Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-276

CWE-276

Medium likelihood

Incorrect Default Permissions

Parent: CWE-732 - Incorrect Permission Assignment for Critical Resource

During installation, installed file permissions are set to allow anyone to modify those files.

1,512 vulnerabilities with CWE-276

CVE-2020-13452 CRITICAL

Gotenberg < 6.2.1 - Insecure Permissions Leading to Denial of Service or Code Execution

CVE-2020-29489 MEDIUM

Dell EMC Unity <5.0.4.0.5.012 - Info Disclosure

CVE-2020-13541 HIGH

Mobile-911 Server V2.5 - Privilege Escalation

CVE-2020-13540 HIGH

Win-911 Enterprise <4.20.13 - Privilege Escalation

CVE-2020-13539 HIGH

Win-911 Enterprise <4.20.13 - Privilege Escalation

CVE-2020-29492 CRITICAL

Dell Wyse ThinOS <8.6 - Info Disclosure

CVE-2020-29491 CRITICAL

Dell Wyse ThinOS <8.6 - Info Disclosure

CVE-2020-26031 MEDIUM

Zammad < 3.4.1 - Authenticated Knowledge Base Draft Exposure via Global Search

CVE-2020-13535 HIGH

Kepware LinkMaster <3.0.94.0 - Privilege Escalation

CVE-2020-0486 HIGH

Android 11 - Local Privilege Escalation via ContactsProvider2 Insecure Default Permissions

CVE-2020-5798 HIGH

inSync Client <6.8.0 - Privilege Escalation

CVE-2020-13542 HIGH

LogicalDoc 8.5.1 - Privilege Escalation

CVE-2020-8539 HIGH

Kia Motors Head Unit <SOP.007.1.191209 - Command Injection

CVE-2020-11867 LOW

Audacity <= 2.3.3 - Unprotected Temporary File Exposure via /var/tmp/audacity-$USER

CVE-2020-12510 HIGH

TwinCAT XAR 3.1 - Privilege Escalation

CVE-2020-13351 MEDIUM

GitLab CE/EE 13.0-13.3.9,13.4.0-13.4.5,13.5.0-13.5.2 - Info Disclosure

CVE-2020-24460 MEDIUM

Intel Driver & Support Assistant < 20.8.30.6 - Authenticated Denial of Service via Local Access

CVE-2020-24456 HIGH

Intel(R) Board ID Tool <1.01 - Privilege Escalation

CVE-2020-12346 HIGH

Intel Battery Life Diagnostic Tool < 1.0.7 - Authenticated Privilege Escalation via Installer Permissions

CVE-2020-13770 HIGH

Ivanti Endpoint Manager < 2020.1.1 - Privilege Escalation via Named Pipe Token Impersonation

CVE-2020-12354 HIGH

Intel Active Management Technology SDK < 14.0.0.1 - Privilege Escalation via Windows Installer Permissions

CVE-2020-12307 HIGH

Intel High Definition Audio Driver < 9.21.00.4561 - Authenticated Privilege Escalation via Incorrect Default Permissions

CVE-2020-12306 HIGH

Intel RealSense D400 Series Dynamic Calibration Tool < 2.11 - Privilege Escalation via Incorrect Default Permissions

CVE-2020-26809 MEDIUM

SAP Commerce Cloud <2005 - Auth Bypass

CVE-2020-26807 LOW

SAP ERP Client for E-Bilanz <1.0 - Info Disclosure

Previous Page 46 of 61 Next

Details

Vulnerabilities 1,512

Exploit Likelihood Medium

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy