Vulnerabilities > Improper Preservation of Permissions

DATE CVE VULNERABILITY TITLE RISK
2021-08-13 CVE-2021-38553 Improper Preservation of Permissions vulnerability in Hashicorp Vault
HashiCorp Vault and Vault Enterprise 1.4.0 through 1.7.3 initialized an underlying database file associated with the Integrated Storage feature with excessively broad filesystem permissions.
local
low complexity
hashicorp CWE-281
2.1
2021-08-05 CVE-2021-29971 Improper Preservation of Permissions vulnerability in Mozilla Firefox
If a user had granted a permission to a webpage and saved that grant, any webpage running on the same host - irrespective of scheme or port - would be granted that permission.
network
low complexity
mozilla CWE-281
7.5
2021-08-04 CVE-2021-32465 Improper Preservation of Permissions vulnerability in Trendmicro Apex ONE and Officescan
An incorrect permission preservation vulnerability in Trend Micro Apex One, Apex One as a Service and OfficeScan XG SP1 could allow a remote user to perform an attack and bypass authentication on affected installations.
network
low complexity
trendmicro CWE-281
6.5
2021-07-15 CVE-2020-15496 Improper Preservation of Permissions vulnerability in Acronis True Image
Acronis True Image for Mac before 2021 Update 4 allowed local privilege escalation due to insecure folder permissions.
local
low complexity
acronis CWE-281
4.6
2021-06-22 CVE-2021-22382 Improper Preservation of Permissions vulnerability in Huawei E3372 Firmware and E8372 Firmware
Huawei LTE USB Dongle products have an improper permission assignment vulnerability.
local
huawei CWE-281
4.4
2021-06-22 CVE-2021-0542 Improper Preservation of Permissions vulnerability in Google Android 11.0
In updateNotification of BeamTransferManager.java, there is a missing permission check.
local
low complexity
google CWE-281
2.1
2021-06-10 CVE-2021-21735 Improper Preservation of Permissions vulnerability in ZTE Zxhn H168N Firmware
A ZTE product has an information leak vulnerability.
network
low complexity
zte CWE-281
4.0
2021-06-09 CVE-2021-0074 Improper Preservation of Permissions vulnerability in Intel Computing Improvement Program
Improper permissions in the installer for the Intel(R) Computing Improvement Program software before version 2.4.5982 may allow an authenticated user to potentially enable escalation of privilege via local access.
local
low complexity
intel CWE-281
4.6
2021-06-09 CVE-2021-0077 Improper Preservation of Permissions vulnerability in Intel Vtune Profiler 2017/2018/2019
Insecure inherited permissions in the installer for the Intel(R) VTune(TM) Profiler before version 2021.1.1 may allow an authenticated user to potentially enable escalation of privilege via local access.
local
low complexity
intel CWE-281
4.6
2021-06-09 CVE-2020-27383 Improper Preservation of Permissions vulnerability in Blizzard Battle.Net 1.27.1.12428
Battle.net.exe in Battle.Net 1.27.1.12428 suffers from an elevation of privileges vulnerability which can be used by an "Authenticated User" to modify the existing executable file with a binary of his choice.
local
low complexity
blizzard CWE-281
4.6