CWE-271 is a common weakness enumeration in software security. This database tracks 7 CVE vulnerabilities classified under this weakness type.

How many CVEs are classified as CWE-271?

There are 7 CVE vulnerabilities classified as CWE-271 with an average CVSS score of 6.7428571428571.

What is the severity distribution for CWE-271?

CWE-271 contains 0 critical, 4 high, 2 medium, and 1 low severity vulnerabilities.

CWE-271

Total CVEs

Vulnerabilities

Avg CVSS v3

6.7

Medium

Avg CVSS v2

4.2

Medium

Latest CVE

2025

Most Recent

Severity Distribution

Critical 0

High 4

57.1%

Medium 2

28.6%

Low 1

14.3%

External References

MITRE CWE

Official CWE definition

NIST NVD

Search CVEs by CWE

All CVEs (7)

Page 1 of 1

CVE-2023-22648

HIGH

CVSS:8.8(High)

A Improper Privilege Management vulnerability in SUSE Rancher causes permission changes in Azure AD not to be reflected to users while they are logged in the Rancher UI. This would cause the users to ...

CWE-2712023

CVE-2024-0985

HIGH

CVSS:8.0(High)

Late privilege drop in REFRESH MATERIALIZED VIEW CONCURRENTLY in PostgreSQL allows an object creator to execute arbitrary SQL functions as the command issuer. The command intends to run SQL functions ...

CWE-2712024

CVE-2025-23395

HIGH

CVSS:7.8(High)

Screen 5.0.0 when it runs with setuid-root privileges does not drop privileges while operating on a user supplied path. This allows unprivileged users to create files in arbitrary locations with `root...

CWE-2712025

CVE-2022-3569

HIGH

CVSS:7.8(High)

Due to an issue with incorrect sudo permissions, Zimbra Collaboration Suite (ZCS) suffers from a local privilege escalation issue in versions 9.0.0 and prior, where the 'zimbra' user can effectively c...

CWE-2712022

CVE-2024-35179

MEDIUM

CVSS:6.8(Medium)

Stalwart Mail Server is an open-source mail server. Prior to version 0.8.0, when using `RUN_AS_USER`, the specified user (and therefore, web interface admins) can read arbitrary files as root. This is...

CWE-2712024

CVE-2020-35513

MEDIUM

CVSS:4.9(Medium)

A flaw incorrect umask during file or directory modification in the Linux kernel NFS (network file system) functionality was found in the way user create and delete object using NFSv4.2 or newer if bo...

CWE-2712020

CVE-2019-11243

LOW

CVSS:3.1(Low)

In Kubernetes v1.12.0-v1.12.4 and v1.13.0, the rest.AnonymousClientConfig() method returns a copy of the provided config, with credentials removed (bearer token, username/password, and client certific...

CWE-2712019