CWE-276: CWE-276

This vulnerability involves incorrect default permissions in Intel oneAPI DPC++/C++ Compiler installers, allowing authenticated local users to potenti...

This vulnerability involves incorrect default permissions in some Intel Graphics Driver installers, allowing authenticated local users to potentially ...

This CVE describes a local privilege escalation vulnerability in Acronis Cyber Protect Cloud Agent for Windows due to insecure file permissions. Attac...

This vulnerability in Intel RealSense SDK software allows authenticated local users to escalate privileges due to incorrect default permissions. It af...

This vulnerability allows authenticated local users to escalate privileges due to incorrect default permissions in Intel Graphics Driver installers. A...

This vulnerability in Intel DSA installer for Windows allows authenticated local users to escalate privileges due to incorrect default permissions. At...

This CVE describes a local privilege escalation vulnerability in Acronis Snap Deploy for Windows due to insecure folder permissions. Attackers with lo...

Xerox Workplace Suite has insecure default folder permissions that allow unauthorized users to access, modify, or delete files within the application'...

This vulnerability in Intel Distribution for Python allows authenticated local users to escalate privileges due to incorrect default file permissions....

This vulnerability in Intel Binary Configuration Tool for Windows allows authenticated local users to escalate privileges due to incorrect default per...

This vulnerability allows authenticated administrators in Mitel MiCollab's NuPoint Messenger component to escalate privileges and execute arbitrary co...

This vulnerability in Intel Distribution for GDB software allows authenticated local users to escalate privileges due to incorrect default permissions...

This vulnerability allows authenticated users with local access to escalate privileges due to incorrect default permissions in Intel Connectivity Perf...

This vulnerability allows attackers with administrative access to install unauthorized applications on affected Toshiba multifunction printers. It aff...

This vulnerability allows authenticated users with local access to Intel Server Boards to escalate privileges due to incorrect default permissions in ...

An improper default permission vulnerability in Lenovo Dock Manager allows authenticated local users to redirect log files with elevated privileges du...

Kaminari pagination library for Ruby on Rails has insecure file permissions that could allow unauthorized write access to specific Ruby files. This co...

CVE-2025-15339 is an incorrect default permissions vulnerability in Tanium Discover that allows unauthorized users to access sensitive information. Th...

CVE-2025-15340 is an incorrect default permissions vulnerability in Tanium Comply that allows unauthorized users to access or modify security complian...

CVE-2025-15341 is an incorrect default permissions vulnerability in Tanium Benchmark that allows unauthorized users to access sensitive configuration ...

CVE-2025-15343 is an incorrect default permissions vulnerability in Tanium Enforce that allows local users to gain elevated privileges. This affects o...

CVE-2025-15336 is an incorrect default permissions vulnerability in Tanium Performance that allows authenticated users to access or modify resources t...

CVE-2025-15337 is an incorrect default permissions vulnerability in Tanium Patch that allows unauthorized users to access or modify patch management d...

CVE-2025-15338 is an incorrect default permissions vulnerability in Tanium Partner Integration that allows unauthorized access to sensitive functional...

This CVE describes a privacy vulnerability in Apple operating systems where applications could fingerprint users by accessing sensitive data. The issu...

An attacker with low-privileged remote access can trigger a watchdog reboot on affected PLC devices due to incorrect default permissions on a configur...

This vulnerability allows files received via AirDrop to bypass macOS/iOS quarantine flagging, which normally warns users about potentially unsafe file...

This vulnerability in Microsoft Edge (Chromium-based) allows an attacker to potentially access sensitive information from the browser's memory or proc...

A container privilege escalation vulnerability in CodeReady Workspaces images allows attackers with container command execution to modify the /etc/pas...

This vulnerability allows attackers with non-root access inside affected containers to modify the /etc/passwd file due to insecure group-writable perm...

This vulnerability allows local attackers to access Galaxy Watch Gallery data due to incorrect default permissions. It affects Samsung Galaxy Watch de...

This vulnerability involves improper access permissions in Huawei's HDC module, allowing unauthorized access to sensitive service data. It affects Hua...

This vulnerability in IBM Security Access Manager Docker allows local users to access sensitive information within the container due to incorrect defa...

This CVE describes an improper permissions vulnerability in Kubernetes clusters with Windows nodes. BUILTIN\Users can read container logs and NT AUTHO...

This vulnerability in libcontainer allows tenant containers to inherit capabilities from the main container, potentially leading to privilege escalati...

This vulnerability allows local users on Unix-like systems to view and modify shared memory containing mod_jk configuration due to incorrect default p...

This vulnerability allows man-in-the-middle attackers to bypass firewall protections and access sensitive internal network resources on Synology route...

This CVE describes an incorrect default permissions vulnerability in Unifier and Unifier Cast software that allows local attackers to execute arbitrar...

The Icinga 2 MSI installer on Windows sets overly permissive folder permissions, allowing all local users to read sensitive files including private ke...

A permissions vulnerability in macOS allows applications to bypass intended restrictions and access sensitive user data. This affects users running ma...

This vulnerability exposes the Wazuh agent authentication password file to all authenticated users on Windows systems, allowing local attackers to rea...

This vulnerability in libvirt allows unprivileged users to read snapshots of shut-down virtual machines, exposing guest OS contents. It affects system...

This vulnerability allows local attackers to access sensitive SSL keys, passwords, and policy files due to overly permissive file permissions in Contr...

This vulnerability in Velociraptor allows users with COLLECT_CLIENT permissions (typically Investigator role) to execute the Admin.Client.UpdateClient...

Dell Recover Point for Virtual Machines 6.0.X has weak file system permissions that allow local low-privileged attackers to access non-sensitive resou...

This vulnerability in HPE Data Management Framework (DMF) Suite (CXFS) allows unauthorized local or cluster access depending on configuration. It affe...

Dell Secure Connect Gateway 5.24 has incorrect default file permissions that allow local low-privileged attackers to access the file system. This coul...

A local privilege escalation vulnerability in Lenovo's Dolby Vision Provisioning software allows attackers to read arbitrary files with elevated privi...

This CVE describes a macOS permissions vulnerability where applications can bypass file system protections to modify restricted areas. It affects macO...

This CVE describes a macOS permissions vulnerability that allows applications to modify protected areas of the file system. The issue affects macOS sy...