Vulnerabilities > Improper Preservation of Permissions
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2020-01-21 | CVE-2019-20384 | Improper Preservation of Permissions vulnerability in Gentoo Portage Gentoo Portage through 2.3.84 allows local users to place a Trojan horse plugin in the /usr/lib64/nagios/plugins directory by leveraging access to the nagios user account, because this directory is writable in between a call to emake and a call to fowners. | 2.1 |
2019-12-10 | CVE-2019-13727 | Improper Preservation of Permissions vulnerability in multiple products Insufficient policy enforcement in WebSockets in Google Chrome prior to 79.0.3945.79 allowed a remote attacker to bypass same origin policy via a crafted HTML page. | 8.8 |
2019-12-06 | CVE-2019-19620 | Improper Preservation of Permissions vulnerability in Dell RED Cloak Windows Agent In SecureWorks Red Cloak Windows Agent before 2.0.7.9, a local user can bypass the generation of telemetry alerts by removing NT AUTHORITY\SYSTEM permissions from a file. | 3.3 |
2019-11-26 | CVE-2019-18458 | Improper Preservation of Permissions vulnerability in Gitlab An issue was discovered in GitLab Community and Enterprise Edition through 12.4. | 4.0 |
2019-11-26 | CVE-2019-18457 | Improper Preservation of Permissions vulnerability in Gitlab An issue was discovered in GitLab Community and Enterprise Edition 11.8 through 12.4 when handling Security tokens.. | 6.5 |
2019-11-25 | CVE-2019-13682 | Improper Preservation of Permissions vulnerability in Google Chrome Insufficient policy enforcement in external protocol handling in Google Chrome prior to 77.0.3865.75 allowed a remote attacker to bypass same origin policy via a crafted HTML page. | 8.8 |
2019-11-25 | CVE-2019-13668 | Improper Preservation of Permissions vulnerability in Google Chrome Insufficient policy enforcement in developer tools in Google Chrome prior to 77.0.3865.75 allowed a remote attacker to leak cross-origin data via a crafted HTML page. | 7.4 |
2019-11-21 | CVE-2019-16539 | Improper Preservation of Permissions vulnerability in Jenkins Support Core A missing permission check in Jenkins Support Core Plugin 2.63 and earlier allows attackers with Overall/Read permission to delete support bundles. | 6.5 |
2019-10-14 | CVE-2019-14226 | Improper Preservation of Permissions vulnerability in Open-Xchange Appsuite OX App Suite through 7.10.2 has Insecure Permissions. | 5.5 |
2019-10-09 | CVE-2019-0073 | Improper Preservation of Permissions vulnerability in Juniper Junos The PKI keys exported using the command "run request security pki key-pair export" on Junos OS may have insecure file permissions. | 2.1 |