CWE-732: CWE-732

The PowerPack Pro for Elementor WordPress plugin allows authenticated attackers with contributor-level access or higher to escalate privileges to admi...

This vulnerability allows authenticated users to upload arbitrary CGI-compatible files through a certificate upload utility and execute them with root...

This vulnerability in PHPJabbers Car Rental Script 3.0 allows remote attackers to take over user accounts by changing email addresses and passwords wi...

CVE-2023-31874 is a critical vulnerability in Yank Note 3.52.1 that allows arbitrary code execution when a malicious file is opened. Attackers can exp...

The Jenkins File Parameter Plugin vulnerability allows attackers with Item/Configure permission to write arbitrary files with attacker-controlled cont...

This vulnerability in Ovarro TBox devices allows attackers to read, modify, or delete configuration files via Modbus file access functions. This affec...

Mini-Tmall v1.0 has insecure permissions in tomcat-embed-jasper that allow attackers to bypass authentication and access sensitive files or execute ar...

Sunnet eHRD has a broken access control vulnerability that allows authenticated general users to access the account management page and escalate privi...

This vulnerability in Multipass for macOS allows local privilege escalation due to incorrect directory ownership. An attacker with local access can mo...

This vulnerability in Elastic Enterprise Search App Search allows API keys to access engines beyond their intended scope. A less privileged user could...

CVE-2021-35508 is a privilege escalation vulnerability in TeraRecon AQNetClient's NMSAccess32.exe service that allows low-privileged users to execute ...

CVE-2020-18121 is a configuration vulnerability in Indexhibit CMS that allows authenticated attackers to modify PHP files, potentially leading to remo...

CVE-2021-38557 allows attackers to execute arbitrary commands as root on RaspAP 2.6.6 installations. The vulnerability exists because the www-data use...

This vulnerability in Siemens industrial control software allows attackers to modify configuration metafiles due to improper write permissions. By man...

This vulnerability allows a low-privileged attacker with local Windows access to insert malicious files into TIBCO software installations, which then ...

CVE-2017-17677 allows authenticated users with report creation privileges in BMC Remedy to execute arbitrary code through BIRT templates. This affects...

Soyal Technology 701Client 9.0.1 has insecure file permissions on its client.exe binary, granting the Authenticated Users group full control. This all...

This vulnerability allows low-privileged users in Advantech WebAccess/SCADA to reset administrator passwords and gain full system control through priv...

CVE-2020-24263 is an insecure permissions vulnerability in Portainer that allows non-admin users to create Docker containers with dangerous capabiliti...

This vulnerability in SAP BusinessObjects Business Intelligence platform allows administrators to generate or retrieve a secret passphrase that enable...

CVE-2025-12985 is a privilege escalation vulnerability in IBM Licensing Operator where incorrect file permissions allow local attackers to gain root p...

Wondershare MirrorGo 2.0.11.346 has insecure file permissions on ElevationService.exe, allowing local unprivileged users to replace it with malicious ...

This vulnerability exposes SQL Server database and configuration files through insecure Windows share permissions in NMIS/BioDose networked installati...

This vulnerability allows local privilege escalation to root within containers running vulnerable IBM Transformation Advisor Operator Catalog images. ...

CVE-2021-22284 is an incorrect permission assignment vulnerability in ABB's OPC Server for AC 800M that allows attackers to execute arbitrary code on ...

This vulnerability in NMIS/BioDose V22.02 and earlier allows attackers with database access to execute arbitrary code through SQL Server stored proced...

A low-privileged attacker can remotely access the PKI folder in CODESYS Control runtime systems, allowing them to read/write certificates and keys. Th...

This vulnerability allows local attackers to escalate privileges on systems running affected versions of B&R Industrial Automation Automation Studio. ...

This vulnerability in Intel QAT drivers for Windows allows authenticated local users to escalate privileges by exploiting incorrect permission assignm...

This CVE allows a local authenticated low-privileged attacker to copy malicious files into existing Docker containers on Juniper Junos OS Evolved syst...

CVE-2021-32101 is an incorrect access control vulnerability in OpenEMR's Patient Portal that allows unauthenticated attackers to register accounts and...

This vulnerability allows local privilege escalation to root on Linux and macOS systems running IXON VPN Client versions before 1.4.4. A low-privilege...

This vulnerability in Oracle Agile PLM Framework allows authenticated attackers with low privileges to access sensitive data or cause denial of servic...

This vulnerability allows authenticated users in Devolutions Remote Desktop Manager to request temporary permissions on entries and receive higher pri...

This vulnerability in Apache Ranger Hive Plugin allows users with only SELECT privilege on a database to alter table ownership in Hive when the plugin...

This vulnerability in PHP-Fusion allows authenticated attackers to cause a Distributed Denial of Service (DDoS) via the polling feature. Attackers wit...

CVE-2022-24872 is an incorrect permission assignment vulnerability in Shopware where permissions granted via admin API in sales channel context remain...

This vulnerability allows non-administrator users on Windows systems to access the Splunk Enterprise installation directory and all its contents after...

This vulnerability allows non-administrator users on Windows systems to access the Splunk Universal Forwarder installation directory and all its conte...

NMIS/BioDose V22.02 and earlier versions have insecure default file permissions in their installation directories. This allows client workstation user...

This vulnerability allows non-administrator users on Windows systems to access the Splunk Universal Forwarder installation directory and all its conte...

An admin with knowledge of another tenant's 128-bit connector GUID can execute debug commands on that connector in Akamai Enterprise Application Acces...

This vulnerability allows network-adjacent authenticated attackers to modify device configuration due to incorrect permission assignments in ZWX-2000C...

RoboDK versions 5.5.3 and prior have insecure directory permissions that allow local users to write files to the RoboDK process. This enables privileg...

CVE-2026-26101 is an incorrect permission assignment vulnerability in Owl opds 2.2.0.4 that allows attackers to manipulate files through crafted netwo...

NextVPN 4.10 has insecure file permissions that allow local users to modify executable files with full access rights. Attackers can replace system exe...

TeamSpeak 3.5.6 has insecure file permissions that allow local attackers to replace executable files with malicious binaries. This enables privilege e...

This vulnerability allows local attackers to perform unauthorized raw disk operations due to an incorrect NULL DACL in SevenCs ORCA G2's regService pr...

This vulnerability allows local attackers with initial low-privileged access to escalate privileges to SYSTEM level by exploiting incorrect folder per...

BuhoNTFS version 1.3.2 contains an insecure XPC service that allows local, unprivileged users to execute arbitrary code with root privileges. This aff...