Common Weakness Enumeration

CWE-281

Allowed

Improper Preservation of Permissions

Abstraction: Base · Status: Draft

The product does not preserve permissions or incorrectly preserves permissions when copying, restoring, or sharing objects, which can cause them to have less restrictive permissions than intended.

432 vulnerabilities reference this CWE, most recent first.

GHSA-8Q4V-39JW-37MV

Vulnerability from github – Published: 2022-05-13 01:47 – Updated: 2022-05-13 01:47
VLAI
Details

Windows Cursor in Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, and Windows Server 2016 allows improper elevation of privilege, aka "Windows Cursor Elevation of Privilege Vulnerability".

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2017-8466"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-281"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2017-06-15T01:29:00Z",
    "severity": "HIGH"
  },
  "details": "Windows Cursor in Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, and Windows Server 2016 allows improper elevation of privilege, aka \"Windows Cursor Elevation of Privilege Vulnerability\".",
  "id": "GHSA-8q4v-39jw-37mv",
  "modified": "2022-05-13T01:47:33Z",
  "published": "2022-05-13T01:47:33Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-8466"
    },
    {
      "type": "WEB",
      "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-8466"
    },
    {
      "type": "WEB",
      "url": "http://www.securityfocus.com/bid/98844"
    },
    {
      "type": "WEB",
      "url": "http://www.securitytracker.com/id/1038671"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-8R46-M6M6-R9PQ

Vulnerability from github – Published: 2023-04-16 06:30 – Updated: 2024-03-21 03:35
VLAI
Details

Liferay Portal 6.2.5 allows Command=FileUpload&Type=File&CurrentFolder=/ requests when frmfolders.html exists.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2021-33990"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-281",
      "CWE-78"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2023-04-16T04:15:00Z",
    "severity": "CRITICAL"
  },
  "details": "Liferay Portal 6.2.5 allows Command=FileUpload\u0026Type=File\u0026CurrentFolder=/ requests when frmfolders.html exists.",
  "id": "GHSA-8r46-m6m6-r9pq",
  "modified": "2024-03-21T03:35:08Z",
  "published": "2023-04-16T06:30:25Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-33990"
    },
    {
      "type": "WEB",
      "url": "https://github.com/fu2x2000/Liferay_exploit_Poc"
    },
    {
      "type": "WEB",
      "url": "http://packetstormsecurity.com/files/171701/Liferay-Portal-6.2.5-Insecure-Permissions.html"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-8W43-765R-W2W5

Vulnerability from github – Published: 2022-10-20 12:00 – Updated: 2022-10-21 19:01
VLAI
Details

The MSI installer in Verint Desktop Resources 15.2 allows an unprivileged local user to elevate their privileges during install or repair.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2020-12744"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-281"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2022-10-20T11:15:00Z",
    "severity": "HIGH"
  },
  "details": "The MSI installer in Verint Desktop Resources 15.2 allows an unprivileged local user to elevate their privileges during install or repair.",
  "id": "GHSA-8w43-765r-w2w5",
  "modified": "2022-10-21T19:01:10Z",
  "published": "2022-10-20T12:00:16Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-12744"
    },
    {
      "type": "WEB",
      "url": "https://github.com/bwiltse/cve/blob/master/Verint/Verint-CVE-2020-12744.txt"
    },
    {
      "type": "WEB",
      "url": "https://github.com/bwiltse/verint"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-92VM-P8P9-G4X5

Vulnerability from github – Published: 2024-05-17 18:30 – Updated: 2024-05-17 18:30
VLAI
Details

When installing Nessus to a directory outside of the default location on a Windows host, Nessus versions prior to 10.7.3 did not enforce secure permissions for sub-directories. This could allow for local privilege escalation if users had not secured the directories in the non-default installation location.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2024-3289"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-281"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2024-05-17T17:15:07Z",
    "severity": "HIGH"
  },
  "details": "When installing Nessus to a directory outside of the default location on a Windows host, Nessus versions prior to 10.7.3 did not enforce secure permissions for sub-directories. This could allow for local privilege escalation if users had not secured the directories in the non-default installation location.",
  "id": "GHSA-92vm-p8p9-g4x5",
  "modified": "2024-05-17T18:30:43Z",
  "published": "2024-05-17T18:30:43Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-3289"
    },
    {
      "type": "WEB",
      "url": "https://www.tenable.com/security/tns-2024-08"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-9347-9W64-Q5WP

Vulnerability from github – Published: 2022-05-14 02:05 – Updated: 2023-08-17 22:33
VLAI
Summary
Jython Improper Access Restrictions vulnerability
Details

Jython before 2.7.2b3 uses the current umask to set the privileges of the class cache files, which allows local users to bypass intended access restrictions via unspecified vectors.

