CWE-276

Medium likelihood

Incorrect Default Permissions

Parent: CWE-732 - Incorrect Permission Assignment for Critical Resource

During installation, installed file permissions are set to allow anyone to modify those files.

1,510 vulnerabilities with CWE-276
CVE-2024-53921 LOW
Samsung Magician 8.1.0 - Path Traversal
CVSS 2.8
CVE-2024-11969 HIGH
NetCloud Exchange client for Windows <1.110.50 - Privilege Escalation
CVSS 8.8
CVE-2024-46054 CRITICAL
OpenVidReview 1.0 - Unauthenticated Arbitrary File Upload via /upload Route
CVSS 9.8
CVE-2024-6476 MEDIUM
Axis Camera Station Pro - Privilege Escalation
CVSS 4.2
CVE-2024-27134 HIGH
MLflow < 2.16.0 - Local Privilege Escalation via Spark UDF ToCToU Race Condition
CVSS 7.0
CVE-2024-50657 MEDIUM
Owncloud Android <4.3.1 - Privilege Escalation
CVSS 6.8
CVE-2024-44786 HIGH
Meabilis CMS 1.0 - Unauthenticated Incorrect Access Control
CVSS 7.5
CVE-2024-11089 MEDIUM
Anonymous Restricted Content <= 1.6.5 - Unauthenticated Sensitive Information Exposure via WordPress Core Search
CVSS 5.3
CVE-2024-11088 MEDIUM
Simple Membership < 4.5.5 - Unauthenticated Sensitive Information Exposure via WordPress Core Search
CVSS 5.3
CVE-2024-48533 MEDIUM
eSoft Planner 3.24.08271-USA - User Enumeration via Forgot Login Module
CVSS 5.3
CVE-2024-51162 HIGH
Audimex EE <15.1.20 - Privilege Escalation
CVSS 8.8
CVE-2024-45690 HIGH
Moodle < 4.1.13 - Incorrect Default Permissions
CVSS 7.5
CVE-2024-51051 CRITICAL
AVSCMS v8.2.0 - Incorrect Default Permissions
CVSS 9.8
CVE-2024-48293 MEDIUM
QuickHeal Antivirus Pro <24.1.0.182 - Privilege Escalation
CVSS 6.5
CVE-2024-48292 HIGH
QuickHeal Antivirus Pro <v24.0 - Privilege Escalation
CVSS 8.8
CVE-2024-28058 HIGH
RSA NetWitness <12.5.1 - Privilege Escalation
CVSS 7.5
CVE-2024-52946 HIGH
LemonLDAP::NG <2.20.1 - Privilege Escalation
CVSS 8.8
CVE-2024-52926 MEDIUM
Delinea Privilege Manager <12.0.2 - Privilege Escalation
CVSS 6.5
CVE-2024-52867 HIGH
guix-daemon <5ab3c4c - Privilege Escalation
CVSS 8.1
CVE-2024-51765 MEDIUM
HPE Cray DVS - Privilege Escalation
CVSS 5.5
CVE-2024-51764 MEDIUM
HPE DMF Suite - Privilege Escalation
CVSS 5.5
CVE-2024-46467 HIGH
ZONEPOINT for Windows <2024.1 - Privilege Escalation
CVSS 7.8
CVE-2024-46466 HIGH
ZONECENTRAL <2024.3 or Q.2021.2 - Privilege Escalation
CVSS 7.8
CVE-2024-46465 HIGH
primx cryhod < 2024.3 - Incorrect Default Permissions
CVSS 7.8
CVE-2024-46463 HIGH
ORIZON for Windows <2024.3 - Privilege Escalation
CVSS 7.8
Details
Vulnerabilities 1,510
Exploit Likelihood Medium
Links
MITRE CWE Entry Search this CWE With Exploits