Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-276

CWE-276

Medium likelihood

Incorrect Default Permissions

Parent: CWE-732 - Incorrect Permission Assignment for Critical Resource

During installation, installed file permissions are set to allow anyone to modify those files.

1,511 vulnerabilities with CWE-276

CVE-2023-28870 MEDIUM

NCP Secure Enterprise Client <12.22 - Info Disclosure

CVE-2023-6273 MEDIUM

Sound Booster Module - Info Disclosure

CVE-2023-46773 CRITICAL

Huawei EMUI and HarmonyOS - Privilege Escalation via PMS Module Permission Management

CVE-2023-37572 HIGH

Softing OPC Suite < 5.30 - Unauthenticated Sensitive Information Exposure via OSF_discovery Service Weak Permissions

CVE-2023-40076 MEDIUM

Android - Local Privilege Escalation via CredentialManagerUi PendingIntent Permission Bypass

CVE-2023-21216 CRITICAL

Android - Use-After-Free in PMRChangeSparseMemOSMem

CVE-2023-47462 CRITICAL

GL.iNet AX1800 < 3.215 - Remote Code Execution via File Sharing Function

CVE-2023-42501 MEDIUM

Apache Superset < 2.1.2 - Authenticated Unnecessary Read Permissions in Gamma Role

CVE-2023-6302 MEDIUM

CSZCMS 1.3.0 - Permission Issues in File Manager Page

CVE-2023-47250 HIGH

mprivacy-tools < 2.0.406g - Authenticated X11 Desktop Access Control Bypass via DISPLAY ID

CVE-2023-43081 MEDIUM

PowerProtect Agent for File System <19.14 - Privilege Escalation

CVE-2023-42774 MEDIUM

OpenHarmony < 3.2.2 - Unauthenticated Information Disclosure via Incorrect Default Permissions

CVE-2023-3116 HIGH

OpenHarmony <3.2.2 - Info Disclosure

CVE-2023-40363 HIGH

IBM InfoSphere Information Server 11.7 - Authenticated Arbitrary File Modification via Incorrect File Permissions

CVE-2023-48648 CRITICAL

Concrete CMS <8.5.13,9.x <9.2.2 - Info Disclosure

CVE-2023-47335 MEDIUM

Autel Robotics EVO Nano Drone Firmware 1.6.5 - Incorrect Default Permissions in setNFZEnable Function

CVE-2023-41718 HIGH

Ivanti Secure Access Client - Privilege Escalation via Unauthorized File Control

CVE-2023-35080 HIGH

Ivanti Secure Access Client < 22.6 - Incorrect Default Permissions

CVE-2023-32638 MEDIUM

Intel Arc RGB Controller < 1.06 - Authenticated Privilege Escalation via Incorrect Default Permissions

CVE-2023-27305 MEDIUM

Intel(R) Arc(TM) Control <1.73.5335.2 - Privilege Escalation

CVE-2023-23583 HIGH

Intel Core i3/i5/i7 10th Gen Firmware - Unauthenticated Privilege Escalation and Information Disclosure via Local Access

CVE-2023-43902 CRITICAL

emsigner 2.8.7 - Unauthenticated Account Access via Password Reset Token

CVE-2023-46743 HIGH

application-collabora - Info Disclosure

CVE-2023-4706 HIGH

Lenovo Preload Directory - Privilege Escalation via Incorrect Default Permissions

CVE-2023-43984 HIGH

Smart Soft advancedexport <4.4.7 - Info Disclosure

Previous Page 24 of 61 Next

Details

Vulnerabilities 1,511

Exploit Likelihood Medium

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy