Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-281

CWE-281

Improper Preservation of Permissions

Parent: CWE-732 - Incorrect Permission Assignment for Critical Resource

The product does not preserve permissions or incorrectly preserves permissions when copying, restoring, or sharing objects, which can cause them to have less restrictive permissions than intended.

329 vulnerabilities with CWE-281

CVE-2024-23464 HIGH

Zscaler Client Connector <4.2.1 - Privilege Escalation

CVE-2024-33892 HIGH

Cosy+ <21.2s10, <22.1s3 - Info Disclosure

CVE-2024-40828 HIGH

macOS 12.0-12.7.5 13.0-13.6.7 14.0-14.5 - Privilege Escalation to Root

CVE-2024-40824 MEDIUM

iPadOS < 17.6 - Privacy Preference Bypass via Improper Permission Preservation

CVE-2024-40821 HIGH

macOS 12.0-12.7.5, <13.6.8, <14.6 - Unprotected User Data Exposure via Third-Party App Extension Sandbox Bypass

CVE-2024-40811 MEDIUM

macOS Sonoma <14.6 - Info Disclosure

CVE-2024-40805 HIGH

watchOS 10.6-macOS Sonoma 14.6-iOS 17.6-iPadOS 17.6-tvOS 17.6 - Pri...

CVE-2024-40800 MEDIUM

macOS 12.0-12.7.5, 13.0-13.6.7, 14.0-14.5 - Unprotected User Data Exposure via Input Validation Issue

CVE-2024-27888 MEDIUM

macOS Sonoma <14.4 - Info Disclosure

CVE-2024-39902 MEDIUM

Tuleap <15.10.99.128-15.9-8 - Info Disclosure

CVE-2024-29080 MEDIUM

HP Display Control - Privilege Escalation

CVE-2024-2819 MEDIUM

Hitachi Ops Center Common Services <11.0.2-00 - Privilege Escalation

CVE-2024-36532 CRITICAL

kruise <1.6.2 - Privilege Escalation

CVE-2024-38361 LOW

Spicedb < 1.33.1 - Incorrect Permission Resolution via Exclusion Dispatcher

CVE-2024-37882 HIGH

Nextcloud Server 23.0.0-23.0.12.16 and 26.0.0-26.0.12 - Improper Access Control via Share Permission Escalation

CVE-2024-3291 HIGH

Nessus Agent <10.6.4 - Privilege Escalation

CVE-2024-3289 HIGH

Nessus <10.7.3 - Privilege Escalation

CVE-2024-32020 LOW

Git <2.45.1-2.39.4 - Info Disclosure

CVE-2024-4768 MEDIUM

Firefox <126, Firefox ESR <115.11, Thunderbird <115.11 - Privilege ...

CVE-2024-33921 MEDIUM

ReviewX < 1.6.21 - Broken Access Control

CVE-2024-32882 LOW

Wagtail 6.0.0-6.0.3 - Permission Bypass via FieldPanel Permission Argument

CVE-2024-22405 MEDIUM

XADMaster <1.10.8 - Info Disclosure

CVE-2024-1726 MEDIUM

Quarkus RESTEasy Reactive 3.8.0.CR1-3.8.0 - Denial of Service via JAX-RS Endpoint Serialization

CVE-2024-23560 MEDIUM

HCL DevOps Deploy/HCL Launch - Privilege Escalation

CVE-2024-3545 MEDIUM

Drevolutions Remote Desktop Manager <2024.1.20 - Info Disclosure

Previous Page 5 of 14 Next

Details

Vulnerabilities 329

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy