CWE-277: CWE-277

This vulnerability allows remote attackers to execute arbitrary code on systems running eXtplorer File Manager version 2.1.15 due to insecure permissi...

This vulnerability allows unauthenticated attackers to execute arbitrary code with SYSTEM privileges on systems running vulnerable versions of the Ent...

This vulnerability in Pulp's role-based access control system incorrectly assigns object permissions when objects are created within tasks. Instead of...

This CVE describes a privilege escalation vulnerability in macOS where a malicious application could exploit a logic issue to gain root privileges. It...

This vulnerability in macOS allows malicious applications to abuse entitlements and privacy permissions granted to legitimate apps. Attackers could po...

This CVE describes an insecure permissions vulnerability in lin-CMS v0.2.0 and earlier that allows remote attackers to access sensitive information th...

This vulnerability allows authenticated attackers to write arbitrary files on mobility conductors running AOS-10 or AOS-8, potentially leading to remo...

This vulnerability allows malicious applications to bypass macOS Privacy preferences on Intel-based Mac computers by exploiting a downgrade issue in c...

CVE-2025-32797 is a local privilege escalation vulnerability in conda-build where the temporary build script conda_build.sh is created with overly per...

This vulnerability in Intel Rapid Storage Technology Application allows local authenticated attackers to escalate privileges through insecure inherite...

IBM Security Guardium 12.1 contains a local privilege escalation vulnerability where a user with existing local privileges can exploit insecure inheri...

This vulnerability in Intel DSA software allows authenticated local users to escalate privileges due to insecure inherited permissions. It affects sys...

This vulnerability in Intel CIP software allows authenticated local users to escalate privileges due to insecure inherited permissions. It affects sys...

Intel Power Gadget for Windows has insecure inherited permissions that allow authenticated local users to escalate privileges. This affects all versio...

This vulnerability allows attackers with local system access to modify files in SAP BusinessObjects Business Intelligence Platform due to insecure fil...

This vulnerability in IBM Storage Scale allows authenticated users to access sensitive files through insecure SMB protocol permissions. It affects IBM...

Insecure inherited permissions in Intel Simics Package Manager before version 1.12.0 allow authenticated local users to potentially cause denial of se...

A permissions vulnerability in macOS allows applications to bypass intended restrictions and access protected user data. This affects macOS systems ru...

This vulnerability allows an app to bypass privacy preferences on Apple devices, potentially accessing sensitive user data without proper consent. It ...

This vulnerability in SpiceDB causes missing LookupResources results when checking permissions defined with specific union relationships in schemas. I...

This vulnerability in django-helpdesk allows sensitive data exposure due to improper file permission settings. The os.umask(0) call in models.py creat...

Open OnDemand creates world-writable directories in the GEM_PATH environment variable, allowing any user on the system to modify Ruby gem files. This ...