Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-280

CWE-280

Improper Handling of Insufficient Permissions or Privileges

Parent: CWE-755 - Improper Handling of Exceptional Conditions

The product does not handle or incorrectly handles when it has insufficient privileges to access resources or functionality as specified by their permissions. This may cause it to follow unexpected code paths that may leave the product in an invalid state.

144 vulnerabilities with CWE-280

CVE-2022-30724 MEDIUM

Bluetooth <SMR Jun-2022 Release 1 - Info Disclosure

CVE-2022-30723 MEDIUM

Bluetooth <SMR Jun-2022 Release 1 - Info Disclosure

CVE-2022-30716 MEDIUM

Android - Unprotected Toast Message Exposure via DisplayToast Broadcast

CVE-2022-27167 HIGH

ESET Windows Products < 15.1.12.0 - Privilege Escalation via Repair/Uninstall Features

CVE-2022-22292 HIGH

Telecom <SMR Feb-2022 Release 1 - Privilege Escalation

CVE-2022-21814 MEDIUM

NVIDIA GPU Display Driver for Linux - Denial of Service via Improper Permission Handling

CVE-2021-37851 HIGH

ESET Windows Products - Local Privilege Escalation via Installer Repair Feature

CVE-2021-37175 MEDIUM

Siemens RUGGEDCOM ROX Firmware < 2.14.1 - Unauthenticated Directory Traversal

CVE-2021-38312 HIGH

Gutenberg Template Library & Redux Framework <= 4.2.11 - Auth Bypass

CVE-2020-10072 MEDIUM

zephyr >=1.14.2, >=2.2.0 - Privilege Escalation

CVE-2020-29031 HIGH

GateManager < 9.2c - Authenticated Privilege Escalation via Password Reset

CVE-2020-26195 MEDIUM

Dell EMC PowerScale OneFS 8.1.2-9.1.0 - Unauthenticated Denial of Service via SMB Directory Auto-Create

CVE-2020-3427 MEDIUM

Windows Logon <4.1.2 - Privilege Escalation

CVE-2020-8219 HIGH

Pulse Connect Secure <9.1R8 - Privilege Escalation

CVE-2020-8117 MEDIUM

Nextcloud Server <14.0.3 - Info Disclosure

CVE-2019-17437 HIGH

PAN-OS 7.1.0-7.1.24 - Authenticated Privilege Escalation

CVE-2019-13415 MEDIUM

Search Guard <24.3 - Info Disclosure

CVE-2019-6570 HIGH

SINEMA Remote Connect Server < 2.0 - Insufficient Permission Check

CVE-2012-4550 MEDIUM

JBoss EAP <6.0.1 - Privilege Escalation

Previous Page 6 of 6

Details

Vulnerabilities 144

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy