Vulnerabilities > Improper Preservation of Permissions
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-08-27 | CVE-2022-2787 | Improper Preservation of Permissions vulnerability in Debian Linux and Schroot Schroot before 1.6.13 had too permissive rules on chroot or session names, allowing a denial of service on the schroot service for all users that may start a schroot session. | 4.3 |
| 2022-08-26 | CVE-2021-3414 | Improper Preservation of Permissions vulnerability in Redhat Satellite 6.7 A flaw was found in satellite. | 8.1 |
| 2022-08-22 | CVE-2022-31237 | Improper Preservation of Permissions vulnerability in Dell EMC Powerscale Onefs Dell PowerScale OneFS, versions 9.2.0 up to and including 9.2.1.12 and 9.3.0.5 contain an improper preservation of permissions vulnerability in SyncIQ. | 3.3 |
| 2022-08-17 | CVE-2022-31262 | Improper Preservation of Permissions vulnerability in GOG Galaxy 2.0.46/2.0.51 An exploitable local privilege escalation vulnerability exists in GOG Galaxy 2.0.46. | 7.8 |
| 2022-06-30 | CVE-2022-22472 | Improper Preservation of Permissions vulnerability in IBM Spectrum Protect Plus Container Backup and Restore 10.1.10.2/10.1.5/10.1.7 IBM Spectrum Protect Plus Container Backup and Restore (10.1.5 through 10.1.10.2 for Kubernetes and 10.1.7 through 10.1.10.2 for Red Hat OpenShift) could allow a remote attacker to bypass IBM Spectrum Protect Plus role based access control restrictions, caused by improper disclosure of session information. | 8.8 |
| 2022-06-29 | CVE-2022-32969 | Improper Preservation of Permissions vulnerability in Metamask MetaMask before 10.11.3 might allow an attacker to access a user's secret recovery phrase because an input field is used for a BIP39 mnemonic, and Firefox and Chromium save such fields to disk in order to support the Restore Session feature, aka the Demonic issue. | 5.9 |
| 2022-06-27 | CVE-2022-31096 | Improper Preservation of Permissions vulnerability in Discourse Discourse is an open source discussion platform. | 5.7 |
| 2022-06-14 | CVE-2021-35079 | Improper Preservation of Permissions vulnerability in Qualcomm products Improper validation of permissions for third party application accessing Telephony service API can lead to information disclosure in Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile | 5.5 |
| 2022-06-13 | CVE-2022-31755 | Improper Preservation of Permissions vulnerability in Huawei Emui, Harmonyos and Magic UI The communication module has a vulnerability of improper permission preservation. | 5.5 |
| 2022-06-02 | CVE-2022-29594 | Improper Preservation of Permissions vulnerability in Eginnovations products eG Agent before 7.2 has weak file permissions that enable escalation of privileges to SYSTEM. | 7.8 |