Show details on source website

{
  "affected": [
    {
      "package": {
        "ecosystem": "Maven",
        "name": "org.python:jython-standalone"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "2.7.2b3"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    }
  ],
  "aliases": [
    "CVE-2013-2027"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-281"
    ],
    "github_reviewed": true,
    "github_reviewed_at": "2023-08-17T22:33:35Z",
    "nvd_published_at": "2015-02-13T15:59:00Z",
    "severity": "MODERATE"
  },
  "details": "Jython before 2.7.2b3 uses the current umask to set the privileges of the class cache files, which allows local users to bypass intended access restrictions via unspecified vectors.",
  "id": "GHSA-9347-9w64-q5wp",
  "modified": "2023-08-17T22:33:35Z",
  "published": "2022-05-14T02:05:10Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2013-2027"
    },
    {
      "type": "WEB",
      "url": "https://github.com/jython/frozen-mirror/commit/053949e66d307168fd70b39725f4d3e6b642acc1"
    },
    {
      "type": "WEB",
      "url": "https://bugzilla.redhat.com/show_bug.cgi?id=947949"
    },
    {
      "type": "WEB",
      "url": "https://github.com/jython/frozen-mirror/blob/b8d7aa4cee50c0c0fe2f4b235dd62922dd0f3f99/NEWS#L25C8-L25C15"
    },
    {
      "type": "WEB",
      "url": "http://advisories.mageia.org/MGASA-2015-0096.html"
    },
    {
      "type": "WEB",
      "url": "http://lists.opensuse.org/opensuse-updates/2015-02/msg00055.html"
    },
    {
      "type": "WEB",
      "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2015:158"
    },
    {
      "type": "WEB",
      "url": "http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html"
    },
    {
      "type": "PACKAGE",
      "url": "jython/frozen-mirror"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [],
  "summary": "Jython Improper Access Restrictions vulnerability"
}

GHSA-93FW-JJ7X-4XH7

Vulnerability from github – Published: 2022-03-17 00:00 – Updated: 2022-03-24 00:00
VLAI
Details

In checkFileUriDestination of DownloadProvider.java, there is a possible way to bypass external storage private directories protection due to a missing permission check. This could lead to local escalation of privilege with User execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11 Android-12Android ID: A-200813547

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2021-39697"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-281"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2022-03-16T15:15:00Z",
    "severity": "HIGH"
  },
  "details": "In checkFileUriDestination of DownloadProvider.java, there is a possible way to bypass external storage private directories protection due to a missing permission check. This could lead to local escalation of privilege with User execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11 Android-12Android ID: A-200813547",
  "id": "GHSA-93fw-jj7x-4xh7",
  "modified": "2022-03-24T00:00:39Z",
  "published": "2022-03-17T00:00:43Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-39697"
    },
    {
      "type": "WEB",
      "url": "https://source.android.com/security/bulletin/2022-03-01"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-93PR-4CPG-PRWH

Vulnerability from github – Published: 2022-03-19 00:00 – Updated: 2022-03-25 00:00
VLAI
Details

This issue was addressed with improved checks. This issue is fixed in macOS Big Sur 11.6.5, macOS Monterey 12.3, Security Update 2022-003 Catalina. A plug-in may be able to inherit the application's permissions and access user data.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2022-22650"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-281"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2022-03-18T18:15:00Z",
    "severity": "MODERATE"
  },
  "details": "This issue was addressed with improved checks. This issue is fixed in macOS Big Sur 11.6.5, macOS Monterey 12.3, Security Update 2022-003 Catalina. A plug-in may be able to inherit the application\u0027s permissions and access user data.",
  "id": "GHSA-93pr-4cpg-prwh",
  "modified": "2022-03-25T00:00:45Z",
  "published": "2022-03-19T00:00:52Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-22650"
    },
    {
      "type": "WEB",
      "url": "https://support.apple.com/en-us/HT213183"
    },
    {
      "type": "WEB",
      "url": "https://support.apple.com/en-us/HT213184"
    },
    {
      "type": "WEB",
      "url": "https://support.apple.com/en-us/HT213185"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-94FV-WXC5-F8VM

Vulnerability from github – Published: 2022-05-24 16:55 – Updated: 2024-04-04 01:54
VLAI
Details

An issue was discovered in GitLab Community and Enterprise Edition before 11.5.8, 11.6.x before 11.6.6, and 11.7.x before 11.7.1. It has Incorrect Access Control (issue 3 of 3). When a project with visibility more permissive than the target group is imported, it will retain its prior visibility.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2019-6791"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-281"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2019-09-09T21:15:00Z",
    "severity": "MODERATE"
  },
  "details": "An issue was discovered in GitLab Community and Enterprise Edition before 11.5.8, 11.6.x before 11.6.6, and 11.7.x before 11.7.1. It has Incorrect Access Control (issue 3 of 3). When a project with visibility more permissive than the target group is imported, it will retain its prior visibility.",
  "id": "GHSA-94fv-wxc5-f8vm",
  "modified": "2024-04-04T01:54:42Z",
  "published": "2022-05-24T16:55:48Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-6791"
    },
    {
      "type": "WEB",
      "url": "https://about.gitlab.com/2019/01/31/security-release-gitlab-11-dot-7-dot-3-released"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-94W9-FCWH-P5JV

Vulnerability from github – Published: 2024-12-20 06:30 – Updated: 2025-11-04 00:32
VLAI
Details

This issue was addressed with improved validation of symlinks. This issue is fixed in macOS Sequoia 15.1. An app may be able to access user-sensitive data.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2024-44211"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-281",
      "CWE-59"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2024-12-20T04:15:05Z",
    "severity": "HIGH"
  },
  "details": "This issue was addressed with improved validation of symlinks. This issue is fixed in macOS Sequoia 15.1. An app may be able to access user-sensitive data.",
  "id": "GHSA-94w9-fcwh-p5jv",
  "modified": "2025-11-04T00:32:15Z",
  "published": "2024-12-20T06:30:45Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-44211"
    },
    {
      "type": "WEB",
      "url": "https://support.apple.com/en-us/121564"
    },
    {
      "type": "WEB",
      "url": "http://seclists.org/fulldisclosure/2024/Oct/11"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-957R-R8GC-VV3H

Vulnerability from github – Published: 2026-04-22 18:31 – Updated: 2026-04-29 23:18
VLAI
Summary
uutils coreutils doesn't preserve file ownership during moves across different filesystem boundaries
Details

The mv utility in uutils coreutils fails to preserve file ownership during moves across different filesystem boundaries. The utility falls back to a copy-and-delete routine that creates the destination file using the caller's UID/GID rather than the source's metadata. This flaw breaks backups and migrations, causing files moved by a privileged user (e.g., root) to become root-owned unexpectedly, which can lead to information disclosure or restricted access for the intended owners.

Show details on source website

{
  "affected": [
    {
      "package": {
        "ecosystem": "crates.io",
        "name": "coreutils"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "last_affected": "0.8.0"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    }
  ],
  "aliases": [
    "CVE-2026-35351"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-281"
    ],
    "github_reviewed": true,
    "github_reviewed_at": "2026-04-29T23:18:01Z",
    "nvd_published_at": "2026-04-22T17:16:37Z",
    "severity": "MODERATE"
  },
  "details": "The mv utility in uutils coreutils fails to preserve file ownership during moves across different filesystem boundaries. The utility falls back to a copy-and-delete routine that creates the destination file using the caller\u0027s UID/GID rather than the source\u0027s metadata. This flaw breaks backups and migrations, causing files moved by a privileged user (e.g., root) to become root-owned unexpectedly, which can lead to information disclosure or restricted access for the intended owners.",
  "id": "GHSA-957r-r8gc-vv3h",
  "modified": "2026-04-29T23:18:01Z",
  "published": "2026-04-22T18:31:45Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-35351"
    },
    {
      "type": "WEB",
      "url": "https://github.com/uutils/coreutils/issues/9714"
    },
    {
      "type": "PACKAGE",
      "url": "https://github.com/uutils/coreutils"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:L",
      "type": "CVSS_V3"
    }
  ],
  "summary": "uutils coreutils doesn\u0027t preserve file ownership during moves across different filesystem boundaries"
}

No mitigation information available for this CWE.

No CAPEC attack patterns related to this CWE.