Vulnerabilities > Improper Preservation of Permissions
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-06-26 | CVE-2023-2993 | Improper Preservation of Permissions vulnerability in Lenovo products A valid, authenticated user with limited privileges may be able to use specifically crafted web management server API calls to execute a limited number of commands on SMM v1, SMM v2, and FPC that the user does not normally have sufficient privileges to execute. | 6.3 |
| 2023-06-02 | CVE-2023-28161 | Improper Preservation of Permissions vulnerability in Mozilla Firefox If temporary "one-time" permissions, such as the ability to use the Camera, were granted to a document loaded using a file: URL, that permission persisted in that tab for all other documents loaded from a file: URL. | 8.8 |
| 2023-05-22 | CVE-2023-31923 | Improper Preservation of Permissions vulnerability in Supremainc Biostar 2 Suprema BioStar 2 before 2022 Q4, v2.9.1 has Insecure Permissions. | 8.8 |
| 2023-04-26 | CVE-2020-36070 | Improper Preservation of Permissions vulnerability in Thecontrolgroup Voyager Insecure Permission vulnerability found in Yoyager v.1.4 and before allows a remote attacker to execute arbitrary code via a crafted .php file to the media component. | 9.8 |
| 2023-04-16 | CVE-2021-33990 | Improper Preservation of Permissions vulnerability in Liferay Portal 6.2.5 Liferay Portal 6.2.5 allows Command=FileUpload&Type=File&CurrentFolder=/ requests when frmfolders.html exists. | 9.8 |
| 2023-04-03 | CVE-2023-0975 | Improper Preservation of Permissions vulnerability in Trellix Agent 5.7.7/5.7.8 A vulnerability exists in Trellix Agent for Windows version 5.7.8 and earlier, that allows local users, during install/upgrade workflow, to replace one of the Agent’s executables before it can be executed. | 7.8 |
| 2023-03-29 | CVE-2023-25809 | Improper Preservation of Permissions vulnerability in Linuxfoundation Runc runc is a CLI tool for spawning and running containers according to the OCI specification. | 6.3 |
| 2023-03-01 | CVE-2023-22738 | Improper Preservation of Permissions vulnerability in Vantage6 vantage6 is a privacy preserving federated learning infrastructure for secure insight exchange. | 6.5 |
| 2023-02-09 | CVE-2022-48295 | Improper Preservation of Permissions vulnerability in Huawei Emui and Harmonyos The IHwAntiMalPlugin interface lacks permission verification. | 7.5 |
| 2023-02-09 | CVE-2022-48296 | Improper Preservation of Permissions vulnerability in Huawei Emui and Harmonyos The SystemUI has a vulnerability in permission management. | 5.3 |