Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-276

CWE-276

Medium likelihood

Incorrect Default Permissions

Parent: CWE-732 - Incorrect Permission Assignment for Critical Resource

During installation, installed file permissions are set to allow anyone to modify those files.

1,510 vulnerabilities with CWE-276

CVE-2024-28862 MEDIUM

rotp 6.2.1-6.2.9 - Incorrect Default Permissions

CVE-2024-20671 MEDIUM

Microsoft Defender < - Privilege Escalation

CVE-2024-23295 MEDIUM

visionOS < 1.1 - Unauthenticated Unprotected Persona Access

CVE-2024-23253 LOW

macOS < 14.4 - Unprotected User Data Exposure via Photos Library Permissions

CVE-2024-23201 MEDIUM

iPadOS < 17.3 - Denial of Service via Permissions Issue

CVE-2024-22889 HIGH

Plone 6.0.9 - Unauthenticated Arbitrary File Read via Crafted Request

CVE-2024-20841 MEDIUM

Samsung Account <14.8.00.3 - Privilege Escalation

CVE-2024-20830 MEDIUM

AppLock <SMR MAr-2024 Release 1 - Privilege Escalation

CVE-2024-20005 HIGH

Android - Local Privilege Escalation via Missing Permission Check

CVE-2024-26280 MEDIUM

Apache Airflow < 2.8.2 - Authenticated Information Disclosure via Audit Log Permissions

CVE-2024-26302 MEDIUM

ClearPass Policy Manager - Authenticated Information Disclosure via Web Management Interface

CVE-2024-1156 HIGH

Emerson Data Record AD < 2.0.1 - Authenticated Privilege Escalation via RabbitMQ Configuration

CVE-2024-1155 HIGH

SystemLink Elixir - Privilege Escalation

CVE-2024-25605 MEDIUM

Liferay Portal <7.4.3.4 - Info Disclosure

CVE-2024-20921 MEDIUM

Oracle GraalVM and JDK - Unauthenticated Unauthorized Data Access via Hotspot Component

CVE-2024-0034 HIGH

Android - Local Privilege Escalation via Background Activity Launch Bypass

CVE-2024-1488 HIGH

Unbound < 1.19.1-2.fc40 - Unauthenticated Configuration Manipulation via Localhost Port 8953

CVE-2024-24828 MEDIUM

vercel/pkg < 5.8.1 - Unauthenticated Arbitrary Code Execution via Predictable /tmp/pkg/ Directory

CVE-2024-22430 MEDIUM

Dell PowerScale OneFS 8.2.0-9.6.0 - Denial of Service via Incorrect Default Permissions

CVE-2024-0833 HIGH

Telerik Test Studio <v2023.3.1330 - Privilege Escalation

CVE-2024-21840 HIGH

Hitachi Storage Plug-in for VMware vCenter 04.0.0-04.9.2 - Incorrect Default Permissions

CVE-2024-22301 MEDIUM

Albo Pretorio On line <4.6.6 - Info Disclosure

CVE-2024-0770 MEDIUM

European Chemicals Agency IUCLID 7.10.3 - Info Disclosure

CVE-2024-22409 HIGH

DataHub < 0.12.1 - Privilege Escalation via Default Permission Misconfiguration

CVE-2024-22428 HIGH

Dell iDRAC Service Module <5.2.0.0 - Privilege Escalation

Previous Page 21 of 61 Next

Details

Vulnerabilities 1,510

Exploit Likelihood Medium

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy