Vulnerabilities > Improper Preservation of Permissions
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-09-12 | CVE-2022-47637 | Improper Preservation of Permissions vulnerability in Apachefriends Xampp The installer in XAMPP through 8.1.12 allows local users to write to the C:\xampp directory. | 6.7 |
| 2023-09-06 | CVE-2023-41939 | Improper Preservation of Permissions vulnerability in Jenkins Ssh2 Easy 1.4 Jenkins SSH2 Easy Plugin 1.4 and earlier does not verify that permissions configured to be granted are enabled, potentially allowing users formerly granted (typically optional permissions, like Overall/Manage) to access functionality they're no longer entitled to. | 8.8 |
| 2023-08-02 | CVE-2023-31926 | Improper Preservation of Permissions vulnerability in Broadcom Brocade Fabric Operating System System files could be overwritten using the less command in Brocade Fabric OS before Brocade Fabric OS v9.1.1c and v9.2.0. | 7.1 |
| 2023-07-24 | CVE-2023-1386 | Improper Preservation of Permissions vulnerability in multiple products A flaw was found in the 9p passthrough filesystem (9pfs) implementation in QEMU. | 7.8 |
| 2023-07-19 | CVE-2022-43910 | Improper Preservation of Permissions vulnerability in IBM Security Guardium 11.3 IBM Security Guardium 11.3 could allow a local user to escalate their privileges due to improper permission controls. | 7.8 |
| 2023-07-13 | CVE-2023-21249 | Improper Preservation of Permissions vulnerability in Google Android 13.0 In multiple functions of OneTimePermissionUserManager.java, there is a possible one-time permission retention due to a permissions bypass. | 5.5 |
| 2023-06-29 | CVE-2023-35938 | Improper Preservation of Permissions vulnerability in Enalean Tuleap Tuleap is a Free & Open Source Suite to improve management of software developments and collaboration. | 7.2 |
| 2023-06-27 | CVE-2023-2818 | Improper Preservation of Permissions vulnerability in Proofpoint Insider Threat Management An insecure filesystem permission in the Insider Threat Management Agent for Windows enables local unprivileged users to disrupt agent monitoring. | 5.5 |
| 2023-06-26 | CVE-2023-2993 | Improper Preservation of Permissions vulnerability in Lenovo products A valid, authenticated user with limited privileges may be able to use specifically crafted web management server API calls to execute a limited number of commands on SMM v1, SMM v2, and FPC that the user does not normally have sufficient privileges to execute. | 6.3 |
| 2023-06-02 | CVE-2023-28161 | Improper Preservation of Permissions vulnerability in Mozilla Firefox If temporary "one-time" permissions, such as the ability to use the Camera, were granted to a document loaded using a file: URL, that permission persisted in that tab for all other documents loaded from a file: URL. | 8.8 |