Falhas do tipo CWE-276

905 resultados
CVE-2024-34455HIGHBuildroot before 0b2967e lacks the sticky bit for the /dev/shm directory. A fix was released in 2024.02.2.EPSS 0.7%CVE-2025-27677CRITICALVasion Print (formerly PrinterLogic) before Virtual Appliance Host 22.0.843 Application 20.0.1923 allows Symbolic Links For Unprivileged FilEPSS 0.7%CVE-2024-22409HIGHDefault Privileges allow for high level operations for low privileged users in datahubEPSS 0.7%CVE-2024-5967LOWKeycloak: leak of configured ldap bind credentials through the keycloak admin consoleEPSS 0.6%CVE-2025-27682CRITICALVasion Print (formerly PrinterLogic) before Virtual Appliance Host 1.0.735 Application 20.0.1330 allows Insecure Log Permissions V-2022-005.EPSS 0.6%CVE-2021-23166HIGHA sandboxing issue in Odoo Community 15.0 and earlier and Odoo Enterprise 15.0 and earlier allows authenticated administrators to read and wEPSS 0.6%CVE-2021-3187HIGHAn issue was discovered in BeyondTrust Privilege Management for Mac before 5.7. An authenticated, unprivileged user can elevate privileges bEPSS 0.6%CVE-2024-12564MEDIUMExposure of Sensitive Information to an Unauthorized Actor vulnerability in ODA CDE inWEB SDK before 2025.3EPSS 0.6%CVE-2021-4297MEDIUMtrampgeek jobe Restapi.php runs_post Privilege EscalationEPSS 0.6%CVE-2022-46382HIGHRackN Digital Rebar through 4.6.14, 4.7 through 4.7.22, 4.8 through 4.8.5, 4.9 through 4.9.12, and 4.10 through 4.10.8 has Insecure PermissiEPSS 0.6%CVE-2023-31116CRITICALAn issue was discovered in the Shannon RCS component in Samsung Exynos Modem 5123 and 5300. An incorrect default permission can cause uninteEPSS 0.6%CVE-2024-11088MEDIUMSimple Membership <= 4.5.5 - Exposure of Private Personal Information to an Unauthorized ActorEPSS 0.6%CVE-2020-13541CRITICALAn exploitable local privilege elevation vulnerability exists in the file system permissions of the Mobile-911 Server V2.5 install directoryEPSS 0.6%CVE-2023-43984Insecure permissions in Smart Soft advancedexport before v4.4.7 allow unauthenticated attackers to arbitrarily download user information froEPSS 0.6%CVE-2023-41726HIGHIvanti Avalanche Incorrect Default Permissions allows Local Privilege Escalation VulnerabilityEPSS 0.6%CVE-2023-49338HIGHCouchbase Server 7.1.x and 7.2.x before 7.2.4 does not require authentication for the /admin/stats and /admin/vitals endpoints on TCP port 8EPSS 0.6%CVE-2022-47551MEDIUMApiman 1.5.7 through 2.2.3.Final has insufficient checks for read permissions within the Apiman Manager REST API. The root cause of the issuEPSS 0.6%CVE-2024-32978MEDIUMKaminari Insecure File Permissions VulnerabilityEPSS 0.6%CVE-2025-24891CRITICALDumb Drop has an arbitrary file overwrite and path traversal for root shellEPSS 0.6%CVE-2020-26180MEDIUMDell EMC Isilon OneFS supported versions 8.1 and later and Dell EMC PowerScale OneFS supported version 9.0.0 contain an access issue with thEPSS 0.6%