Vulnerabilities > Improper Preservation of Permissions
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-11-12 | CVE-2020-12334 | Improper Preservation of Permissions vulnerability in Intel Advisor Tools 2020 Improper permissions in the installer for the Intel(R) Advisor tools before version 2020 Update 2 may allow an authenticated user to potentially enable escalation of privilege via local access. | 7.8 |
| 2020-11-12 | CVE-2020-12332 | Improper Preservation of Permissions vulnerability in Intel HID Event Filter Driver Improper permissions in the installer for the Intel(R) HID Event Filter Driver, all versions, may allow an authenticated user to potentially enable escalation of privilege via local access. | 7.8 |
| 2020-11-12 | CVE-2020-12330 | Improper Preservation of Permissions vulnerability in Intel Falcon 8+ UAS Asctec Thermal Viewer Firmware Improper permissions in the installer for the Intel(R) Falcon 8+ UAS AscTec Thermal Viewer, all versions, may allow an authenticated user to potentially enable escalation of privilege via local access. | 7.8 |
| 2020-10-16 | CVE-2020-16910 | Improper Preservation of Permissions vulnerability in Microsoft products <p>A security feature bypass vulnerability exists when Microsoft Windows fails to handle file creation permissions, which could allow an attacker to create files in a protected Unified Extensible Firmware Interface (UEFI) location.</p> <p>To exploit this vulnerability, an attacker could run a specially crafted application to bypass Unified Extensible Firmware Interface (UEFI) variable security in Windows.</p> <p>The security update addresses the vulnerability by correcting security feature behavior to enforce permissions.</p> | 6.2 |
| 2020-10-05 | CVE-2020-8182 | Improper Preservation of Permissions vulnerability in Nextcloud Deck 0.8.0 Improper access control in Nextcloud Deck 0.8.0 allowed an attacker to reshare boards shared with them with more permissions than they had themselves. | 8.0 |
| 2020-09-21 | CVE-2020-6564 | Improper Preservation of Permissions vulnerability in multiple products Inappropriate implementation in permissions in Google Chrome prior to 85.0.4183.83 allowed a remote attacker to spoof the contents of a permission dialog via a crafted HTML page. | 6.5 |
| 2020-09-18 | CVE-2020-0405 | Improper Preservation of Permissions vulnerability in Google Android 11.0 In NetworkStackNotifier, there is a possible permissions bypass due to an unsafe implicit PendingIntent. | 7.8 |
| 2020-09-15 | CVE-2020-13308 | Improper Preservation of Permissions vulnerability in Gitlab A vulnerability was discovered in GitLab versions before 13.1.10, 13.2.8 and 13.3.4. | 2.7 |
| 2020-09-14 | CVE-2019-0233 | Improper Preservation of Permissions vulnerability in multiple products An access permission override in Apache Struts 2.0.0 to 2.5.20 may cause a Denial of Service when performing a file upload. | 7.5 |
| 2020-08-13 | CVE-2020-13282 | Improper Preservation of Permissions vulnerability in Gitlab For GitLab before 13.0.12, 13.1.6, 13.2.3 after a group transfer occurs, members from a parent group keep their access level on the subgroup leading to improper access. | 3.5 |