Common Weakness Enumeration

CWE-281

Allowed

Improper Preservation of Permissions

Abstraction: Base · Status: Draft

The product does not preserve permissions or incorrectly preserves permissions when copying, restoring, or sharing objects, which can cause them to have less restrictive permissions than intended.

432 vulnerabilities reference this CWE, most recent first.

GHSA-4R5P-QQXR-3JGC

Vulnerability from github – Published: 2025-03-10 21:31 – Updated: 2025-03-11 18:32
VLAI
Details

In dhd_process_full_gscan_result of dhd_pno.c, there is a possible EoP due to an integer overflow. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2024-56191"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-281"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2025-03-10T21:15:39Z",
    "severity": "HIGH"
  },
  "details": "In dhd_process_full_gscan_result of dhd_pno.c, there is a possible EoP due to an integer overflow. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.",
  "id": "GHSA-4r5p-qqxr-3jgc",
  "modified": "2025-03-11T18:32:12Z",
  "published": "2025-03-10T21:31:12Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-56191"
    },
    {
      "type": "WEB",
      "url": "https://source.android.com/docs/security/bulletin/pixel-watch/2025/2025-03-01"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-4X8J-29X3-246V

Vulnerability from github – Published: 2022-12-21 21:30 – Updated: 2022-12-21 21:30
VLAI
Details

Improper preservation of permissions vulnerability in Trellix Endpoint Agent (xAgent) prior to V35.31.22 on Windows allows a local user with administrator privileges to bypass the product protection to uninstall the agent via incorrectly applied permissions in the removal protection functionality.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2022-4326"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-281"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2022-12-16T16:15:00Z",
    "severity": "MODERATE"
  },
  "details": "Improper preservation of permissions vulnerability in Trellix Endpoint Agent (xAgent) prior to V35.31.22 on Windows allows a local user with administrator privileges to bypass the product protection to uninstall the agent via incorrectly applied permissions in the removal protection functionality.",
  "id": "GHSA-4x8j-29x3-246v",
  "modified": "2022-12-21T21:30:15Z",
  "published": "2022-12-21T21:30:15Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-4326"
    },
    {
      "type": "WEB",
      "url": "https://docs.trellix.com/bundle/xagent_35-31-22_rn/page/UUID-73c848e7-6107-fe11-d83d-b17bd5b1449c.html"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-52R8-QCQV-P7V2

Vulnerability from github – Published: 2022-06-14 00:00 – Updated: 2022-06-19 00:00
VLAI
Details

The communication module has a vulnerability of improper permission preservation. Successful exploitation of this vulnerability may affect system availability.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2022-31755"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-281"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2022-06-13T15:15:00Z",
    "severity": "MODERATE"
  },
  "details": "The communication module has a vulnerability of improper permission preservation. Successful exploitation of this vulnerability may affect system availability.",
  "id": "GHSA-52r8-qcqv-p7v2",
  "modified": "2022-06-19T00:00:23Z",
  "published": "2022-06-14T00:00:29Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-31755"
    },
    {
      "type": "WEB",
      "url": "https://consumer.huawei.com/en/support/bulletin/2022/6"
    },
    {
      "type": "WEB",
      "url": "https://consumer.huawei.com/en/support/bulletin/2022/7"
    },
    {
      "type": "WEB",
      "url": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-phones-202206-0000001270350482"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-533J-W77V-FMXV

Vulnerability from github – Published: 2025-01-06 18:31 – Updated: 2025-01-07 21:30
VLAI
Details

SeaCMS V13.1 is vulnerable to Incorrect Access Control. A logic flaw can be exploited by an attacker to allow any user to register accounts in bulk.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2024-54880"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-281"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2025-01-06T18:15:22Z",
    "severity": "CRITICAL"
  },
  "details": "SeaCMS V13.1 is vulnerable to Incorrect Access Control. A logic flaw can be exploited by an attacker to allow any user to register accounts in bulk.",
  "id": "GHSA-533j-w77v-fmxv",
  "modified": "2025-01-07T21:30:55Z",
  "published": "2025-01-06T18:31:04Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-54880"
    },
    {
      "type": "WEB",
      "url": "https://blog.csdn.net/weixin_46686336/article/details/144797063"
    },
    {
      "type": "WEB",
      "url": "https://www.seacms.net"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-53H9-3MWX-GWQQ

Vulnerability from github – Published: 2021-12-16 00:01 – Updated: 2022-07-13 00:01
VLAI
Details

In getSigningKeySet of PackageManagerService.java, there is a missing permission check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-12Android ID: A-189857801

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2021-1010"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-281"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2021-12-15T19:15:00Z",
    "severity": "MODERATE"
  },
  "details": "In getSigningKeySet of PackageManagerService.java, there is a missing permission check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-12Android ID: A-189857801",
  "id": "GHSA-53h9-3mwx-gwqq",
  "modified": "2022-07-13T00:01:00Z",
  "published": "2021-12-16T00:01:01Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-1010"
    },
    {
      "type": "WEB",
      "url": "https://source.android.com/security/bulletin/pixel/2021-12-01"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-54F6-9MX9-86F7

Vulnerability from github – Published: 2023-10-25 18:32 – Updated: 2024-09-12 18:42
VLAI
Summary
SaToken privilege escalation vulnerability
Details

An issue in Dromara SaToken version 1.36.0 and before allows a remote attacker to escalate privileges via a crafted payload to the URL.

Show details on source website

{
  "affected": [
    {
      "package": {
        "ecosystem": "Maven",
        "name": "cn.dev33:sa-token-core"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "1.37.0"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    }
  ],
  "aliases": [
    "CVE-2023-44794"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-281",
      "CWE-284"
    ],
    "github_reviewed": true,
    "github_reviewed_at": "2023-10-27T19:50:04Z",
    "nvd_published_at": "2023-10-25T18:17:32Z",
    "severity": "CRITICAL"
  },
  "details": "An issue in Dromara SaToken version 1.36.0 and before allows a remote attacker to escalate privileges via a crafted payload to the URL.",
  "id": "GHSA-54f6-9mx9-86f7",
  "modified": "2024-09-12T18:42:11Z",
  "published": "2023-10-25T18:32:23Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-44794"
    },
    {
      "type": "WEB",
      "url": "https://github.com/dromara/Sa-Token/issues/515"
    },
    {
      "type": "WEB",
      "url": "https://github.com/dromara/Sa-Token/commit/954efeb73277f924f836da2a25322ea35ee1bfa3"
    },
    {
      "type": "PACKAGE",
      "url": "https://github.com/dromara/Sa-Token"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
      "type": "CVSS_V3"
    },
    {
      "score": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N",
      "type": "CVSS_V4"
    }
  ],
  "summary": "SaToken privilege escalation vulnerability"
}

GHSA-54HW-WW7H-FVM8

Vulnerability from github – Published: 2022-05-13 01:47 – Updated: 2022-05-13 01:47
VLAI
Details

Microsoft Windows 7 SP1, Windows Server 2008 SP2 and R2 SP1, Windows 8.1 and Windows RT 8.1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, 1703, and Windows Server 2016 allows a remote code execution vulnerability due to the way that Windows Search handles objects in memory, aka "Windows Search Remote Code Execution Vulnerability".

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2017-8589"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-281"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2017-07-11T21:29:00Z",
    "severity": "CRITICAL"
  },
  "details": "Microsoft Windows 7 SP1, Windows Server 2008 SP2 and R2 SP1, Windows 8.1 and Windows RT 8.1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, 1703, and Windows Server 2016 allows a remote code execution vulnerability due to the way that Windows Search handles objects in memory, aka \"Windows Search Remote Code Execution Vulnerability\".",
  "id": "GHSA-54hw-ww7h-fvm8",
  "modified": "2022-05-13T01:47:38Z",
  "published": "2022-05-13T01:47:38Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-8589"
    },
    {
      "type": "WEB",
      "url": "https://portal.msrc.microsoft.com/en-us/security-guidance/advisory/CVE-2017-8589"
    },
    {
      "type": "WEB",
      "url": "http://www.securityfocus.com/bid/99425"
    },
    {
      "type": "WEB",
      "url": "http://www.securitytracker.com/id/1038866"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-54P6-86FQ-2PG8

Vulnerability from github – Published: 2024-01-30 15:30 – Updated: 2024-01-30 15:30
VLAI
Details

