Vulnerabilities > Improper Preservation of Permissions
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-03-07 | CVE-2020-8634 | Improper Preservation of Permissions vulnerability in Wftpserver Wing FTP Server 6.2.3 Wing FTP Server v6.2.3 for Linux, macOS, and Solaris sets insecure permissions on files modified within the HTTP file management interface, resulting in files being saved with world-readable and world-writable permissions. | 7.8 |
| 2020-02-28 | CVE-2020-9442 | Improper Preservation of Permissions vulnerability in Openvpn Connect OpenVPN Connect 3.1.0.361 on Windows has Insecure Permissions for %PROGRAMDATA%\OpenVPN Connect\drivers\tap\amd64\win10, which allows local users to gain privileges by copying a malicious drvstore.dll there. | 7.8 |
| 2020-02-27 | CVE-2020-7063 | Improper Preservation of Permissions vulnerability in multiple products In PHP versions 7.2.x below 7.2.28, 7.3.x below 7.3.15 and 7.4.x below 7.4.3, when creating PHAR archive using PharData::buildFromIterator() function, the files are added with default permissions (0666, or all access) even if the original files on the filesystem were with more restrictive permissions. | 5.3 |
| 2020-02-18 | CVE-2020-8633 | Improper Preservation of Permissions vulnerability in Synacor Zimbra Collaboration Suite An issue was discovered in Zimbra Collaboration Suite (ZCS) before 8.8.15 Patch 7. | 5.3 |
| 2020-02-04 | CVE-2020-8117 | Improper Preservation of Permissions vulnerability in Nextcloud Server Improper preservation of permissions in Nextcloud Server 14.0.3 causes the event details to be leaked when sharing a non-public event. | 4.3 |
| 2020-02-04 | CVE-2019-15621 | Improper Preservation of Permissions vulnerability in Nextcloud Server Improper permissions preservation in Nextcloud Server 16.0.1 causes sharees to be able to reshare with write permissions when sharing the mount point of a share they received, as a public link. | 6.5 |
| 2019-12-10 | CVE-2019-13727 | Improper Preservation of Permissions vulnerability in multiple products Insufficient policy enforcement in WebSockets in Google Chrome prior to 79.0.3945.79 allowed a remote attacker to bypass same origin policy via a crafted HTML page. | 8.8 |
| 2019-12-06 | CVE-2019-19620 | Improper Preservation of Permissions vulnerability in Dell RED Cloak Windows Agent In SecureWorks Red Cloak Windows Agent before 2.0.7.9, a local user can bypass the generation of telemetry alerts by removing NT AUTHORITY\SYSTEM permissions from a file. | 3.3 |
| 2019-11-26 | CVE-2019-18458 | Improper Preservation of Permissions vulnerability in Gitlab An issue was discovered in GitLab Community and Enterprise Edition through 12.4. | 2.7 |
| 2019-11-26 | CVE-2019-18457 | Improper Preservation of Permissions vulnerability in Gitlab An issue was discovered in GitLab Community and Enterprise Edition 11.8 through 12.4 when handling Security tokens.. | 8.8 |