Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CWE-276 (缺省权限不正确) — Vulnerability Class 447

447 vulnerabilities classified as CWE-276 (缺省权限不正确). AI Chinese analysis included.

CVE IDTitleCVSSSeverityPublished
CVE-2023-4091 Samba: smb clients can truncate files with read-only permissions — Red Hat Enterprise Linux 8 6.5 Medium2023-11-03
CVE-2022-4575 Lenovo ThinkPad 安全漏洞 — ThinkPad BIOS 6.7 Medium2023-10-30
CVE-2023-3112 Lenovo ThinkPad T14 Gen 3 安全漏洞 — Elliptic Labs Virtual Lock Sensor 7.8 High2023-10-24
CVE-2023-35181 SolarWinds Access Rights Manager Incorrect Default Permissions Local Privilege Escalation Vulnerability — Access Rights Manager 7.8 High2023-10-19
CVE-2023-35183 SolarWinds Access Rights Manager Incorrect Default Permissions Local Privilege Escalation Vulnerability — Access Rights Manager 7.8 High2023-10-19
CVE-2023-45690 Information leak via default file permissions on Titan MFT and Titan SFTP servers — Titan MFT 6.5 -2023-10-16
CVE-2023-44194 Junos OS: An unauthenticated attacker with local access to the device can create a backdoor with root privileges — Junos OS 8.4 High2023-10-12
CVE-2022-3431 Lenovo Notebook 安全漏洞 — BIOS 6.7 Medium2023-10-09
CVE-2023-3440 File and Directory Permission Vulnerability in JP1/Performance Management — JP1/Performance Management - Manager 8.4 High2023-10-03
CVE-2023-44157 Acronis Cyber Protect 安全漏洞 — Acronis Cyber Protect 15 7.8 -2023-09-27
CVE-2022-4039 Rhsso-container-image: unsecured management interface exposed to adjecent network — RHEL-8 based Middleware Containers 8.0 High2023-09-22
CVE-2023-5042 Acronis Cyber Protect 安全漏洞 — Acronis Cyber Protect Home Office 7.5 -2023-09-20
CVE-2023-4088 Malicious Code Execution Vulnerability in FA Engineering Software Products — GX Works3 9.3 Critical2023-09-20
CVE-2022-3466 Cri-o: security regression of cve-2022-27652 — Red Hat OpenShift Container Platform 4.12 4.8 Medium2023-09-15
CVE-2023-4664 Privilage Escalation in Saphira Connect — Saphira Connect 8.8 High2023-09-15
CVE-2023-37878 Insecure Default Permissions in Wing FTP Server <= 7.2.0 — Wing FTP Server 6.1 Medium2023-09-12
CVE-2023-2737 Improper securing of log directory may allow a denial of service — SafeNet Authtentication Service Agent 5.7 Medium2023-08-16
CVE-2023-32492 Dell PowerScale OneFS 安全漏洞 — PowerScale OneFS 5.3 Medium2023-08-16
CVE-2022-43701 Insecure directory permissions on installer files — Arm Compiler 5 (AC5), Arm Compiler for Embedded 6 (AC6), Fast Models (FM), Arm Compiler for Embedded FuSA (ACEF), Arm Development Studio (ADS), Arm Forge (AF), Arm Mobile Studio (AMS), DS-5 Development Studio, Fast Models (FM), GNU Toolchain (GT), Keil MDK (KMDK), Mbed Studio (MS) 8.4 -2023-07-27
CVE-2023-3323 Code Execution through overwriting project file on zenon engineering studio system — ABB Ability™ zenon 5.9 Medium2023-07-24
CVE-2020-36695 File and Directory Permission Vulnerability in Hitachi Command Suite — Hitachi Device Manager 6.6 Medium2023-07-18
CVE-2023-29131 Siemens SIMATIC CN 4100 安全漏洞 — SIMATIC CN 4100 7.4 High2023-07-11
CVE-2023-32183 openSUSE Tumbleweed 安全漏洞 — Tumbleweed 7.8 High2023-07-07
CVE-2023-20178 Cisco AnyConnect Secure Mobility Client for Windows 安全漏洞 — Cisco Secure Client 7.8 High2023-06-28
CVE-2022-33877 Fortinet FortiClient 安全漏洞 — FortiConverter 6.8 High2023-06-13
CVE-2022-4569 ThinkPad Hybrid USB-C with USB-A Dock Firmware Update Tool 安全漏洞 — ThinkPad Hybrid USB-C with USB-A Dock Firmware Update Tool 7.8 High2023-06-05
CVE-2023-28079 Dell PowerPath Management Appliance 安全漏洞 — PowerPath Windows 7.0 High2023-05-30
CVE-2023-32698 nfpm vulnerable to Incorrect Default Permissions — nfpm 7.1 High2023-05-30
CVE-2023-28724 NGINX Management Suite vulnerability — NGINX Instance Manager 7.1 High2023-05-03
CVE-2022-4568 Lenovo System Update 安全漏洞 — Lenovo System Update 7.0 High2023-05-01

Vulnerabilities classified as CWE-276 (缺省权限不正确) represent 447 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.