CWE-281

Improper Preservation of Permissions

Parent: CWE-732 - Incorrect Permission Assignment for Critical Resource

The product does not preserve permissions or incorrectly preserves permissions when copying, restoring, or sharing objects, which can cause them to have less restrictive permissions than intended.

329 vulnerabilities with CWE-281
CVE-2018-5163 HIGH
Firefox < 60 - Privilege Escalation
CVSS 8.1
CVE-2018-4115 CRITICAL
Apple <11.3, <10.13.4, <4.3 - Auth Bypass
CVSS 9.8
CVE-2017-8593 HIGH
Microsoft Win32k - Privilege Escalation
CVSS 7.0
CVE-2017-8590 HIGH
Microsoft Windows - Elevation of Privilege via CLFS Driver Memory Handling
CVSS 8.8
CVE-2017-8589 CRITICAL
Microsoft Windows - Remote Code Execution via Windows Search Memory Handling
CVSS 9.8
CVE-2017-8581 HIGH
Microsoft Windows - Privilege Escalation
CVSS 7.0
CVE-2017-8580 HIGH
Microsoft Windows - Privilege Escalation
CVSS 7.0
CVE-2017-8578 HIGH
Microsoft Windows - Privilege Escalation
CVSS 7.8
CVE-2017-8577 HIGH
Microsoft Windows - Privilege Escalation
CVSS 7.0
CVE-2017-8574 HIGH
Microsoft Windows 10 <1704 - Privilege Escalation
CVSS 7.0
CVE-2017-8573 HIGH
Microsoft Graphics - Privilege Escalation
CVSS 7.0
CVE-2017-8563 HIGH
Microsoft Windows < - Privilege Escalation
CVSS 8.1
CVE-2017-8562 HIGH
Microsoft Windows - Elevation of Privilege via ALPC Call Handling
CVSS 7.0
CVE-2017-8561 HIGH
Microsoft Windows - Privilege Escalation
CVSS 7.0
CVE-2017-8556 HIGH
Microsoft Graphics - Privilege Escalation
CVSS 7.0
CVE-2017-8467 HIGH
Microsoft Windows - Privilege Escalation
CVSS 7.0
CVE-2017-8579 HIGH
Windows 10 and Windows Server 2016 - Authenticated Elevation of Privilege via DirectX
CVSS 7.0
CVE-2017-8552 HIGH
Microsoft Windows - Privilege Escalation
CVSS 7.8
CVE-2017-8543 CRITICAL KEV
Microsoft Windows - Remote Code Execution via Windows Search Memory Handling
CVSS 9.8
CVE-2017-8494 HIGH
Microsoft Windows <10 Gold-1703 - Privilege Escalation
CVSS 7.3
CVE-2017-8468 HIGH
Windows 8.1/10, Server 2012 R2/2016 - Elevation of Privilege via Win32k
CVSS 7.8
CVE-2017-8466 HIGH
Windows Cursor - Privilege Escalation via Improper Permission Preservation
CVSS 7.8
CVE-2017-8465 HIGH
Microsoft Windows - Privilege Escalation
CVSS 7.8
CVE-2017-5033 MEDIUM
Google Chrome <57.0.2987.98-57.0.2987.108 - XSS
CVSS 4.3
CVE-2013-6335
IBM Tivoli Storage Manager - Info Disclosure
Details
Vulnerabilities 329
Links
MITRE CWE Entry Search this CWE With Exploits