CWE-272
12 active CVEs classified under this weakness category. Sourced from NVD, GHSA, and vendor advisories. Full definition on MITRE →
CVEs classified under CWE-272page 1 of 1
- CVE-2021-26726HIGHCVSS 8.8EG 8.82022-02-16
A remote code execution vulnerability affecting a Valmet DNA service listening on TCP port 1517, allows an attacker to execute commands with SYSTEM privileges This issue affects: Valmet DNA versions from Collection 2012 until Collection 20…
- CVE-2023-28046MEDIUMCVSS 6.6EG 7.12023-04-06
Dell Display Manager, versions 2.1.0 and prior, contains an arbitrary file or folder deletion vulnerability during uninstallation A local low privilege attacker could potentially exploit this vulnerability, leading to the deletion of arbi…
- CVE-2023-28047HIGHCVSS 7.3EG 7.32023-04-20
Dell Display Manager, versions 2.1.0 and prior, contains an arbitrary file or folder creation vulnerability during installation. A local low privilege attacker could potentially exploit this vulnerability, leading to the execution of arbi…
- CVE-2023-32451HIGHCVSS 7.3EG 7.32024-02-06
Dell Display Manager application, version 2.1.1.17, contains a vulnerability that low privilege user can execute malicious code during installation and uninstallation
- CVE-2024-0638HIGHCVSS 8.2EG 8.22024-03-22
Least privilege violation in the Checkmk agent plugins mk_oracle, mk_oracle.ps1, and mk_oracle_crs before Checkmk 2.3.0b4 (beta), 2.2.0p24, 2.1.0p41 and 2.0.0 (EOL) allows local users to escalate privileges.
- CVE-2024-0798MEDIUMCVSS 6.5EG 8.12024-02-26
A privilege escalation vulnerability exists in mintplex-labs/anything-llm, allowing users with 'default' role to delete documents uploaded by 'admin'. Despite the intended restriction that prevents 'default' role users from deleting admin-…
- CVE-2024-24830CRITICALCVSS 9.9EG 9.92024-02-08
OpenObserve is a observability platform built specifically for logs, metrics, traces, analytics, designed to work at petabyte scale. A vulnerability has been identified in the "/api/{org_id}/users" endpoint. This vulnerability allows any a…
- CVE-2024-25106CRITICALCVSS 9.1EG 9.12024-02-08
OpenObserve is a observability platform built specifically for logs, metrics, traces, analytics, designed to work at petabyte scale. A critical vulnerability has been identified in the "/api/{org_id}/users/{email_id}" endpoint. This vulner…
- CVE-2024-27165HIGHCVSS 7.8EG 7.82024-06-14
Toshiba printers contain a suidperl binary and it has a Local Privilege Escalation vulnerability. A local attacker can get root privileges. As for the affected products/models/versions, see the reference URL.
- CVE-2024-28824HIGHCVSS 8.8EG 8.82024-03-22
Least privilege violation and reliance on untrusted inputs in the mk_informix Checkmk agent plugin before Checkmk 2.3.0b4 (beta), 2.2.0p24, 2.1.0p41 and 2.0.0 (EOL) allows local users to escalate privileges.
- CVE-2024-28829HIGHCVSS 7.8EG 7.82024-08-20
Least privilege violation and reliance on untrusted inputs in the mk_informix Checkmk agent plugin before Checkmk 2.3.0p12, 2.2.0p32, 2.1.0p47 and 2.0.0 (EOL) allows local users to escalate privileges.
- CVE-2024-35204HIGHCVSS 8.4EG 8.42024-05-14
Veritas System Recovery before 23.3_Hotfix has incorrect permissions for the Veritas System Recovery folder, and thus low-privileged users can conduct attacks.
Map vulnerabilities like CWE-272 to your infrastructure
EchelonGraph correlates every CVE — across CWE-272 and 150+ other weakness categories — against the assets you actually run. See blast radius, fix versions, and remediation steps in one graph.
Start Free Scan →