all services, and to decrypt sensit…
Dell Grab for Windows, versions up to and including 5.0.4, contain Weak Application Folder Permissions vulnerability. A local authenticated attacker could potentially exploit this vulnerability, leading to privilege escalation, unauthorize…
Incorrect default permissions for some Intel(R) Advisor software before version 2024.1 may allow an authenticated user to potentially enable escalation of privilege via local access.
Apache Airflow, versions before 2.8.2, has a vulnerability that allows authenticated Ops and Viewers users to view all information on audit logs, including dag names and usernames they were not permitted to view. With 2.8.2 and newer, Ops…
A vulnerability in the web-based management interface of ClearPass Policy Manager could allow a remote attacker authenticated with low privileges to access sensitive information. A successful exploit allows an attacker to retrieve informat…
Insecure Permissions vulnerability in Wondershare Filmora v.13.0.51 allows a local attacker to execute arbitrary code via a crafted script to the WSNativePushService.exe
Excessive directory permissions in MLflow leads to local privilege escalation when using spark_udf. This behavior can be exploited by a local attacker to gain elevated permissions by using a ToCToU attack. The issue is only relevant when t…
The Toshiba printers provide several ways to upload files using the web interface without authentication. An attacker can overwrite any insecure files. And the Toshiba printers are vulnerable to a Local Privilege Escalation vulnerability. …
The Toshiba printers are vulnerable to a Local Privilege Escalation vulnerability. An attacker can remotely compromise any Toshiba printer. As for the affected products/models/versions, see the reference URL.
The Toshiba printers are vulnerable to a Local Privilege Escalation vulnerability. An attacker can remotely compromise any Toshiba printer. As for the affected products/models/versions, see the reference URL.
The Toshiba printers are vulnerable to a Local Privilege Escalation vulnerability. An attacker can remotely compromise any Toshiba printer. As for the affected products/models/versions, see the reference URL.
The Toshiba printers are vulnerable to a Local Privilege Escalation vulnerability. An attacker can remotely compromise any Toshiba printer. The programs can be replaced by malicious programs by any local or remote attacker. As for the affe…
The Toshiba printers are vulnerable to a Local Privilege Escalation vulnerability. An attacker can remotely compromise any Toshiba printer. As for the affected products/models/versions, see the reference URL.
The Toshiba printers are vulnerable to a Local Privilege Escalation vulnerability. An attacker can remotely compromise any Toshiba printer. As for the affected products/models/versions, see the reference URL.
The Toshiba printers are vulnerable to a Local Privilege Escalation vulnerability. An attacker can remotely compromise any Toshiba printer. The programs can be replaced by malicious programs by any local or remote attacker. As for the affe…
Coredump binaries in Toshiba printers have incorrect permissions. A local attacker can steal confidential information. As for the affected products/models/versions, see the reference URL.
Toshiba printers use Sendmail to send emails to recipients. Sendmail is used with several insecure directories. A local attacker can inject a malicious Sendmail configuration file. As for the affected products/models/versions, see the refe…
A remote attacker using the insecure upload functionality will be able to overwrite any Python file and get Remote Code Execution. As for the affected products/models/versions, see the reference URL.
An attacker with admin access can install rogue applications. As for the affected products/models/versions, see the reference URL.
IBM Performance Tools for i 7.2, 7.3, 7.4, and 7.5 could allow a local user to gain elevated privileges due to an unqualified library call. A malicious actor could cause user-controlled code to run with administrator privilege. IBM X-For…
Incorrect default permissions in software installer for Intel(R) MAS (GUI) may allow an authenticated user to potentially enable denial of service via local access.
Macro Expert through 4.9.4 allows BUILTIN\Users:(OI)(CI)(M) access to the "%PROGRAMFILES(X86)%\GrassSoft\Macro Expert" folder and thus an unprivileged user can escalate to SYSTEM by replacing the MacroService.exe binary.
A permissions issue was addressed by removing vulnerable code and adding additional checks. This issue is fixed in macOS Sonoma 14.4. An app may be able to modify protected parts of the file system.
Amazon AWS Amplify CLI before 12.10.1 incorrectly configures the role trust policy of IAM roles associated with Amplify projects. When the Authentication component is removed from an Amplify project, a Condition property is removed but "Ef…
In RSA NetWitness (NW) Platform before 12.5.1, even when an administrator revokes the access of a specific user with an active session, an internal threat actor could impersonate the revoked user and gain unauthorized access to sensitive d…
Incorrect Default Permissions, Improper Preservation of Permissions vulnerability in Hitachi Ops Center Common Services allows File Manipulation.This issue affects Hitachi Ops Center Common Services: before 11.0.2-00.
By default, SANnav OVA is shipped with root user login enabled. While protected by a password, access to root could expose SANnav to a remote attacker should they gain access to the root account.
The Ruby One Time Password library (ROTP) is an open source library for generating and validating one time passwords. Affected versions had overly permissive default permissions. Users should patch to version 6.3.0. Users unable to patch m…
Incorrect default permissions for some Intel(R) Graphics Driver installers may allow an authenticated user to potentially enable escalation of privilege via local access.
Incorrect default permissions in some Intel(R) Distribution for Python software before version 2024.2 may allow an authenticated user to potentially enable escalation of privilege via local access.
Brocade SANnav OVA before v2.3.1 and v2.3.0a have an insecure file permission setting that makes files world-readable. This could allow a local user without the required privileges to access sensitive information or a Java binary.
In Brocade SANnav before Brocade SANnav v2.31 and v2.3.0a, it was observed that Docker instances inside the appliance have insecure mount points, allowing reading and writing access to sensitive files. The vulnerability could allow a sudo …
In Emacs before 29.3, LaTeX preview is enabled by default for e-mail attachments.
Vulnerability of improper permission control in the window management module. Impact: Successful exploitation of this vulnerability will affect availability.
An issue in Secnet Security Network Intelligent AC Management System v.1.02.040 allows a local attacker to escalate privileges via the password component.
In multiple locations, there is a possible information leak due to a missing permission check. This could lead to local information disclosure exposing played media with no additional execution privileges needed. User interaction is not ne…
Redon Hub is a Roblox Product Delivery Bot, also known as a Hub. In all hubs before version 1.0.2, all commands are capable of being ran by all users, including admin commands. This allows users to receive products for free and delete/crea…
Insecure Permission vulnerability in Agasta Sanketlife 2.0 Pocket 12-Lead ECG Monitor FW Version 3.0 allows a local attacker to cause a denial of service via the Bluetooth Low Energy (BLE) component.
Under certain circumstances the impacted Software House C•CURE 9000 installer will utilize unnecessarily wide permissions.
EchelonGraph correlates every CVE — across CWE-276 and 150+ other weakness categories — against the assets you actually run. See blast radius, fix versions, and remediation steps in one graph.
Start Free Scan →