CWE-279: CWE-279

This vulnerability in Ansible Automation Platform allows read-only OAuth2 API tokens to perform unauthorized write operations on backend services like...

This vulnerability in Intel Tiber Edge Platform's Edge Orchestrator software allows authenticated users with local access to escalate privileges due t...

This vulnerability allows local low-privileged users on servers running OAS services to execute arbitrary code with SYSTEM privileges by creating and ...

Containerd versions before 1.7.29, 2.0.7, 2.1.5, and 2.2.0 create critical directories with overly permissive access controls, allowing group/world re...

This vulnerability allows authenticated local administrators in one context of Cisco ASA multi-context mode to copy files to/from other contexts via S...

The Quartus Prime Pro Installer for Windows fails to verify directory permissions when installing to an existing directory, allowing attackers to pote...

A vulnerability in the rpc.mountd daemon in nfs-utils allows NFSv3 clients to bypass access restrictions defined in /etc/exports. This enables unautho...

This vulnerability allows local attackers to execute the dumpsys command without proper permissions due to a missing permission check in WindowManager...

IBM Aspera Faspex 5 versions 5.0.0 through 5.0.14.1 have inconsistent permissions between the user interface and backend API, allowing users to access...