Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-276

CWE-276

Medium likelihood

Incorrect Default Permissions

Parent: CWE-732 - Incorrect Permission Assignment for Critical Resource

During installation, installed file permissions are set to allow anyone to modify those files.

1,512 vulnerabilities with CWE-276

CVE-2020-6497 MEDIUM

Google Chrome on iOS < 83.0.4103.88 - Domain Spoofing via Crafted URI

CVE-2020-6495 MEDIUM

Google Chrome < 83.0.4103.97 - Sandbox Escape via Malicious Extension

CVE-2020-2197 MEDIUM

Jenkins Project Inheritance Plugin < 19.08.02 - Unauthenticated Job Configuration Exposure via XML Format

CVE-2020-2191 MEDIUM

Jenkins Self-Organizing Swarm Modules Plugin < 3.20 - Unauthenticated Agent Label Manipulation via API Endpoints

CVE-2020-6488 MEDIUM

Google Chrome < 83.0.4103.61 - Insufficient Policy Enforcement in Downloads

CVE-2020-6487 MEDIUM

Google Chrome < 83.0.4103.61 - Insufficient Policy Enforcement in Downloads

CVE-2020-6484 MEDIUM

Google Chrome < 83.0.4103.61 - Navigation Restriction Bypass via ChromeDriver Request

CVE-2020-6483 MEDIUM

Google Chrome < 83.0.4103.61 - Insufficient Policy Enforcement in Payments

CVE-2020-6482 MEDIUM

Google Chrome < 83.0.4103.61 - Insufficient Policy Enforcement in Developer Tools

CVE-2020-6480 MEDIUM

Google Chrome < 83.0.4103.61 - Insufficient Policy Enforcement in Enterprise Navigation Restrictions

CVE-2020-6476 MEDIUM

Google Chrome < 83.0.4103.61 - Insufficient Policy Enforcement in Tab Strip

CVE-2020-6471 CRITICAL

Google Chrome < 83.0.4103.61 - Sandbox Escape via Malicious Extension

CVE-2020-6469 CRITICAL

Google Chrome < 83.0.4103.61 - Sandbox Escape via Malicious Extension

CVE-2020-13240 MEDIUM

Dolibarr 11.0.4 - Stored Cross-Site Scripting via File Extension Bypass

CVE-2020-11716 CRITICAL

Panasonic Eluga and P110 Firmware < 2020-04-10 - Insecure Default Permissions

CVE-2020-9409 CRITICAL

TIBCO JasperReports Server < 7.1.1 - Unauthenticated Privilege Escalation to Superuser

CVE-2020-13149 HIGH

Dragon Center <2.6.2003.2401 - Privilege Escalation

CVE-2020-12834 CRITICAL

eQ-3 Homematic CCU2 < 2.51.6 & CCU3 < 3.51.6 - RCE via ReGa.runScript JSON API

CVE-2020-0024 HIGH

Android 8.0-10 - Unauthorized Setting Modification via SettingsBaseActivity Permissions Bypass

CVE-2020-4259 MEDIUM

IBM Sterling File Gateway 2.2.0.0-2.2.6.5_1 - Authenticated Privilege Escalation via Cookie Manipulation

CVE-2020-5896 HIGH

BIG-IP Edge Client <7.1.10 - Info Disclosure

CVE-2020-12608 HIGH

SolarWinds MSP PME <1.1.15 - Code Execution

CVE-2020-2183 MEDIUM

Jenkins Copy Artifact Plugin < 1.43.1 - Unauthenticated Artifact Access via Improper Permission Checks

CVE-2020-8018 HIGH

SUSE Linux Enterprise Server <15 SP1 - Privilege Escalation

CVE-2020-12101 MEDIUM

xt:Commerce 5.1-6.2.2 - Authenticated Address Deletion via ID Manipulation

Previous Page 50 of 61 Next

Details

Vulnerabilities 1,512

Exploit Likelihood Medium

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy