Vulnerabilities > Improper Preservation of Permissions
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-12-22 | CVE-2022-38473 | Improper Preservation of Permissions vulnerability in Mozilla Thunderbird A cross-origin iframe referencing an XSLT document would inherit the parent domain's permissions (such as microphone or camera access). | 8.8 |
| 2022-12-19 | CVE-2022-47547 | Improper Preservation of Permissions vulnerability in Protocol Gossipsub 1.1 GossipSub 1.1, as used for Ethereum 2.0, allows a peer to maintain a positive score (and thus not be pruned from the network) even though it continuously misbehaves by never forwarding topic messages. | 5.3 |
| 2022-12-16 | CVE-2022-4326 | Improper Preservation of Permissions vulnerability in Trellix Endpoint Security Improper preservation of permissions vulnerability in Trellix Endpoint Agent (xAgent) prior to V35.31.22 on Windows allows a local user with administrator privileges to bypass the product protection to uninstall the agent via incorrectly applied permissions in the removal protection functionality. | 6.0 |
| 2022-12-16 | CVE-2022-41963 | BigBlueButton is an open source web conferencing system. | 3.1 |
| 2022-11-19 | CVE-2022-31608 | Improper Preservation of Permissions vulnerability in Nvidia GPU Display Driver NVIDIA GPU Display Driver for Linux contains a vulnerability in an optional D-Bus configuration file, where a local user with basic capabilities can impact protected D-Bus endpoints, which may lead to code execution, denial of service, escalation of privileges, information disclosure, and data tampering. | 7.8 |
| 2022-11-02 | CVE-2021-45446 | Improper Preservation of Permissions vulnerability in Hitachi Vantara Pentaho 8.3.0.0/8.3.0.25/8.3.0.9 A vulnerability in Hitachi Vantara Pentaho Business Analytics Server versions before 9.2.0.2 and 8.3.0.25 does not cascade the hidden property to the children of the Home folder. This directory listing provides an attacker with the complete index of all the resources located inside the directory. | 7.5 |
| 2022-10-30 | CVE-2022-44020 | Improper Preservation of Permissions vulnerability in multiple products An issue was discovered in OpenStack Sushy-Tools through 0.21.0 and VirtualBMC through 2.2.2. | 5.5 |
| 2022-10-20 | CVE-2020-12744 | Improper Preservation of Permissions vulnerability in Verint Desktop and Process Analytics 15.2 The MSI installer in Verint Desktop Resources 15.2 allows an unprivileged local user to elevate their privileges during install or repair. | 7.8 |
| 2022-10-19 | CVE-2022-41708 | Improper Preservation of Permissions vulnerability in Relatedcode Messenger Relatedcode's Messenger version 7bcd20b allows an authenticated external attacker to access existing chats in the workspaces of any user of the application. | 4.3 |
| 2022-10-17 | CVE-2019-14841 | Improper Preservation of Permissions vulnerability in Redhat Decision Manager and Process Automation A flaw was found in the RHDM, where an authenticated attacker can change their assigned role in the response header. | 8.8 |