Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-276

CWE-276

Medium likelihood

Incorrect Default Permissions

Parent: CWE-732 - Incorrect Permission Assignment for Critical Resource

During installation, installed file permissions are set to allow anyone to modify those files.

1,512 vulnerabilities with CWE-276

CVE-2022-25815 MEDIUM

Android Weather - Unauthorized Action via PendingIntent Hijacking

CVE-2022-25814 MEDIUM

Android Wearable Manager Installer - PendingIntent Hijacking via Unauthorized Action

CVE-2022-25943 HIGH

WPS Office < 11.2.0.10258 - Incorrect Default Permissions in Service Directory

CVE-2022-24343 MEDIUM

JetBrains YouTrack <2021.4.31698 - Info Disclosure

CVE-2022-24337 MEDIUM

JetBrains TeamCity <2021.2 - Info Disclosure

CVE-2022-25327 MEDIUM

fscrypt < 0.3.3 - Denial of Service via Malicious Metadata File

CVE-2022-23922 MEDIUM

WIN-911 <2021 R1-R2 - Privilege Escalation

CVE-2022-23104 MEDIUM

WIN-911 2021 R1 and R2 - Unauthenticated Privilege Escalation via DLL Hijacking

CVE-2022-23996 MEDIUM

Wear OS 3.0 <Feb-2022 - Privilege Escalation

CVE-2022-23995 MEDIUM

Wear OS 3.0 <Feb-2022 - Privilege Escalation

CVE-2022-21204 HIGH

Intel Quartus Prime Pro Edition < 21.3 - Authenticated Privilege Escalation via Local Access

CVE-2022-24113 HIGH

Acronis Agent < 27147 - Local Privilege Escalation via Excessive Child Process Permissions

CVE-2022-24301 MEDIUM

minetest < 5.4.0 - Incorrect Default Permissions

CVE-2022-22296 MEDIUM

Hospital's Patient Records Management System 1.0 - Insecure Permissions via Manage User Endpoint

CVE-2022-21704 MEDIUM

log4js < 6.4.0 - Incorrect Default Permissions in Log File Creation

CVE-2021-47852 HIGH

Rockstar Games Launcher <1.0.37.349 - Privilege Escalation

CVE-2021-47761 HIGH

MilleGPG5 5.7.2 - Privilege Escalation

CVE-2021-27285 HIGH

Inspur ClusterEngine <4.0 - Privilege Escalation

CVE-2021-37000 HIGH

HarmonyOS - Incorrect Default Permissions

CVE-2021-3187 HIGH

BeyondTrust Privilege Management for Mac < 5.7 - Authenticated Privilege Escalation via Install Script Execution

CVE-2021-23166 HIGH

Odoo < 15.0 - Authenticated Arbitrary File Read and Write via Sandbox Bypass

CVE-2021-41614 HIGH

OpenRISC mor1kx_firmware - Incorrect Default Permissions in Exception Program Counter Register

CVE-2021-36400 MEDIUM

Moodle <3.9.8 and 3.11.0-beta-3.11.1 - Authorization Bypass in Calendar URL Subscription Removal

CVE-2021-36397 MEDIUM

Moodle < 3.9.8 and 3.11.0-beta-3.11.1 - Incorrect Default Permissions

CVE-2021-34182 CRITICAL

ttyd 1.6.3 - Remote Code Execution via Default Configuration Permissions

Previous Page 36 of 61 Next

Details

Vulnerabilities 1,512

Exploit Likelihood Medium

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy