Lucene search
K

21 matches found

EUVD
EUVD
added 2026/05/27 8:29 a.m.10 views

EUVD-2024-55596

Improper preservation of permissions vulnerability in Archiving Push functionality in Synology Surveillance Station before 9.2.2-11575 and 9.2.2-9575 allows remote authenticated users with administrator privileges to limited file write via unspecified vectors...

2.7CVSS5.8AI score0.00249EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/05/19 3:8 a.m.47 views

CVE-2026-25850 filemanagement_storage_service has an improper preservation of permissions vulnerability

in OpenHarmony v6.0 and prior versions allow a local attacker cause information leak...

5.5CVSS0.00118EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/07 12:30 a.m.7 views

EUVD-2021-19319

Malware in sbrugna...

8.8CVSS8AI score0.04341EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2025/09/04 12:0 a.m.2 views

Linux Distros Unpatched Vulnerability : CVE-2022-36062

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Grafana is an open-source platform for monitoring and observability. In versions prior to 8.5.13, 9.0.9, and 9.1.6, Grafana is subject to Improper Preservation ...

7.6CVSS6.7AI score0.00612EPSS
Exploits0References2
Cvelist
Cvelist
added 2025/04/10 6:28 p.m.18 views

CVE-2025-32696 "reupload-own" restriction can be bypassed by reverting file

Improper Preservation of Permissions vulnerability in Wikimedia Foundation MediaWiki. This vulnerability is associated with program files includes/actions/RevertAction.Php, includes/api/ApiFileRevert.Php. This issue affects MediaWiki: before 1.39.12, 1.42.6, 1.43.1...

0.00298EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/01/29 10:0 a.m.16 views

CVE-2021-3978 Improper Preservation of Permissions in github.com/cloudflare/cfrpki/cmd/octorpki

When copying files with rsync, octorpki uses the "-a" flag 0, which forces rsync to copy binaries with the suid bit set as root. Since the provided service definition defaults to root https://github.com/cloudflare/cfrpki/blob/master/package/octorpki.service this could allow for a vector, when...

7.5CVSS0.00142EPSS
Exploits0References1
OSV
OSV
added 2024/03/04 7:15 a.m.5 views

CVE-2024-21816

in OpenHarmony v4.0.0 and prior versions allow a local attacker cause information leak through improper preservation of permissions...

5.5CVSS5.8AI score0.00143EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2024/03/04 12:0 a.m.6 views

PT-2024-19071 · Unknown · Openharmony

Name of the Vulnerable Software and Affected Versions: OpenHarmony versions prior to 4.0.0 OpenHarmony version 4.0.0 Description: The issue allows a local attacker to cause an information leak through improper preservation of permissions. Recommendations: For OpenHarmony versions prior to 4.0.0,...

5.5CVSS6.7AI score0.00143EPSS
Exploits0References6
OSV
OSV
added 2023/11/20 12:15 p.m.7 views

CVE-2023-43612

in OpenHarmony v3.2.2 and prior versions allow a local attacker arbitrary file read and write through improper preservation of permissions...

7.8CVSS5.9AI score0.00191EPSS
Exploits0References1
Prion
Prion
added 2022/12/16 4:15 p.m.16 views

Design/Logic Flaw

Improper preservation of permissions vulnerability in Trellix Endpoint Agent xAgent prior to V35.31.22 on Windows allows a local user with administrator privileges to bypass the product protection to uninstall the agent via incorrectly applied permissions in the removal protection functionality...

2.9CVSS5.9AI score0.00224EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2022/08/22 4:50 p.m.23 views

CVE-2022-31237

Dell PowerScale OneFS, versions 9.2.0 up to and including 9.2.1.12 and 9.3.0.5 contain an improper preservation of permissions vulnerability in SyncIQ. A low privileged local attacker may potentially exploit this vulnerability, leading to limited information disclosure...

3.3CVSS3.9AI score0.00232EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2022/06/13 3:15 p.m.2 views

CVE-2022-31755

The communication module has a vulnerability of improper permission preservation. Successful exploitation of this vulnerability may affect system availability...

5.5CVSS5.3AI score0.00155EPSS
Exploits0References4Affected Software3
OSV
OSV
added 2022/06/13 3:15 p.m.4 views

CVE-2022-31755

The communication module has a vulnerability of improper permission preservation. Successful exploitation of this vulnerability may affect system availability...

5.5CVSS5.8AI score0.00155EPSS
Exploits0References3
Cvelist
Cvelist
added 2022/06/13 2:56 p.m.20 views

CVE-2022-31755

The communication module has a vulnerability of improper permission preservation. Successful exploitation of this vulnerability may affect system availability...

5.8AI score0.00155EPSS
Exploits0References3
CVE
CVE
added 2022/06/13 2:56 p.m.79 views

CVE-2022-31755

CVE-2022-31755 affects Huawei HarmonyOS in the communication module, where improper permission preservation enables conditions that may impact system availability. The connected sources consistently describe the issue as a permission retention flaw in the communication module, without specifying ...

5.5CVSS5.5AI score0.00155EPSS
Exploits0References3Affected Software3
Github Security Blog
Github Security Blog
added 2022/05/13 1:41 a.m.24 views

Tarball permission preservation in puppet

When installing a module using the system tar, the PMT will filter filesystem permissions to a sane value. This may just be based on the user's umask. When using minitar, files are unpacked with whatever permissions are in the tarball. This is potentially unsafe, as tarballs can be easily created...

5.5CVSS3AI score0.00363EPSS
Exploits0References9Affected Software1
Cvelist
Cvelist
added 2022/01/05 6:55 p.m.26 views

CVE-2021-43816 Improper Preservation of Permissions in containerd

containerd is an open source container runtime. On installations using SELinux, such as EL8 CentOS, RHEL, Fedora, or SUSE MicroOS, with containerd since v1.5.0-beta.0 as the backing container runtime interface CRI, an unprivileged pod scheduled to the node may bind mount, via hostPath volume, any...

8CVSS9.2AI score0.0169EPSS
Exploits1References6
OSV
OSV
added 2021/11/23 4:15 p.m.4 views

CVE-2021-37006

There is a Improper Preservation of Permissions vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability will cause the confidentiality of users is affected...

7.5CVSS5.8AI score0.00637EPSS
Exploits0References1
Prion
Prion
added 2021/08/04 7:15 p.m.22 views

Authentication flaw

An incorrect permission preservation vulnerability in Trend Micro Apex One, Apex One as a Service and OfficeScan XG SP1 could allow a remote user to perform an attack and bypass authentication on affected installations. Please note: an attacker must first obtain the ability to execute...

6.5CVSS8.9AI score0.04341EPSS
Exploits0References3Affected Software2
Zero Day Initiative
Zero Day Initiative
added 2021/07/30 12:0 a.m.59 views

Trend Micro Apex One Incorrect Permission Preservation Authentication Bypass Vulnerability

This vulnerability allows remote attackers to bypass authentication on affected installations of Trend Micro Apex One. Authentication as a low-privileged Windows domain user is required to exploit this vulnerability. The specific flaw exists within the product patching functionality. When applyin...

7.5CVSS3.1AI score0.04341EPSS
Exploits0References1
Rows per page
Query Builder