Vulnerabilities > Improper Preservation of Permissions
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2024-01-30 | CVE-2024-0674 | Improper Preservation of Permissions vulnerability in Lamassu Douro Firmware and Douro II Firmware Privilege escalation vulnerability in Lamassu Bitcoin ATM Douro machines, in its 7.1 version, which could allow a local user to acquire root permissions by modifying the updatescript.js, inserting special code inside the script and creating the done.txt file. | 7.8 |
2024-01-18 | CVE-2024-22401 | Improper Preservation of Permissions vulnerability in Nextcloud Guests 2.5.0/3.0.0 Nextcloud guests app is a utility to create guest users which can only see files shared with them. | 4.3 |
2024-01-18 | CVE-2024-22402 | Improper Preservation of Permissions vulnerability in Nextcloud Guests 2.5.0/3.0.0 Nextcloud guests app is a utility to create guest users which can only see files shared with them. | 5.4 |
2024-01-18 | CVE-2024-22404 | Improper Preservation of Permissions vulnerability in Nextcloud Zipper Nextcloud files Zip app is a tool to create zip archives from one or multiple files from within Nextcloud. | 4.3 |
2023-12-11 | CVE-2023-6186 | Improper Preservation of Permissions vulnerability in multiple products Insufficient macro permission validation of The Document Foundation LibreOffice allows an attacker to execute built-in macros without warning. In affected versions LibreOffice supports hyperlinks with macro or similar built-in command targets that can be executed when activated without warning the user. | 8.8 |
2023-11-30 | CVE-2023-47463 | Improper Preservation of Permissions vulnerability in Gl-Inet Gl-Ax1800 Firmware Insecure Permissions vulnerability in GL.iNet AX1800 version 4.0.0 before 4.5.0 allows a remote attacker to execute arbitrary code via a crafted script to the gl_nas_sys authentication function. | 9.8 |
2023-11-28 | CVE-2023-6239 | Improper Preservation of Permissions vulnerability in M-Files Server 23.10/23.9 Under rare conditions, the effective permissions of an object might be incorrectly calculated if the object has a specific configuration of metadata-driven permissions in M-Files Server versions 23.9, 23.10, and 23.11 before 23.11.13168.7, potentially enabling unauthorized access to the object. | 8.8 |
2023-11-20 | CVE-2023-43612 | Improper Preservation of Permissions vulnerability in Openharmony in OpenHarmony v3.2.2 and prior versions allow a local attacker arbitrary file read and write through improper preservation of permissions. | 7.8 |
2023-11-06 | CVE-2023-4996 | Improper Preservation of Permissions vulnerability in Netskope Netskope was made aware of a security vulnerability in its NSClient product for version 100 & prior where a malicious non-admin user can disable the Netskope client by using a specially-crafted package. | 8.8 |
2023-10-17 | CVE-2023-39902 | Improper Preservation of Permissions vulnerability in NXP Uboot Secondary Program Loader A software vulnerability has been identified in the U-Boot Secondary Program Loader (SPL) before 2023.07 on select NXP i.MX 8M family processors. | 7.8 |