CWE-281

Improper Preservation of Permissions

Parent: CWE-732 - Incorrect Permission Assignment for Critical Resource

The product does not preserve permissions or incorrectly preserves permissions when copying, restoring, or sharing objects, which can cause them to have less restrictive permissions than intended.

329 vulnerabilities with CWE-281
CVE-2022-31096 MEDIUM
Discourse < 2.8.4 - Authenticated Permission Bypass via Invite Email Validation
CVSS 5.7
CVE-2022-31755 MEDIUM
Communication Module - Privilege Escalation
CVSS 5.5
CVE-2022-29594 HIGH
eG Agent <7.2 - Privilege Escalation
CVSS 7.8
CVE-2022-1227 HIGH
Podman < 4.0.0 - Privilege Escalation via Malicious Image in 'podman top' Command
CVSS 8.8
CVE-2022-24428 MEDIUM
Dell PowerScale OneFS - Privilege Escalation
CVSS 6.3
CVE-2022-0330 HIGH
Linux kernel's GPU i915 - Memory Corruption
CVSS 7.8
CVE-2022-22650 MEDIUM
macOS 10.15-10.15.6 and 11.6-11.6.4 - Unprotected User Data Exposure via Plugin Permission Inheritance
CVSS 5.5
CVE-2022-24618 HIGH
Heimdal Premium Security <2.5.395 - Privilege Escalation
CVSS 7.8
CVE-2022-21203 HIGH
Intel(R) Quartus(R) Prime <21.1 - Privilege Escalation
CVSS 7.8
CVE-2021-33990 CRITICAL
Liferay Portal 6.2.5 - OS Command Injection via File Upload Request
CVSS 9.8
CVE-2021-45446 MEDIUM
Hitachi Vantara Pentaho Business Analytics Server <9.2.0.2-8.3.0.25...
CVSS 5.0
CVE-2021-3414 HIGH
Red Hat Satellite - Improper Preservation of Permissions
CVSS 8.1
CVE-2021-35079 MEDIUM
Qualcomm APQ8053 and Multiple Snapdragon Firmware - Information Disclosure via Telephony Service API
CVSS 6.2
CVE-2021-3523 HIGH
3Scale APICast < 2.11.0 - Security Restriction Bypass via Connection Reuse
CVSS 7.5
CVE-2021-43708 MEDIUM
Titus Classification Suite <18.8.1910.140 - Info Disclosure
CVSS 5.5
CVE-2021-3847 HIGH
Linux Kernel OverlayFS - Privilege Escalation
CVSS 7.8
CVE-2021-39704 HIGH
Android - Local Privilege Escalation via NotificationManagerService Permissions Bypass
CVSS 7.8
CVE-2021-39695 HIGH
Android 11 - Local Privilege Escalation via BasePermission Logic Error
CVSS 7.8
CVE-2021-45008 HIGH
Plesk CMS 18.0.37 - Privilege Escalation via Insecure Permissions
CVSS 8.8
CVE-2021-43816 HIGH
containerd <1.5.0-beta.0 - Info Disclosure
CVSS 8.0
CVE-2021-30279 HIGH
Qualcomm AR8035 Firmware - Improper Preservation of Permissions in VMID Permission Masking
CVSS 7.8
CVE-2021-0953 HIGH
Android - Local Privilege Escalation via Unsafe PendingIntent in SearchWidgetProvider
CVSS 7.8
CVE-2021-0927 HIGH
Android - Local Privilege Escalation via TvInputManagerService Logic Error
CVSS 7.8
CVE-2021-0704 MEDIUM
Android - Unauthenticated Local Information Disclosure via AccountManagerService Permissions Bypass
CVSS 5.5
CVE-2021-37044 HIGH
Huawei Smartphone - Privilege Escalation
CVSS 7.5
Details
Vulnerabilities 329
Links
MITRE CWE Entry Search this CWE With Exploits