VYPR

CWE-276

Incorrect Default Permissions

BaseDraftLikelihood: Medium

Description

During installation, installed file permissions are set to allow anyone to modify those files.

Hierarchy (View 1000)

Parents

Children

none

Related attack patterns (CAPEC)

CAPEC-1 · CAPEC-127 · CAPEC-81

CVEs mapped to this weakness (474)

page 19 of 24
  • CVE-2024-57604Feb 12, 2025
    risk 0.00cvss epss 0.01

    An issue in MaysWind ezBookkeeping 0.7.0 allows a remote attacker to escalate privileges via the token component.

  • CVE-2025-24795Jan 29, 2025
    risk 0.00cvss epss 0.00

    The Snowflake Connector for Python provides an interface for developing Python applications that can connect to Snowflake and perform all standard operations. Snowflake discovered and remediated a vulnerability in the Snowflake Connector for Python. On Linux systems, when…

  • CVE-2025-24788Jan 29, 2025
    risk 0.00cvss epss 0.00

    snowflake-connector-net is the Snowflake Connector for .NET. Snowflake discovered and remediated a vulnerability in the Snowflake Connector for .NET in which files downloaded from stages are temporarily placed in a world-readable local directory, making them accessible to…

  • CVE-2025-24790Jan 29, 2025
    risk 0.00cvss epss 0.00

    Snowflake JDBC provides a JDBC type 4 driver that supports core functionality, allowing Java program to connect to Snowflake. Snowflake discovered and remediated a vulnerability in the Snowflake JDBC Driver. On Linux systems, when temporary credential caching is enabled, the…

  • CVE-2024-57438Jan 29, 2025
    risk 0.00cvss epss 0.00

    Insecure permissions in RuoYi v4.8.0 allows authenticated attackers to escalate privileges by assigning themselves higher level roles.

  • CVE-2025-24400Jan 22, 2025
    risk 0.00cvss epss 0.00

    Jenkins Eiffel Broadcaster Plugin 2.8.0 through 2.10.2 (both inclusive) uses the credential ID as the cache key during signing operations, allowing attackers able to create a credential with the same ID as a legitimate one in a different credentials store to sign an event…

  • CVE-2025-24399Jan 22, 2025
    risk 0.00cvss epss 0.01

    Jenkins OpenId Connect Authentication Plugin 4.452.v2849b_d3945fa_ and earlier, except 4.438.440.v3f5f201de5dc, treats usernames as case-insensitive, allowing attackers on Jenkins instances configured with a case-sensitive OpenID Connect provider to log in as any user by…

  • CVE-2023-1907Jan 9, 2025
    risk 0.00cvss epss 0.00

    A vulnerability was found in pgadmin. Users logging into pgAdmin running in server mode using LDAP authentication may be attached to another user's session if multiple connection attempts occur simultaneously.

  • CVE-2024-55225Jan 9, 2025
    risk 0.00cvss epss 0.01

    An issue in the component src/api/identity.rs of Vaultwarden prior to v1.32.5 allows attackers to impersonate users, including Administrators, via a crafted authorization request.

  • CVE-2024-27134Nov 25, 2024
    risk 0.00cvss epss 0.00

    Excessive directory permissions in MLflow leads to local privilege escalation when using spark_udf. This behavior can be exploited by a local attacker to gain elevated permissions by using a ToCToU attack. The issue is only relevant when the spark_udf() MLflow API is called.

  • CVE-2024-45690Nov 20, 2024
    risk 0.00cvss epss 0.00

    A flaw was found in Moodle. Additional checks were required to ensure users can only delete their OAuth2-linked accounts.

  • CVE-2024-52551Nov 13, 2024
    risk 0.00cvss epss 0.01

    Jenkins Pipeline: Declarative Plugin 2.2214.vb_b_34b_2ea_9b_83 and earlier does not check whether the main (Jenkinsfile) script used to restart a build from a specific stage is approved, allowing attackers with Item/Build permission to restart a previous build whose…

  • CVE-2024-43430Nov 11, 2024
    risk 0.00cvss epss 0.00

    A flaw was found in moodle. External API access to Quiz can override contained insufficient access control.

  • CVE-2024-47825Oct 21, 2024
    risk 0.00cvss epss 0.00

    Cilium is a networking, observability, and security solution with an eBPF-based dataplane. Starting in version 1.14.0 and prior to versions 1.14.16 and 1.15.10, a policy rule denying a prefix that is broader than `/32` may be ignored if there is a policy rule referencing a more…

  • CVE-2022-25776Sep 18, 2024
    risk 0.00cvss epss 0.00

    Prior to the patched version, logged in users of Mautic are able to access areas of the application that they should be prevented from accessing. Users could potentially access sensitive data such as names and surnames, company names and stage names.

  • CVE-2024-43791Aug 23, 2024
    risk 0.00cvss epss 0.00

    RequestStore provides per-request global storage for Rack. The files published as part of request_store 1.3.2 have 0666 permissions, meaning that they are world-writable, which allows local users to execute arbitrary code. This version was published in 2017, and most production…

  • CVE-2024-42681Aug 15, 2024
    risk 0.00cvss epss 0.01

    Insecure Permissions vulnerability in xxl-job v.2.4.1 allows a remote attacker to execute arbitrary code via the Sub-Task ID component.

  • CVE-2024-38459Jun 16, 2024
    risk 0.00cvss epss 0.00

    langchain_experimental (aka LangChain Experimental) before 0.0.61 for LangChain provides Python REPL access without an opt-in step. NOTE; this issue exists because of an incomplete fix for CVE-2024-27444.

  • CVE-2024-28056Apr 15, 2024
    risk 0.00cvss epss 0.02

    Amazon AWS Amplify CLI before 12.10.1 incorrectly configures the role trust policy of IAM roles associated with Amplify projects. When the Authentication component is removed from an Amplify project, a Condition property is removed but "Effect":"Allow" remains present, and…

  • CVE-2024-22889Mar 5, 2024
    risk 0.00cvss epss 0.01

    Due to incorrect access control in Plone version v6.0.9, remote attackers can view and list all files hosted on the website via sending a crafted request.