Privilege escalation vulnerability in Lamassu Bitcoin ATM Douro machines, in its 7.1 version, which could allow a local user to acquire root permissions by modifying the updatescript.js, inserting special code inside the script and creating the done.txt file. This would cause the watchdog process to run as root and execute the payload stored in the updatescript.js.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2024-0674"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-269",
      "CWE-281"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2024-01-30T13:15:08Z",
    "severity": "MODERATE"
  },
  "details": "Privilege escalation vulnerability in Lamassu Bitcoin ATM Douro machines, in its 7.1 version, which could allow a local user to acquire root permissions by modifying the updatescript.js, inserting special code inside the script and creating the done.txt file. This would cause the watchdog process to run as root and execute the payload stored in the updatescript.js.",
  "id": "GHSA-54p6-86fq-2pg8",
  "modified": "2024-01-30T15:30:22Z",
  "published": "2024-01-30T15:30:22Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-0674"
    },
    {
      "type": "WEB",
      "url": "https://www.incibe.es/en/incibe-cert/notices/aviso/multiple-vulnerabilities-lamassu-bitcoin-atm-douro-machines"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:P/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-5888-494V-35JQ

Vulnerability from github – Published: 2022-04-30 18:22 – Updated: 2024-01-25 21:32
VLAI
Details

Sun PC NetLink 1.0 through 1.2 does not properly set the access control list (ACL) for files and directories that use symbolic links and have been restored from backup, which could allow local or remote attackers to bypass intended access restrictions.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2002-2323"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-281",
      "CWE-59"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2002-12-31T05:00:00Z",
    "severity": "MODERATE"
  },
  "details": "Sun PC NetLink 1.0 through 1.2 does not properly set the access control list (ACL) for files and directories that use symbolic links and have been restored from backup, which could allow local or remote attackers to bypass intended access restrictions.",
  "id": "GHSA-5888-494v-35jq",
  "modified": "2024-01-25T21:32:09Z",
  "published": "2022-04-30T18:22:57Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2002-2323"
    },
    {
      "type": "WEB",
      "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-27807-1"
    },
    {
      "type": "WEB",
      "url": "http://www.iss.net/security_center/static/9665.php"
    },
    {
      "type": "WEB",
      "url": "http://www.securityfocus.com/bid/5281"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-58WC-R84P-48V4

Vulnerability from github – Published: 2024-07-30 00:34 – Updated: 2026-04-02 21:31
VLAI
Details

An access issue was addressed with additional sandbox restrictions. This issue is fixed in macOS Sonoma 14.6, macOS Monterey 12.7.6, macOS Ventura 13.6.8. Third party app extensions may not receive the correct sandbox restrictions.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2024-40821"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-281"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2024-07-29T23:15:13Z",
    "severity": "HIGH"
  },
  "details": "An access issue was addressed with additional sandbox restrictions. This issue is fixed in macOS Sonoma 14.6, macOS Monterey 12.7.6, macOS Ventura 13.6.8. Third party app extensions may not receive the correct sandbox restrictions.",
  "id": "GHSA-58wc-r84p-48v4",
  "modified": "2026-04-02T21:31:52Z",
  "published": "2024-07-30T00:34:27Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-40821"
    },
    {
      "type": "WEB",
      "url": "https://support.apple.com/en-us/120910"
    },
    {
      "type": "WEB",
      "url": "https://support.apple.com/en-us/120911"
    },
    {
      "type": "WEB",
      "url": "https://support.apple.com/en-us/120912"
    },
    {
      "type": "WEB",
      "url": "https://support.apple.com/en-us/HT214118"
    },
    {
      "type": "WEB",
      "url": "https://support.apple.com/en-us/HT214119"
    },
    {
      "type": "WEB",
      "url": "https://support.apple.com/en-us/HT214120"
    },
    {
      "type": "WEB",
      "url": "https://support.apple.com/kb/HT214118"
    },
    {
      "type": "WEB",
      "url": "https://support.apple.com/kb/HT214119"
    },
    {
      "type": "WEB",
      "url": "https://support.apple.com/kb/HT214120"
    },
    {
      "type": "WEB",
      "url": "http://seclists.org/fulldisclosure/2024/Jul/18"
    },
    {
      "type": "WEB",
      "url": "http://seclists.org/fulldisclosure/2024/Jul/19"
    },
    {
      "type": "WEB",
      "url": "http://seclists.org/fulldisclosure/2024/Jul/20"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
      "type": "CVSS_V3"
    }
  ]
}

No mitigation information available for this CWE.

No CAPEC attack patterns related to this CWE.