Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CWE-276 (缺省权限不正确) — Vulnerability Class 447

447 vulnerabilities classified as CWE-276 (缺省权限不正确). AI Chinese analysis included.

CVE IDTitleCVSSSeverityPublished
CVE-2025-34332 AudioCodes Fax/IVR Appliance <= 2.6.23 Insecure Service Control Scripts LPE — AudioCodes Fax/IVR Appliance 7.8AIHighAI2025-11-19
CVE-2025-34333 AudioCodes Fax/IVR Appliance <= 2.6.23 World-Writable Webroot LPE — AudioCodes Fax/IVR Appliance 7.8AIHighAI2025-11-19
CVE-2025-54990 XWiki AdminTools application doesn't set permissions on the AdminTools space — application-admintools 5.3 Medium2025-11-18
CVE-2025-12792 Canva 安全漏洞 — Canva 3.2 Low2025-11-18
CVE-2025-13193 Libvirt: information disclosure via world-readable vm snapshots 5.5 Medium2025-11-17
CVE-2025-13131 Sonarr Service Sonarr.Console.exe default permission — Sonarr 7.8 High2025-11-13
CVE-2025-13130 Radarr Service Radarr.Console.exe default permission — Radarr 7.8 High2025-11-13
CVE-2025-8485 Lenovo App Store 安全漏洞 — App Store 7.3 High2025-11-12
CVE-2025-8421 Lenovo Dock Manager 安全漏洞 — Dock Manager 6.6 Medium2025-11-12
CVE-2025-61667 Datadog Linux Host Agent affected by local privilege escalation due to insufficient pycache permissions — datadog-agent 7.8 -2025-11-12
CVE-2025-11567 Schneider Electric PowerChute Serial Shutdown 安全漏洞 — PowerChute™ Serial Shutdown 8.4 -2025-11-12
CVE-2025-10918 Ivanti Endpoint Manager 安全漏洞 — Endpoint Manager 7.1 High2025-11-11
CVE-2025-8432 CentreonBI user account on the MBI server can execute commands as root by modifying script runned by the CRON — Infra Monitoring 8.4 High2025-10-27
CVE-2025-12100 MongoDB BI Connector ODBC driver installation via MSI may leave ACLs unset on custom installation directories — BI Connector ODBC driver 7.8 High2025-10-23
CVE-2025-57848 Container-native-virtualization: privilege escalation via excessive /etc/passwd permissions — Red Hat OpenShift Virtualization 4 6.4 Medium2025-10-23
CVE-2025-23347 NVIDIA GPU Display Driver 安全漏洞 — GeForce 7.8 High2025-10-23
CVE-2025-11575 MongoDB Atlas SQL ODBC driver installation via MSI may leave ACLs unset on custom installation directories — Atlas SQL ODBC driver 7.8 High2025-10-23
CVE-2025-58712 Amq: privilege escalation via excessive /etc/passwd permissions — activemq-artemis 6.4 Medium2025-10-22
CVE-2025-62661 Do permission checking when getting counts of global and local edits, new articles and thanks — Mediawiki - Thanks Extension, Mediawiki - Growth Experiments Extension 7.5AIHighAI2025-10-21
CVE-2025-62577 Fsas Technologies ETERNUS SF 安全漏洞 — ETERNUS SF AdvancedCopy Manager Standard Edition (for Solaris 10/ 11) 8.8AIHighAI2025-10-20
CVE-2025-62668 Insufficient permission checks in action=growthsetmentor — Mediawiki - GrowthExperiments Extension 7.5AIHighAI2025-10-18
CVE-2025-35062 Newforma Info Exchange (NIX) default anonymous access — Project Center 5.3 Medium2025-10-09
CVE-2025-11535 MongoDB Connector for BI installation MSI leave ACLs unset on custom installation directories — MongoDB Connector for BI 7.8AIHighAI2025-10-08
CVE-2025-23297 NVIDIA App 安全漏洞 — NVIDIA App 7.8 High2025-10-01
CVE-2025-57852 Openshift-ai: privilege escalation via excessive /etc/passwd permissions — Red Hat OpenShift AI 2.16 6.4 Medium2025-09-30
CVE-2025-36857 Rapid7 Appspider Broken Access Control Vulnerability — Appspider Pro 3.3 Low2025-09-25
CVE-2025-53947 Cognex In-Sight Explorer and In-Sight Camera Firmware Incorrect Default Permissions — In-Sight 2000 series 7.7 High2025-09-18
CVE-2025-55111 BMC Control-M/Agent insecure default file permissions — Control-M/Agent 5.5 Medium2025-09-16
CVE-2025-43887 Dell PowerProtect Data Manager 安全漏洞 — PowerProtect Data Manager 7.0 High2025-09-10
CVE-2025-43725 Dell PowerProtect Data Manager 安全漏洞 — PowerProtect Data Manager 7.8 High2025-09-10

Vulnerabilities classified as CWE-276 (缺省权限不正确) represent 447 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.