Vulnerabilities > Improper Preservation of Permissions
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-01-18 | CVE-2024-22402 | Improper Preservation of Permissions vulnerability in Nextcloud Guests 2.5.0/3.0.0 Nextcloud guests app is a utility to create guest users which can only see files shared with them. | 5.4 |
| 2024-01-18 | CVE-2024-22404 | Improper Preservation of Permissions vulnerability in Nextcloud Zipper Nextcloud files Zip app is a tool to create zip archives from one or multiple files from within Nextcloud. | 4.3 |
| 2023-12-11 | CVE-2023-6186 | Improper Preservation of Permissions vulnerability in multiple products Insufficient macro permission validation of The Document Foundation LibreOffice allows an attacker to execute built-in macros without warning. In affected versions LibreOffice supports hyperlinks with macro or similar built-in command targets that can be executed when activated without warning the user. | 8.8 |
| 2023-11-30 | CVE-2023-47463 | Improper Preservation of Permissions vulnerability in Gl-Inet Gl-Ax1800 Firmware 4.0.0/4.3.7/4.4.6 Insecure Permissions vulnerability in GL.iNet AX1800 version 4.0.0 before 4.5.0 allows a remote attacker to execute arbitrary code via a crafted script to the gl_nas_sys authentication function. | 9.8 |
| 2023-11-28 | CVE-2023-6239 | Improper Preservation of Permissions vulnerability in M-Files Server 23.10/23.9 Under rare conditions, the effective permissions of an object might be incorrectly calculated if the object has a specific configuration of metadata-driven permissions in M-Files Server versions 23.9, 23.10, and 23.11 before 23.11.13168.7, potentially enabling unauthorized access to the object. | 8.8 |
| 2023-11-20 | CVE-2023-43612 | Improper Preservation of Permissions vulnerability in Openatom Openharmony in OpenHarmony v3.2.2 and prior versions allow a local attacker arbitrary file read and write through improper preservation of permissions. | 7.8 |
| 2023-11-06 | CVE-2023-4996 | Improper Preservation of Permissions vulnerability in Netskope Netskope was made aware of a security vulnerability in its NSClient product for version 100 & prior where a malicious non-admin user can disable the Netskope client by using a specially-crafted package. | 8.8 |
| 2023-10-17 | CVE-2023-39902 | Improper Preservation of Permissions vulnerability in NXP Uboot Secondary Program Loader A software vulnerability has been identified in the U-Boot Secondary Program Loader (SPL) before 2023.07 on select NXP i.MX 8M family processors. | 7.8 |
| 2023-10-16 | CVE-2023-45807 | Improper Preservation of Permissions vulnerability in Amazon Opensearch OpenSearch is a community-driven, open source fork of Elasticsearch and Kibana following the license change in early 2021. | 5.4 |
| 2023-10-04 | CVE-2023-30735 | Improper Preservation of Permissions vulnerability in Samsung Sassistant Improper Preservation of Permissions vulnerability in SAssistant prior to version 8.7 allows local attackers to access backup data in SAssistant. | 3.3 |