Incorrect Default Permissions

During installation, installed file permissions are set to allow anyone to modify those files.

CVEs (1,508)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2024-54131 - - Dec 3, 2024 Dec 3, 2024 7.3 HIGH· v4 N/A· v3 N/A· v2 The Kolide Agent (aka: Launcher) is the lightweight agent designed to work with Kolide's service. An implementation bug in the Kolide Agent (known as `launcher`) allows for local privilege escalation to the SYSTEM user o...Show more The Kolide Agent (aka: Launcher) is the lightweight agent designed to work with Kolide's service. An implementation bug in the Kolide Agent (known as `launcher`) allows for local privilege escalation to the SYSTEM user on Windows 10 and 11. The bug was introduced in version 1.5.3 when launcher started storing upgraded binaries in the ProgramData directory. This move to the new directory meant the launcher root directory inherited default permissions that are not as strict as the previous location. These incorrect default permissions in conjunction with an omitted SystemDrive environmental variable (when launcher starts osqueryd), allows a malicious actor with access to the local Windows device to successfully place an arbitrary DLL into the osqueryd process's search path. Under some circumstances, this DLL will be executed when osqueryd performs a WMI query. This combination of events could then allow the attacker to escalate their privileges to SYSTEM. Impacted versions include versions >= 1.5.3 and the fix has been released in 1.12.3.Show less
CVE-2024-53921 1Samsung 1Magician Jun 3, 2025 Dec 3, 2024 N/A· v4 2.8 LOW· v3 N/A· v2 An issue was discovered in the installer in Samsung Magician 8.1.0 on Windows. An attacker can create arbitrary folders in the system permission directory via a symbolic link during the installation process.
CVE-2018-9431 1Google 1Android Dec 18, 2024 Dec 2, 2024 N/A· v4 7.8 HIGH· v3 N/A· v2 In OSUInfo of OSUInfo.java, there is a possible escalation of privilege due to improper input validation. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction...Show more In OSUInfo of OSUInfo.java, there is a possible escalation of privilege due to improper input validation. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Show less
CVE-2024-11969 - - Nov 28, 2024 Nov 28, 2024 N/A· v4 8.8 HIGH· v3 N/A· v2 The NetCloud Exchange client for Windows, version 1.110.50, contains an insecure file and folder permissions vulnerability. A normal (non-admin) user could exploit the weakness in file and folder permissions to escalate...Show more The NetCloud Exchange client for Windows, version 1.110.50, contains an insecure file and folder permissions vulnerability. A normal (non-admin) user could exploit the weakness in file and folder permissions to escalate privileges, execute arbitrary code and maintain persistence on the compromised machine. It has been identified that full control permissions exist on the ‘Everyone’ group (i.e. any user who has local access to the operating system regardless of their privileges).Show less
CVE-2024-46054 1Davidguva 1Openvidreview May 15, 2025 Nov 27, 2024 N/A· v4 9.8 CRITICAL· v3 N/A· v2 OpenVidReview 1.0 is vulnerable to Incorrect Access Control. The /upload route is accessible without authentication, allowing any user to upload files.
CVE-2024-6476 - - Nov 26, 2024 Nov 26, 2024 N/A· v4 4.2 MEDIUM· v3 N/A· v2 Gee-netics, member of the AXIS Camera Station Pro Bug Bounty Program has found that it is possible for a non-admin user to gain system privileges by redirecting a file deletion upon service restart. Axis has released p...Show more Gee-netics, member of the AXIS Camera Station Pro Bug Bounty Program has found that it is possible for a non-admin user to gain system privileges by redirecting a file deletion upon service restart. Axis has released patched versions for the highlighted flaw. Please refer to the Axis security advisory for more information and solution.Show less
CVE-2024-27134 1Lfprojects 1Mlflow Feb 3, 2025 Nov 25, 2024 N/A· v4 7.0 HIGH· v3 N/A· v2 Excessive directory permissions in MLflow leads to local privilege escalation when using spark_udf. This behavior can be exploited by a local attacker to gain elevated permissions by using a ToCToU attack. The issue is o...Show more Excessive directory permissions in MLflow leads to local privilege escalation when using spark_udf. This behavior can be exploited by a local attacker to gain elevated permissions by using a ToCToU attack. The issue is only relevant when the spark_udf() MLflow API is called.Show less
CVE-2024-50657 - - Nov 27, 2024 Nov 22, 2024 N/A· v4 6.8 MEDIUM· v3 N/A· v2 An issue in Owncloud android apk v.4.3.1 allows a physically proximate attacker to escalate privileges via the PassCodeViewModel class, specifically in the checkPassCodeIsValid method
CVE-2024-44786 - - Mar 13, 2025 Nov 22, 2024 N/A· v4 7.5 HIGH· v3 N/A· v2 Incorrect access control in Meabilis CMS 1.0 allows attackers to access other users' address books via unspecified vectors.
CVE-2024-11089 2Cayenne Tarassych 2Anonymous Restricted Content Anonymous Restricted Content Mar 12, 2026 Nov 21, 2024 N/A· v4 5.3 MEDIUM· v3 N/A· v2 The Anonymous Restricted Content plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 1.6.5 via the WordPress core search feature. This makes it possible for unauthen...Show more The Anonymous Restricted Content plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 1.6.5 via the WordPress core search feature. This makes it possible for unauthenticated attackers to extract sensitive data from posts that have been restricted to logged-in users.Show less
CVE-2024-11088 1Simple Membership Plugin 1Simple Membership Apr 5, 2025 Nov 21, 2024 N/A· v4 7.5 HIGH· v3 N/A· v2 The Simple Membership plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 4.5.5 via the WordPress core search feature. This makes it possible for unauthenticated att...Show more The Simple Membership plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 4.5.5 via the WordPress core search feature. This makes it possible for unauthenticated attackers to extract sensitive data from posts that have been restricted to higher-level roles such as administrator.Show less
CVE-2024-48533 1Esoftplanner 1Esoft Planner Oct 1, 2025 Nov 20, 2024 N/A· v4 5.3 MEDIUM· v3 N/A· v2 A discrepancy between responses for valid and invalid e-mail accounts in the Forgot your Login? module of eSoft Planner 3.24.08271-USA allows attackers to enumerate valid user e-mail accounts.
CVE-2024-51162 - - Mar 17, 2025 Nov 20, 2024 N/A· v4 8.8 HIGH· v3 N/A· v2 An issue in Audimex EE versions 15.1.20 and earlier allowing a remote attacker to escalate privileges. Analyzing the offline client code, it was identified that it is possible for any user (with any privilege) of Audimex...Show more An issue in Audimex EE versions 15.1.20 and earlier allowing a remote attacker to escalate privileges. Analyzing the offline client code, it was identified that it is possible for any user (with any privilege) of Audimex to dump the whole Audimex database. This gives visibility upon password hashes of any user, ongoing audit data and more.Show less
CVE-2024-45690 1Moodle 1Moodle Jun 2, 2025 Nov 20, 2024 N/A· v4 7.5 HIGH· v3 N/A· v2 A flaw was found in Moodle. Additional checks were required to ensure users can only delete their OAuth2-linked accounts.
CVE-2018-9467 1Google 1Android Nov 22, 2024 Nov 20, 2024 N/A· v4 9.8 CRITICAL· v3 N/A· v2 In the getHost() function of UriTest.java, there is the possibility of incorrect web origin determination. This could lead to incorrect security decisions with no additional execution privileges needed. User interaction...Show more In the getHost() function of UriTest.java, there is the possibility of incorrect web origin determination. This could lead to incorrect security decisions with no additional execution privileges needed. User interaction is not needed for exploitation.Show less
CVE-2018-9432 1Google 1Android Nov 22, 2024 Nov 19, 2024 N/A· v4 7.8 HIGH· v3 N/A· v2 In createPhonebookDialogView and createMapDialogView of BluetoothPermissionActivity.java, there is a possible permissions bypass. This could lead to local escalation of privilege due to hiding and bypassing the user's ab...Show more In createPhonebookDialogView and createMapDialogView of BluetoothPermissionActivity.java, there is a possible permissions bypass. This could lead to local escalation of privilege due to hiding and bypassing the user's ability to disable access to contacts, with no additional execution privileges needed. User interaction is needed for exploitation.Show less
CVE-2018-9369 1Google 1Android Nov 22, 2024 Nov 19, 2024 N/A· v4 7.3 HIGH· v3 N/A· v2 In bootloader there is fastboot command allowing user specified kernel command line arguments. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed f...Show more In bootloader there is fastboot command allowing user specified kernel command line arguments. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed for exploitation.Show less
CVE-2023-21270 1Google 1Android Dec 18, 2024 Nov 19, 2024 N/A· v4 7.8 HIGH· v3 N/A· v2 In restorePermissionState of PermissionManagerServiceImpl.java, there is a possible way for an app to keep permissions that should be revoked due to incorrect permission flags cleared during an update. This could lead to...Show more In restorePermissionState of PermissionManagerServiceImpl.java, there is a possible way for an app to keep permissions that should be revoked due to incorrect permission flags cleared during an update. This could lead to local escalation of privilege with User execution privileges needed. User interaction is not needed for exploitation.Show less
CVE-2024-51051 - - Nov 19, 2024 Nov 18, 2024 N/A· v4 9.8 CRITICAL· v3 N/A· v2 AVSCMS v8.2.0 was discovered to contain weak default credentials for the Administrator account.
CVE-2024-48293 - - Nov 19, 2024 Nov 18, 2024 N/A· v4 6.5 MEDIUM· v3 N/A· v2 Incorrect access control in QuickHeal Antivirus Pro 24.1.0.182 and earlier allows authenticated attackers with low-level privileges to arbitrarily modify antivirus settings.

Previous 1...171819...76 Next