Vulnerabilities > Improper Preservation of Permissions
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-02-04 | CVE-2020-8117 | Improper Preservation of Permissions vulnerability in Nextcloud Server Improper preservation of permissions in Nextcloud Server 14.0.3 causes the event details to be leaked when sharing a non-public event. | 4.3 |
| 2020-02-04 | CVE-2019-15621 | Improper Preservation of Permissions vulnerability in Nextcloud Server Improper permissions preservation in Nextcloud Server 16.0.1 causes sharees to be able to reshare with write permissions when sharing the mount point of a share they received, as a public link. | 6.5 |
| 2019-12-10 | CVE-2019-13727 | Improper Preservation of Permissions vulnerability in multiple products Insufficient policy enforcement in WebSockets in Google Chrome prior to 79.0.3945.79 allowed a remote attacker to bypass same origin policy via a crafted HTML page. | 8.8 |
| 2019-12-06 | CVE-2019-19620 | Improper Preservation of Permissions vulnerability in Dell RED Cloak Windows Agent In SecureWorks Red Cloak Windows Agent before 2.0.7.9, a local user can bypass the generation of telemetry alerts by removing NT AUTHORITY\SYSTEM permissions from a file. | 3.3 |
| 2019-11-26 | CVE-2019-18458 | Improper Preservation of Permissions vulnerability in Gitlab An issue was discovered in GitLab Community and Enterprise Edition through 12.4. | 2.7 |
| 2019-11-26 | CVE-2019-18457 | Improper Preservation of Permissions vulnerability in Gitlab An issue was discovered in GitLab Community and Enterprise Edition 11.8 through 12.4 when handling Security tokens.. | 8.8 |
| 2019-11-25 | CVE-2019-13682 | Improper Preservation of Permissions vulnerability in Google Chrome Insufficient policy enforcement in external protocol handling in Google Chrome prior to 77.0.3865.75 allowed a remote attacker to bypass same origin policy via a crafted HTML page. | 8.8 |
| 2019-11-25 | CVE-2019-13668 | Improper Preservation of Permissions vulnerability in Google Chrome Insufficient policy enforcement in developer tools in Google Chrome prior to 77.0.3865.75 allowed a remote attacker to leak cross-origin data via a crafted HTML page. | 7.4 |
| 2019-11-21 | CVE-2019-16539 | Improper Preservation of Permissions vulnerability in Jenkins Support Core A missing permission check in Jenkins Support Core Plugin 2.63 and earlier allows attackers with Overall/Read permission to delete support bundles. | 6.5 |
| 2019-10-14 | CVE-2019-14226 | Improper Preservation of Permissions vulnerability in Open-Xchange Appsuite OX App Suite through 7.10.2 has Insecure Permissions. | 8.1 |