Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-280

CWE-280

Improper Handling of Insufficient Permissions or Privileges

Parent: CWE-755 - Improper Handling of Exceptional Conditions

The product does not handle or incorrectly handles when it has insufficient privileges to access resources or functionality as specified by their permissions. This may cause it to follow unexpected code paths that may leave the product in an invalid state.

144 vulnerabilities with CWE-280

CVE-2025-31172 HIGH

Kernel Futex - Privilege Escalation

CVE-2025-0468 HIGH

Software installed - Memory Corruption

CVE-2025-0478 HIGH

Software installed - Memory Corruption

CVE-2025-27521 MEDIUM

Huawei HarmonyOS - Improper Access Control

CVE-2025-20649 MEDIUM

MediaTek Software Development Kit < 3.6 - Unauthenticated Information Disclosure via Bluetooth Stack

CVE-2025-24029 MEDIUM

Tuleap < 16.2-7 and < 16.3.99.1737562605 - Unauthenticated Insufficient Permission Enforcement in Dashboard Widget

CVE-2025-22129 MEDIUM

Tuleap < 16.2-5 and < 16.3.99.1736242932 - Unauthorized Information Disclosure

CVE-2025-22395 HIGH

Dell Update Package Framework < 22.01.02 - Local Privilege Escalation and Denial of Service

CVE-2024-55604 MEDIUM

Appsmith < 1.51 - Information Disclosure via Datasource List Access

CVE-2024-8315 MEDIUM

B&R APROL <4.4-00P5 - Info Disclosure

CVE-2024-51459 HIGH

IBM InfoSphere Information Server 11.7 - Privilege Escalation

CVE-2024-6697 MEDIUM

Hitachi Vantara Pentaho <10.2.0.0-9.3.0.9 - DoS

CVE-2024-12430 HIGH

ABB AC500 V3 < 3.8.0 - Authenticated OS Command Injection via Crafted File

CVE-2024-43705 HIGH

GPU Kernel Driver - Info Disclosure

CVE-2024-42194 LOW

HCL BigFix Inventory - Privilege Escalation

CVE-2024-46874 HIGH

Ruijie Reyee OS <2.320 - Privilege Escalation

CVE-2024-43702 HIGH

Imagination Technologies Graphics DDK 1.13 RTM-24.2 - Unprivileged Physical Memory Access via GPU

CVE-2024-4692 LOW

OpenText Application Automation Tools <24.1 - Privilege Escalation

CVE-2024-4211 LOW

OpenText Application Automation Tools - Info Disclosure

CVE-2024-47767 MEDIUM

Tuleap <15.13.99.113, <15.13-5, <15.12-5 - Info Disclosure

CVE-2024-47766 MEDIUM

Tuleap <15.13.99.110, <15.13-5, <15.12-5 - Info Disclosure

CVE-2024-46988 MEDIUM

Tuleap < 15.12-6 and < 15.13.99.40 - Unauthorized Information Disclosure via Email Notifications

CVE-2024-24116 CRITICAL

Ruijie RG-NBS2009G-P - Improper Authentication

CVE-2024-8451 HIGH

PLANET Technology - Privilege Escalation

CVE-2024-6660 HIGH

BookingPress - Privilege Escalation

Previous Page 3 of 6 Next

Details

Vulnerabilities 144

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy