Vulnerabilities > Improper Preservation of Permissions
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-06-19 | CVE-2019-20843 | Improper Preservation of Permissions vulnerability in Mattermost Server An issue was discovered in Mattermost Server before 5.18.0, 5.17.2, 5.16.4, 5.15.4, and 5.9.7. | 7.5 |
| 2020-06-02 | CVE-2020-13763 | Improper Preservation of Permissions vulnerability in Joomla Joomla! In Joomla! before 3.9.19, the default settings of the global textfilter configuration do not block HTML inputs for Guest users. | 7.5 |
| 2020-05-20 | CVE-2020-13230 | Improper Preservation of Permissions vulnerability in multiple products In Cacti before 1.2.11, disabling a user account does not immediately invalidate any permissions granted to that account (e.g., permission to view logs). | 4.3 |
| 2020-05-19 | CVE-2020-2025 | Improper Preservation of Permissions vulnerability in Katacontainers Runtime Kata Containers before 1.11.0 on Cloud Hypervisor persists guest filesystem changes to the underlying image file on the host. | 8.8 |
| 2020-04-01 | CVE-2020-9781 | Improper Preservation of Permissions vulnerability in Apple Ipados and Iphone OS The issue was addressed by clearing website permission prompts after navigation. | 5.3 |
| 2020-03-13 | CVE-2020-10083 | Improper Preservation of Permissions vulnerability in Gitlab GitLab 12.7 through 12.8.1 has Insecure Permissions. | 9.1 |
| 2020-03-07 | CVE-2020-8634 | Improper Preservation of Permissions vulnerability in Wftpserver Wing FTP Server 6.2.3 Wing FTP Server v6.2.3 for Linux, macOS, and Solaris sets insecure permissions on files modified within the HTTP file management interface, resulting in files being saved with world-readable and world-writable permissions. | 7.8 |
| 2020-02-28 | CVE-2020-9442 | Improper Preservation of Permissions vulnerability in Openvpn Connect OpenVPN Connect 3.1.0.361 on Windows has Insecure Permissions for %PROGRAMDATA%\OpenVPN Connect\drivers\tap\amd64\win10, which allows local users to gain privileges by copying a malicious drvstore.dll there. | 7.8 |
| 2020-02-27 | CVE-2020-7063 | Improper Preservation of Permissions vulnerability in multiple products In PHP versions 7.2.x below 7.2.28, 7.3.x below 7.3.15 and 7.4.x below 7.4.3, when creating PHAR archive using PharData::buildFromIterator() function, the files are added with default permissions (0666, or all access) even if the original files on the filesystem were with more restrictive permissions. | 5.3 |
| 2020-02-18 | CVE-2020-8633 | Improper Preservation of Permissions vulnerability in Synacor Zimbra Collaboration Suite An issue was discovered in Zimbra Collaboration Suite (ZCS) before 8.8.15 Patch 7. | 5.3 |