Vulnerabilities > Improper Preservation of Permissions

DATE CVE VULNERABILITY TITLE RISK
2023-10-16 CVE-2023-45807 Improper Preservation of Permissions vulnerability in Amazon Opensearch
OpenSearch is a community-driven, open source fork of Elasticsearch and Kibana following the license change in early 2021.
network
low complexity
amazon CWE-281
5.4
2023-10-04 CVE-2023-30735 Improper Preservation of Permissions vulnerability in Samsung Sassistant
Improper Preservation of Permissions vulnerability in SAssistant prior to version 8.7 allows local attackers to access backup data in SAssistant.
local
low complexity
samsung CWE-281
3.3
2023-09-12 CVE-2022-47637 Improper Preservation of Permissions vulnerability in Apachefriends Xampp
The installer in XAMPP through 8.1.12 allows local users to write to the C:\xampp directory.
local
low complexity
apachefriends CWE-281
6.7
2023-09-06 CVE-2023-41939 Improper Preservation of Permissions vulnerability in Jenkins Ssh2 Easy
Jenkins SSH2 Easy Plugin 1.4 and earlier does not verify that permissions configured to be granted are enabled, potentially allowing users formerly granted (typically optional permissions, like Overall/Manage) to access functionality they're no longer entitled to.
network
low complexity
jenkins CWE-281
8.8
2023-08-02 CVE-2023-31926 Improper Preservation of Permissions vulnerability in Broadcom Brocade Fabric Operating System
System files could be overwritten using the less command in Brocade Fabric OS before Brocade Fabric OS v9.1.1c and v9.2.0.
local
low complexity
broadcom CWE-281
7.1
2023-07-24 CVE-2023-1386 Improper Preservation of Permissions vulnerability in multiple products
A flaw was found in the 9p passthrough filesystem (9pfs) implementation in QEMU.
local
low complexity
qemu fedoraproject CWE-281
7.8
2023-07-19 CVE-2022-43910 Improper Preservation of Permissions vulnerability in IBM Security Guardium 11.3
IBM Security Guardium 11.3 could allow a local user to escalate their privileges due to improper permission controls.
local
low complexity
ibm CWE-281
7.8
2023-07-13 CVE-2023-21249 Improper Preservation of Permissions vulnerability in Google Android 13.0
In multiple functions of OneTimePermissionUserManager.java, there is a possible one-time permission retention due to a permissions bypass.
local
low complexity
google CWE-281
5.5
2023-06-29 CVE-2023-35938 Improper Preservation of Permissions vulnerability in Enalean Tuleap
Tuleap is a Free & Open Source Suite to improve management of software developments and collaboration.
network
low complexity
enalean CWE-281
7.2
2023-06-27 CVE-2023-2818 Improper Preservation of Permissions vulnerability in Proofpoint Insider Threat Management
An insecure filesystem permission in the Insider Threat Management Agent for Windows enables local unprivileged users to disrupt agent monitoring.
local
low complexity
proofpoint CWE-281
5.5