Support Us — Your donation helps us keep running

Goal: 1000 CNY,Raised: 1000 CNY

100.0%
Donate Now

CWE-279 (不安全的运行时授予权限) — Vulnerability Class 15

15 vulnerabilities classified as CWE-279 (不安全的运行时授予权限). AI Chinese analysis included.

CVE IDTitleCVSSSeverityPaused
CVE-2026-4948 Firewalld: firewalld: local unprivileged user can modify firewall state due to d-bus setter mis-authorization — Red Hat Enterprise Linux 10 5.5 Medium2026-03-27
CVE-2026-20062 Cisco Secure Firewall Adaptive Security Appliance 安全漏洞 — Cisco Secure Firewall Adaptive Security Appliance (ASA) Software 7.2 High2026-03-04
CVE-2025-12801 Nfs-utils: rpc.mountd in the nfs-utils privilege escalation — Red Hat Enterprise Linux 10 6.5 Medium2026-03-04
CVE-2025-14025 Ansible-automation-platform/aap-gateway: aap-gateway: read-only personal access token (pat) bypasses write restrictions — Red Hat Ansible Automation Platform 2.5 for RHEL 8 8.5 High2026-01-08
CVE-2025-36228 Incorrect Execution-Assigned Permissions in IBM Aspera Faspex — Aspera Faspex 5 3.8 Low2025-12-26
CVE-2025-13663 Quartus Prime Pro Edition Installer Advisory — Quartus Prime Pro 6.7 Medium2025-12-11
CVE-2024-25621 containerd affected by a local privilege escalation via wide permissions on CRI directory — containerd 7.3 High2025-11-06
CVE-2025-30001 Apache StreamPark: Authenticated users can trigger remote command execution — Apache StreamPark 8.1AIHighAI2025-10-10
CVE-2025-23263 NVIDIA DOCA-Host和NVIDIA Mellanox OFED 安全漏洞 — DOCA-Host and Mellanox OFED 7.6 High2025-07-17
CVE-2024-11220 Open Automation Software Incorrect Execution-Assigned Permissions — Open Automation Software 7.8 High2024-12-06
CVE-2023-4665 Privilage Escalation in Saphira Connect — Saphira Connect 8.8 High2023-09-15
CVE-2023-3915 Incorrect Execution-Assigned Permissions in GitLab — GitLab 6.5 Medium2023-09-01
CVE-2023-4383 MicroWorld eScan Anti-Virus runasroot incorrect execution-assigned permissions — eScan Anti-Virus 7.8 High2023-08-16
CVE-2020-8025 outdated entries in permissions profiles for /var/lib/pcp/tmp/* may cause security issues — SUSE Linux Enterprise Server 12-SP4 6.1 Medium2020-08-07
CVE-2017-8441 Elastic X-Pack Security 权限许可和访问控制漏洞 — X-Pack Security 4.3 -2017-06-05

Vulnerabilities classified as CWE-279 (不安全的运行时授予权限) represent 15 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.