Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-276

CWE-276

Medium likelihood

Incorrect Default Permissions

Parent: CWE-732 - Incorrect Permission Assignment for Critical Resource

During installation, installed file permissions are set to allow anyone to modify those files.

1,512 vulnerabilities with CWE-276

CVE-2018-9467 CRITICAL

Android - Incorrect Web Origin Determination in UriTest.java getHost()

CVE-2018-9432 HIGH

Android - Local Privilege Escalation via Bluetooth Permission Bypass

CVE-2018-9369 HIGH

Android - Local Privilege Escalation via Fastboot Kernel Command Line Injection

CVE-2018-21061 MEDIUM

Samsung Android N(7.1) and O(8.x) - Unauthenticated Critical Function Execution via Fake Charger

CVE-2018-20090 HIGH

Cloudera Data Science Workbench <1.4.2 - Privilege Escalation

CVE-2018-17860 HIGH

Cloudera CDH 5.x-5.15.1 6.x-6.0.1 - Insecure Default Permissions

CVE-2018-2025 MEDIUM

IBM Spectrum Protect 7.1.0.0-7.1.8.5 - Incorrect Default Permissions in CIT Subdirectory

CVE-2018-19592 HIGH

Corsair Link 4.9.7.35 - Privilege Escalation

CVE-2018-7822 MEDIUM

SoMachine Basic and Modicon M221 < 1.10.0.0 - Unauthorized Access via Incorrect Default Permissions

CVE-2018-13287 MEDIUM

Synology Router Manager < 1.1.7-6941-1 - Authenticated Sensitive Information Exposure via synouser.conf

CVE-2018-13286 MEDIUM

Synology DiskStation Manager < 6.2-23739-1 - Authenticated Sensitive Information Exposure via synouser.conf

CVE-2018-11906 HIGH

Android - Incorrect Default Permissions for ADB and Debug-fs

CVE-2018-9085 MEDIUM

Lenovo and IBM System x Servers - Unprotected Flash Memory Modification via Unset Write Protection Lock Bit

CVE-2018-12441 HIGH

Corsair Utility Engine - Command Injection

CVE-2018-10605 HIGH

Martem TELEM GW6/GWM <2.0.87-4018403-k4 - Privilege Escalation

CVE-2018-14650 MEDIUM

sos-collector - Unprotected Sensitive Data Exposure via Default File Permissions

CVE-2018-8848 HIGH

Philips e-Alert Unit <R2.1 - Privilege Escalation

CVE-2018-12175 HIGH

Intel Distribution for Python <2018 - Privilege Escalation

CVE-2018-12160 MEDIUM

Intel Data Center Migration Center Software <3.1 - Code Injection

CVE-2018-11454 HIGH

SIMATIC STEP 7 and WinCC (TIA Portal) V10-V15 - Unauthenticated Incorrect Default Permissions

CVE-2018-11453 HIGH

Siemens Simatic Step 7 (tia Portal) - Incorrect Permission Assignment

CVE-2018-14335 MEDIUM

H2 <1.4.197 - Info Disclosure

CVE-2018-10604 HIGH

SEL Compass <3.0.5.1 - Privilege Escalation

CVE-2018-6683 HIGH

McAfee Data Loss Prevention Endpoint < 10.0.505 - Local Policy Bypass via Local Policy File Editing

CVE-2018-7535 HIGH

TotalAV 4.1.7-4.6.19 - Unauthenticated Arbitrary File Write via Weak Directory Permissions

Previous Page 57 of 61 Next

Details

Vulnerabilities 1,512

Exploit Likelihood Medium

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy