CWE-277 · Insecure Inherited Permissions

48 CVEs classified under CWE-277 (Insecure Inherited Permissions). Browse by severity and year.

Top CVEs for CWE-277
CVESeverityScorePublishedSummary
CVE-2021-41170Critical9.82021-11-08neoan3-apps/template is a neoan3 minimal template engine. Versions prior to 1.1.1 have allowed for passing in closures directly into the template engine. As a…
CVE-2025-58437High8.12025-09-06Coder allows organizations to provision remote development environments via Terraform. In versions 2.22.0 through 2.24.3, 2.25.0 and 2.25.1, Coder can be comp…
CVE-2023-33990High7.82023-07-11SAP SQL Anywhere - version 17.0, allows an attacker to prevent legitimate users from accessing the service by crashing the service. An attacker with low privil…
CVE-2025-20008High7.72025-05-13Insecure inherited permissions for some Intel(R) Simics(R) Package Manager software before version 1.12.0 may allow a privileged user to potentially enable esc…
CVE-2023-34391High7.42023-08-31Insecure Inherited Permissions vulnerability in Schweitzer Engineering Laboratories SEL-5033 AcSELerator RTAC Software on Windows allows Leveraging/Manipulatin…
CVE-2020-5343High7.32020-05-04Dell Client platforms restored using a Dell OS recovery image downloaded before December 20, 2019, may contain an insecure inherited permissions vulnerability…
CVE-2025-29982Medium6.82025-04-02Dell Wyse Management Suite, versions prior to WMS 5.1, contains an Insecure Inherited Permissions vulnerability. A low privileged attacker with local access co…
CVE-2025-32092Medium6.72026-02-10Insecure inherited permissions for some Intel(R) Graphics Software before version 25.30.1702.0 within Ring 3: User Applications may allow an escalation of priv…
CVE-2025-24327Medium6.72025-11-11Insecure inherited permissions for some Intel(R) Rapid Storage Technology Application before version 20.0.1021 within Ring 3: User Applications may allow an es…
CVE-2025-3473Medium6.72025-06-11IBM Security Guardium 12.1 could allow a local privileged user to escalate their privileges to root due to insecure inherited permissions created by the progra…
CVE-2025-20629Medium6.72025-05-13Insecure inherited permissions in the NVM Update Utility for some Intel(R) Ethernet Network Adapter E810 Series before version 4.60 may allow an authenticated…
CVE-2024-51448Medium6.72025-01-18IBM Robotic Process Automation 21.0.0 through 21.0.7.17 and 23.0.0 through 23.0.18 could allow a local user to escalate their privileges. All files in the inst…
CVE-2024-36294Medium6.72024-11-13Insecure inherited permissions for some Intel(R) DSA software before version 24.3.26.8 may allow an authenticated user to potentially enable escalation of priv…
CVE-2024-36276Medium6.72024-11-13Insecure inherited permissions for some Intel(R) CIP software before version 2.4.10852 may allow an authenticated user to potentially enable escalation of priv…
CVE-2024-25561Medium6.72024-08-14Insecure inherited permissions in some Intel(R) HID Event Filter software installers before version 2.2.2.1 may allow an authenticated user to potentially enab…
CVE-2024-23908Medium6.72024-08-14Insecure inherited permissions in some Flexlm License Daemons for Intel(R) FPGA software before version v11.19.5.0 may allow an authenticated user to potential…
CVE-2024-7143Medium6.72024-08-07A flaw was found in the Pulp package. When a role-based access control (RBAC) object in Pulp is set to assign permissions on its creation, it uses the `AutoAdd…
CVE-2023-45736Medium6.72024-05-16Insecure inherited permissions in Intel(R) Power Gadget software for Windows all versions may allow an authenticated user to potentially enable escalation of p…
CVE-2024-21835Medium6.72024-05-16Insecure inherited permissions in some Intel(R) XTU software before version 7.14.0.15 may allow an authenticated user to potentially enable escalation of privi…
CVE-2023-33870Medium6.72024-02-14Insecure inherited permissions in some Intel(R) Ethernet tools and driver install software may allow an authenticated user to potentially enable escalation of…