Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-276

CWE-276

Medium likelihood

Incorrect Default Permissions

Parent: CWE-732 - Incorrect Permission Assignment for Critical Resource

During installation, installed file permissions are set to allow anyone to modify those files.

1,512 vulnerabilities with CWE-276

CVE-2022-33922 HIGH

Dell GeoDrive < 2.2.3 - Insecure File and Folder Permissions

CVE-2022-20436 HIGH

Android - Unauthorized Service Leading to Local Privilege Escalation

CVE-2022-20435 HIGH

Android - Unauthorized Service Access Leading to Denial of Service

CVE-2022-41748 MEDIUM

Trend Micro Apex One DLP - Privilege Escalation

CVE-2022-41414 MEDIUM

Liferay Portal <7.4.2 - Info Disclosure

CVE-2022-26235 HIGH

Remisol Advance <2.0.12.1 - Privilege Escalation

CVE-2022-3263 HIGH

Measuresoft ScadaPro Server <6.7 - Privilege Escalation

CVE-2022-38764 HIGH

Trend Micro HouseCall <1.62.1.1133 - Privilege Escalation

CVE-2022-38466 HIGH

CoreShield OWG <V2.2 - Privilege Escalation

CVE-2022-2528 MEDIUM

Octopus Server 3.0.0-4.1.9 - Incorrect Default Permissions in Built-in Feed Package Upload

CVE-2022-31251 MEDIUM

openSUSE Factory slurm <22.05.2-3.3. - Privilege Escalation

CVE-2022-2735 HIGH

PCS 0.10.5-0.11.2 - Privilege Escalation via Incorrect Unix Socket Permissions

CVE-2022-40109 CRITICAL

TOTOLINK A3002R TOTOLINK-A3002R-He-V1.1.1-B20200824.0128 - Insecure Permissions in /bin/boa

CVE-2022-36640 CRITICAL

influxdb < 1.8.10 - Unauthenticated Remote Code Execution

CVE-2022-32743 HIGH

Samba 4.1.0-4.16.9 - Unauthenticated Incorrect Default Permissions via dNSHostName Attribute

CVE-2022-37173 HIGH

gvim 9.0.0000 - Authenticated Arbitrary Code Execution via Binary Hijacking

CVE-2022-0336 HIGH

Samba 4.0.0-4.13.17 - Denial of Service and Service Impersonation via SPN Re-addition

CVE-2022-27500 MEDIUM

Intel Support < 21.7.40 - Authenticated Information Disclosure via Incorrect Default Permissions

CVE-2022-26344 HIGH

Intel(R) SEAPI - Privilege Escalation

CVE-2022-25899 CRITICAL

Intel Open Active Management Technology Cloud Toolkit < 2.0.2 - Unauthenticated Authentication Bypass

CVE-2022-20272 MEDIUM

Android 13 - Local Information Disclosure via Misleading Default SMS Permission Text

CVE-2022-20246 HIGH

Android 13 - Local Privilege Escalation via WindowManager UID/Permission Check Bypass

CVE-2022-37006 HIGH

HarmonyOS - Incorrect Default Permissions in Network Module

CVE-2022-37003 CRITICAL

Huawei EMUI - Incorrect Default Permissions in AOD Module

CVE-2022-37030 HIGH

Grommunio Gromox 0.5-1.x < 1.28 - Unauthenticated Arbitrary Code Execution via PAM Module Configuration File

Previous Page 33 of 61 Next

Details

Vulnerabilities 1,512

Exploit Likelihood Medium

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy