Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-276

CWE-276

Medium likelihood

Incorrect Default Permissions

Parent: CWE-732 - Incorrect Permission Assignment for Critical Resource

During installation, installed file permissions are set to allow anyone to modify those files.

1,512 vulnerabilities with CWE-276

CVE-2021-1056 HIGH

NVIDIA GPU Display Driver - Info Disclosure

CVE-2020-37160 MEDIUM

SprintWork 2.3.1 - Privilege Escalation

CVE-2020-37129 CRITICAL

Memu Play 7.1.3 - Privilege Escalation

CVE-2020-11921 HIGH

Lush 2 through 2020-02-25 - Unauthenticated Bluetooth Connection Hijacking

CVE-2020-36695 MEDIUM

Hitachi Device Manager <8.8.5-02 - Info Disclosure

CVE-2020-21514 HIGH

fluentd-ui 1.2.2 - Incorrect Default Permissions

CVE-2020-36652 MEDIUM

Hitachi Ops Center and Analytics Products - Incorrect Default Permissions

CVE-2020-36611 MEDIUM

Hitachi Tuning Manager <8.8.5-00 - Info Disclosure

CVE-2020-36605 MEDIUM

Hitachi Infrastructure Analytics Advisor <4.4.0-00, Hitachi Ops Cen...

CVE-2020-5355 MEDIUM

Dell EMC Isilon OneFS <= 8.2.2 - Incorrect Default Permissions in SSHD

CVE-2020-14521 HIGH

Mitsubishi Electric Factory Automation - Code Injection

CVE-2020-8741 HIGH

Intel(R) Thunderbolt(TM) - Privilege Escalation

CVE-2020-5353 HIGH

Dell EMC Isilon OneFS <= 8.2.2 and PowerScale OneFS 9.0.0 - Unauthenticated Privilege Escalation via NFS UID Spoofing

CVE-2020-26180 MEDIUM

Dell EMC Isilon OneFS >=8.1.0 & PowerScale OneFS 9.0.0 - Unauthenticated Data Access via remotesupport

CVE-2020-29503 MEDIUM

Dell EMC PowerStore <1.0.3.0.5 - Info Disclosure

CVE-2020-25593 MEDIUM

Acronis True Image < 2021 - Local Privilege Escalation via Insecure Folder Permissions

CVE-2020-27384 HIGH

Guild Wars 2 <106916 - Privilege Escalation

CVE-2020-10145 HIGH

Adobe ColdFusion - Improper Access Control in Default Installation Directory

CVE-2020-13599 LOW

Zephyr < 1.14.2 - Incorrect Default Permissions in Settings and LittleFS

CVE-2020-9451 MEDIUM

Acronis True Image 2020 24.5.22510 - Denial of Service via Hardlink Attack on Log File

CVE-2020-9450 HIGH

Acronis True Image 2020 24.5.22510 - Unauthenticated Arbitrary Executable Whitelisting via REST API

CVE-2020-28906 HIGH

Nagios XI < 5.7.5 and Nagios Fusion < 4.1.8 - Privilege Escalation via Insecure File Permissions

CVE-2020-13667 MEDIUM

Drupal Core 8.8.0-8.8.9, 8.9.0-8.9.5, 9.0.0-9.0.5 - Access Bypass in Workspaces Module

CVE-2020-21342 HIGH

zzcms 201910 - Insecure Default Permissions via Password Reset

CVE-2020-27569 HIGH

Aviatrix VPN Client <2.8.2 - Code Injection

Previous Page 44 of 61 Next

Details

Vulnerabilities 1,512

Exploit Likelihood Medium

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy