Vulnerabilities > Improper Preservation of Permissions
| Improper Preservation of Permissions vulnerability in Huawei Emui and Harmonyos
The bundle management module lacks permission verification in some APIs.
| Improper Preservation of Permissions vulnerability in Carel Pcoweb Card Bios, Pcoweb Card Boot and Pcoweb Card web
An issue was discovered in Rehau devices that use a pCOWeb card BIOS v6.27, BOOT v5.00, web version v2.2, allows attackers to gain full unauthenticated access to the configuration and service interface.
| A cross-origin iframe referencing an XSLT document would inherit the parent domain's permissions (such as microphone or camera access).
| Improper Preservation of Permissions vulnerability in Protocol Gossipsub 1.1
GossipSub 1.1, as used for Ethereum 2.0, allows a peer to maintain a positive score (and thus not be pruned from the network) even though it continuously misbehaves by never forwarding topic messages.
| Improper Preservation of Permissions vulnerability in Trellix Endpoint Security
Improper preservation of permissions vulnerability in Trellix Endpoint Agent (xAgent) prior to V35.31.22 on Windows allows a local user with administrator privileges to bypass the product protection to uninstall the agent via incorrectly applied permissions in the removal protection functionality.
| BigBlueButton is an open source web conferencing system.
| Improper Preservation of Permissions vulnerability in Nvidia GPU Display Driver
NVIDIA GPU Display Driver for Linux contains a vulnerability in an optional D-Bus configuration file, where a local user with basic capabilities can impact protected D-Bus endpoints, which may lead to code execution, denial of service, escalation of privileges, information disclosure, and data tampering.
| Improper Preservation of Permissions vulnerability in Hitachi Vantara Pentaho 126.96.36.199/188.8.131.52/184.108.40.206
A vulnerability in Hitachi Vantara Pentaho Business Analytics Server versions before 220.127.116.11 and 18.104.22.168 does not cascade the hidden property to the children of the Home folder. This directory listing provides an attacker with the complete index of all the resources located inside the directory.
| Improper Preservation of Permissions vulnerability in multiple products
An issue was discovered in OpenStack Sushy-Tools through 0.21.0 and VirtualBMC through 2.2.2.
| Improper Preservation of Permissions vulnerability in Verint Desktop and Process Analytics 15.2
The MSI installer in Verint Desktop Resources 15.2 allows an unprivileged local user to elevate their privileges during install or repair.