Weaknesses of type CWE-732
690 resultsCVE-2025-26469CRITICALAn incorrect default permissions vulnerability exists in the CServerSettings::SetRegistryValues functionality of MedDream PACS Premium 7.3.3EPSS 0.5%CVE-2022-22521HIGHPrivilege Escalation in Miele Benchmark Programming ToolEPSS 0.5%CVE-2023-22326MEDIUMiControl REST and tmsh vulnerabilityEPSS 0.5%CVE-2024-29964MEDIUMBrocade SANnav versions before v2.3.0a do not correctly set permissions on files, including docker filesEPSS 0.5%CVE-2026-29516MEDIUMBuffalo TeraStation TS5400R Excessive File Permissions Information DisclosureEPSS 0.5%CVE-2024-5163CRITICALImproper permission settings in com.transsion.carlcareEPSS 0.5%CVE-2023-30512MEDIUMCubeFS through 3.2.1 allows Kubernetes cluster-level privilege escalation. This occurs because DaemonSet has cfs-csi-cluster-role and can thEPSS 0.5%CVE-2023-32979MEDIUMJenkins Email Extension Plugin does not perform a permission check in a method implementing form validation, allowing attackers with OverallEPSS 0.5%CVE-2022-33163MEDIUMIBM Security Directory Suite VA information disclosureEPSS 0.5%CVE-2025-46093CRITICALLiquidFiles before 4.1.2 supports FTP SITE CHMOD for mode 6777 (setuid and setgid), which allows FTPDrop users to execute arbitrary code as EPSS 0.5%CVE-2023-4332—Broadcom RAID Controller web interface is vulnerable due to Improper permissions on the log fileEPSS 0.5%CVE-2025-58372HIGHRoo Code: Potential Remote Code Execution via .code-workspaceEPSS 0.5%CVE-2021-3631—A flaw was found in libvirt while it generates SELinux MCS category pairs for VMs' dynamic labels. This flaw allows one exploited guest to aEPSS 0.5%CVE-2024-12255MEDIUMAccept Stripe Payments Using Contact Form 7 <= 2.5 - Unauthenticated Information ExposureEPSS 0.5%CVE-2022-24769MEDIUMDefault inheritable capabilities for linux container should be emptyEPSS 0.5%CVE-2022-30354HIGHOvalEdge 5.2.8.0 and earlier is affected by a Sensitive Data Exposure vulnerability via a GET request to /user/getUserWithTeam. AuthenticatiEPSS 0.5%CVE-2024-6435HIGHRockwell Automation Privilege Escalation Vulnerability in Pavilion8®EPSS 0.5%CVE-2026-29188CRITICALFile Browser: TUS Delete Endpoint Bypasses Delete Permission CheckEPSS 0.5%CVE-2024-10018CRITICALImproper permission control in the mobile application (com.transsion.aivoiceassistant) can lead to the launch of any unexported component.EPSS 0.5%CVE-2025-25373CRITICALThe Memory Management Module of NASA cFS (Core Flight System) Aquila has insecure permissions, which can be exploited to gain an RCE on the EPSS 0.5%