Vulnerabilities > Improper Preservation of Permissions
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-10-17 | CVE-2019-14841 | Improper Preservation of Permissions vulnerability in Redhat Decision Manager and Process Automation A flaw was found in the RHDM, where an authenticated attacker can change their assigned role in the response header. | 8.8 |
| 2022-09-22 | CVE-2022-36062 | Improper Preservation of Permissions vulnerability in Grafana Grafana is an open-source platform for monitoring and observability. | 3.8 |
| 2022-09-19 | CVE-2022-38577 | Improper Preservation of Permissions vulnerability in Processmaker 3.0.1.7/3.4.11 ProcessMaker before v3.5.4 was discovered to contain insecure permissions in the user profile page. | 8.8 |
| 2022-09-12 | CVE-2022-36102 | Improper Preservation of Permissions vulnerability in Shopware Shopware is an open source e-commerce software. | 7.2 |
| 2022-08-27 | CVE-2022-2787 | Improper Preservation of Permissions vulnerability in Debian Linux and Schroot Schroot before 1.6.13 had too permissive rules on chroot or session names, allowing a denial of service on the schroot service for all users that may start a schroot session. | 4.3 |
| 2022-08-26 | CVE-2021-3414 | Improper Preservation of Permissions vulnerability in Redhat Satellite 6.7 A flaw was found in satellite. | 8.1 |
| 2022-08-22 | CVE-2022-31237 | Improper Preservation of Permissions vulnerability in Dell EMC Powerscale Onefs Dell PowerScale OneFS, versions 9.2.0 up to and including 9.2.1.12 and 9.3.0.5 contain an improper preservation of permissions vulnerability in SyncIQ. | 3.3 |
| 2022-08-17 | CVE-2022-31262 | Improper Preservation of Permissions vulnerability in GOG Galaxy 2.0.46/2.0.51 An exploitable local privilege escalation vulnerability exists in GOG Galaxy 2.0.46. | 7.8 |
| 2022-06-30 | CVE-2022-22472 | Improper Preservation of Permissions vulnerability in IBM Spectrum Protect Plus Container Backup and Restore 10.1.10.2/10.1.5/10.1.7 IBM Spectrum Protect Plus Container Backup and Restore (10.1.5 through 10.1.10.2 for Kubernetes and 10.1.7 through 10.1.10.2 for Red Hat OpenShift) could allow a remote attacker to bypass IBM Spectrum Protect Plus role based access control restrictions, caused by improper disclosure of session information. | 8.8 |
| 2022-06-29 | CVE-2022-32969 | Improper Preservation of Permissions vulnerability in Metamask MetaMask before 10.11.3 might allow an attacker to access a user's secret recovery phrase because an input field is used for a BIP39 mnemonic, and Firefox and Chromium save such fields to disk in order to support the Restore Session feature, aka the Demonic issue. | 5.9 |