Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-276

CWE-276

Medium likelihood

Incorrect Default Permissions

Parent: CWE-732 - Incorrect Permission Assignment for Critical Resource

During installation, installed file permissions are set to allow anyone to modify those files.

1,512 vulnerabilities with CWE-276

CVE-2020-10792 HIGH

openITCOCKPIT <= 3.7.2 - Unauthenticated Configuration Manipulation via HTTP Host Header

CVE-2020-0514 HIGH

Intel Graphics Driver < 15.45.30.5103 - Authenticated Privilege Escalation via Installer Default Permissions

CVE-2020-0508 HIGH

Intel Graphics Driver < 15.33.49.5100 - Authenticated Privilege Escalation via Incorrect Default Permissions

CVE-2020-9543 HIGH

OpenStack Manila <7.4.1, >=8.0.0 <8.1.1, and >=9.0.0 <9.1.1 - Unauthorized Resource Access via UUID Lookup

CVE-2020-7943 HIGH

Puppet Server <6.9.2 & 5.3.12 - Info Disclosure

CVE-2020-9408 HIGH

Tibco Spotfire Analytics Platform For... - Incorrect Default Permissions

CVE-2020-5342 HIGH

Dell Digital Delivery < 3.5.2015 - Authenticated Privilege Escalation via Incorrect Default Permissions

CVE-2020-3838 HIGH

iPadOS < 13.3.1 - Privilege Escalation via Incorrect Default Permissions

CVE-2020-9039 CRITICAL

Couchbase Server 4.0.0-4.6.5, 5.0.0, 5.1.1, 5.5.0-5.5.1 - Unauthenticated Insecure Permissions

CVE-2020-0564 HIGH

Intel RWC3 < 7.010.009.000 - Authenticated Privilege Escalation via Installer Permissions

CVE-2020-0562 HIGH

Intel RWC2 - Incorrect Default Permissions

CVE-2020-0560 HIGH

Intel Renesas Electronics USB 3.0 Driver - Incorrect Default Permissions

CVE-2020-2118 MEDIUM

Jenkins Pipeline GitHub Notify Step Plugin < 1.0.4 - Credential ID Enumeration via Form-Related Methods

CVE-2020-2117 MEDIUM

Jenkins Pipeline GitHub Notify Step Plugin < 1.0.4 - Missing Permission Check

CVE-2020-7977 MEDIUM

GitLab EE <12.7.2 - Info Disclosure

CVE-2020-7972 HIGH

GitLab 12.0-12.5.9 - Insecure Default Permissions

CVE-2020-7967 MEDIUM

GitLab EE <12.7.2 - Info Disclosure

CVE-2020-8114 CRITICAL

GitLab EE <12.7.2 - Info Disclosure

CVE-2020-7979 MEDIUM

GitLab EE <12.7.2 - Privilege Escalation

CVE-2020-5231 MEDIUM

Opencast < 7.6 - Improper Authorization via ROLE_COURSE_ADMIN User Creation

CVE-2020-5196 HIGH

Cerberus FTP Server 10.0.0-10.0.17 - Authenticated Permission Bypass via Zip/Unzip Features

CVE-2020-6166 MEDIUM

WordPress Minimal Coming Soon & Maintenance Mode <2.15 - Info Discl...

CVE-2020-0009 MEDIUM

Android - Incorrect Default Permissions in ashmem.c

CVE-2019-20458 HIGH

Epson Expression Home XP255 - Info Disclosure

CVE-2019-20457 CRITICAL

Brother MFC-J491DW C1806180757 - Info Disclosure

Previous Page 52 of 61 Next

Details

Vulnerabilities 1,512

Exploit Likelihood Medium

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy