Falhas do tipo CWE-276
905 resultadosCVE-2020-13537CRITICALAn exploitable local privilege elevation vulnerability exists in the file system permissions of Moxa MXView series 3.1.8 installation. DepenEPSS 0.5%CVE-2025-24399HIGHJenkins OpenId Connect Authentication Plugin 4.452.v2849b_d3945fa_ and earlier, except 4.438.440.v3f5f201de5dc, treats usernames as case-insEPSS 0.5%CVE-2025-49843LOWconda-smithy Has Incorrect Default File PermissionsEPSS 0.5%CVE-2020-13540CRITICALAn exploitable local privilege elevation vulnerability exists in the file system permissions of the Win-911 Enterprise V4.20.13 install direEPSS 0.5%CVE-2024-39347MEDIUMIncorrect default permissions vulnerability in firewall functionality in Synology Router Manager (SRM) before 1.2.5-8227-11 and 1.3.1-9346-8EPSS 0.5%CVE-2023-46743HIGHThe same file cannot be opened with different rightsEPSS 0.5%CVE-2023-23848MEDIUMMissing permission checks in Synopsys Jenkins Coverity Plugin 3.0.2 and earlier allow attackers with Overall/Read permission to connect to aEPSS 0.5%CVE-2025-30706HIGHVulnerability in the MySQL Connectors product of Oracle MySQL (component: Connector/J). Supported versions that are affected are 9.0.0-9.2.EPSS 0.5%CVE-2024-44760CRITICALIncorrect access control in the component /servlet/SnoopServlet of Shenzhou News Union Enterprise Management System v5.0 through v18.8 allowEPSS 0.5%CVE-2024-9947HIGHProfilePress - Pro <= 4.11.1 - Authentication Bypass via WordPress.com OAuth providerEPSS 0.5%CVE-2023-23850MEDIUMA missing permission check in Synopsys Jenkins Coverity Plugin 3.0.2 and earlier allows attackers with Overall/Read permission to enumerate EPSS 0.5%CVE-2023-32999MEDIUMA missing permission check in Jenkins AppSpider Plugin 1.0.15 and earlier allows attackers with Overall/Read permission to connect to an attEPSS 0.5%CVE-2024-48823CRITICALLocal file inclusion in Automatic Systems Maintenance SlimLane 29565_d74ecce0c1081d50546db573a499941b10799fb7 allows a remote attacker to esEPSS 0.5%CVE-2024-44786HIGHIncorrect access control in Meabilis CMS 1.0 allows attackers to access other users' address books via unspecified vectors.EPSS 0.5%CVE-2021-36400MEDIUMIn Moodle, insufficient capability checks made it possible to remove other users' calendar URL subscriptions.EPSS 0.5%CVE-2020-13552HIGHAn exploitable local privilege elevation vulnerability exists in the file system permissions of Advantech WebAccess/SCADA 9.0.1 installationEPSS 0.5%CVE-2019-9579HIGHAn issue was discovered in Illumos in Nexenta NexentaStor 4.0.5 and 5.1.2, and other products. The SMB server allows an attacker to have uniEPSS 0.5%CVE-2020-13555HIGHAn exploitable local privilege elevation vulnerability exists in the file system permissions of Advantech WebAccess/SCADA 9.0.1 installationEPSS 0.5%CVE-2020-13553HIGHAn exploitable local privilege elevation vulnerability exists in the file system permissions of Advantech WebAccess/SCADA 9.0.1 installationEPSS 0.5%CVE-2022-0997LOWLocal Privilege Escalation Vulnerability in Fidelis Network and DeceptionEPSS 0.5%