CWE-276 (缺省权限不正确) — Vulnerability Class 447

447 vulnerabilities classified as CWE-276 (缺省权限不正确). AI Chinese analysis included.

CVE ID	Title	CVSS	Severity	Published
CVE-2021-40396	Advantech 安全漏洞 — n/a	8.8	-	2022-01-28
CVE-2021-40397	Advantech 安全漏洞 — n/a	7.8	-	2022-01-28
CVE-2021-40389	Advantech 安全漏洞 — n/a	8.8	-	2022-01-28
CVE-2021-40388	Advantech 安全漏洞 — n/a	8.8	-	2022-01-28
CVE-2021-41166	Permission bypass in Nextcloud Android App — security-advisories	4.3	Medium	2022-01-26
CVE-2022-21704	Incorrect Default Permissions in log4js-node — log4js-node	5.5	Medium	2022-01-19
CVE-2021-36781	parsec: dangerous 777 permissions for /run/parsec — Factory	5.9	Medium	2022-01-14
CVE-2021-21911	Advantech R-SeeNet 安全漏洞 — Advantech	7.8	-	2021-12-22
CVE-2021-21912	Advantech R-SeeNet 安全漏洞 — Advantech	7.8	-	2021-12-22
CVE-2021-21910	Advantech R-SeeNet 安全漏洞 — Advantech	7.8	-	2021-12-22
CVE-2021-21957	Dream Report ODS Remote Connector 安全漏洞 — Dream Report	7.8	-	2021-12-08
CVE-2021-3720	Legion Phone Pro（L79031）和Legion Phone2 Pro（L70081）上时间天气系统小部件安全漏洞 — Legion Phone Pro (L79031)	5.5	Medium	2021-11-12
CVE-2021-3579	Incorrect Default Permissions vulnerability in bdservicehost.exe and Vulnerability.Scan.exe — ENdpoint Security Tools for Windows	7.8	High	2021-10-28
CVE-2021-20037	SonicWall Global VPN client 安全漏洞 — SonicWall Global VPN Client	7.8	-	2021-09-21
CVE-2020-5353	DELL Dell EMC Isilon OneFS 和 EMC PowerScale 安全漏洞 — Isilon OneFS	8.8	High	2021-07-29
CVE-2020-26180	Dell EMC Isilon OneFS 和 EMC PowerScale 权限许可和访问控制问题漏洞 — PowerScale OneFS	6.3	Medium	2021-07-28
CVE-2020-29503	Dell EMC PowerStore 安全漏洞 — PowerStore	4.1	Medium	2021-07-19
CVE-2021-31998	inn: %post calls user owned file allowing local privilege escalation to root — SUSE Linux Enterprise Server 11-SP3	6.8	Medium	2021-06-10
CVE-2020-13599	Security problem with settings and littlefs — zephyr	3.3	Low	2021-05-24
CVE-2021-25317	cups: ownership of /var/log/cups allows the lp user to create files as root — SUSE Linux Enterprise Server 11-SP4-LTSS	3.3	Low	2021-05-05
CVE-2021-25319	virtualbox: missing sticky bit for /etc/vbox allows local root exploit for members of vboxusers group — Factory	7.8	High	2021-05-05
CVE-2021-3451	Lenovo PCManager 安全漏洞 — PCManager	5.5	Medium	2021-04-27
CVE-2021-0235	Junos OS: SRX1500, SRX4100, SRX4200, SRX4600, SRX5000 Series with SPC2/SPC3, vSRX Series: In a multi-tenant environment, a tenant host administrator may configure logical firewall isolation affecting other tenant networks — Junos OS	7.3	High	2021-04-22
CVE-2021-3462	Lenovo Power Management 安全漏洞 — Power Management Driver for Windows 10	5.5	Medium	2021-04-13
CVE-2020-27228	OpenClinic GA 安全漏洞 — OpenClinic	7.8	-	2021-04-13
CVE-2020-13532	Ocean Data Systems Dream Report 5 R20-2 安全漏洞 — Dream Report	7.8	-	2021-04-09
CVE-2020-13533	Ocean Data Systems Dream Report 5 R20-2 安全漏洞 — Dream Report	7.3	-	2021-04-09
CVE-2020-13534	Ocean Data Systems Dream Report 5 R20-2 安全漏洞 — Dream Report	7.8	-	2021-04-09
CVE-2020-8357	Lenovo Pcmanager 安全漏洞 — PCManager	5.5	Medium	2021-03-09
CVE-2020-13554	多款Advantech产品安全漏洞 — Advantech	8.8	-	2021-03-03

Vulnerabilities classified as CWE-276 (缺省权限不正确) represent 447 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.

Goal Reached Thanks to every supporter — we hit 100%!

CWE-276 (缺省权限不正确) — Vulnerability Class 447