CWE-281
AllowedImproper Preservation of Permissions
Abstraction: Base · Status: Draft
The product does not preserve permissions or incorrectly preserves permissions when copying, restoring, or sharing objects, which can cause them to have less restrictive permissions than intended.
432 vulnerabilities reference this CWE, most recent first.
GHSA-H9G9-J2C8-V8GV
Vulnerability from github – Published: 2022-06-30 00:00 – Updated: 2022-07-09 00:00MetaMask before 10.11.3 might allow an attacker to access a user's secret recovery phrase because an input field is used for a BIP39 mnemonic, and Firefox and Chromium save such fields to disk in order to support the Restore Session feature, aka the Demonic issue.
{
"affected": [],
"aliases": [
"CVE-2022-32969"
],
"database_specific": {
"cwe_ids": [
"CWE-281"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2022-06-29T15:15:00Z",
"severity": "MODERATE"
},
"details": "MetaMask before 10.11.3 might allow an attacker to access a user\u0027s secret recovery phrase because an input field is used for a BIP39 mnemonic, and Firefox and Chromium save such fields to disk in order to support the Restore Session feature, aka the Demonic issue.",
"id": "GHSA-h9g9-j2c8-v8gv",
"modified": "2022-07-09T00:00:21Z",
"published": "2022-06-30T00:00:36Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-32969"
},
{
"type": "WEB",
"url": "https://github.com/MetaMask/metamask-extension/compare/v10.11.2...v10.11.3"
},
{
"type": "WEB",
"url": "https://halborn.com/disclosures/demonic-vulnerability"
},
{
"type": "WEB",
"url": "https://halborn.com/halborn-discovers-critical-vulnerability-affecting-crypto-wallet-browser-extensions"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N",
"type": "CVSS_V3"
}
]
}
GHSA-HCQH-2X7M-P53X
Vulnerability from github – Published: 2022-10-17 19:00 – Updated: 2022-10-19 19:00A flaw was found in the RHDM, where an authenticated attacker can change their assigned role in the response header. This flaw allows an attacker to gain admin privileges in the Business Central Console.
{
"affected": [],
"aliases": [
"CVE-2019-14841"
],
"database_specific": {
"cwe_ids": [
"CWE-281"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2022-10-17T16:15:00Z",
"severity": "HIGH"
},
"details": "A flaw was found in the RHDM, where an authenticated attacker can change their assigned role in the response header. This flaw allows an attacker to gain admin privileges in the Business Central Console.",
"id": "GHSA-hcqh-2x7m-p53x",
"modified": "2022-10-19T19:00:24Z",
"published": "2022-10-17T19:00:27Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2019-14841"
},
{
"type": "WEB",
"url": "https://access.redhat.com/security/cve/CVE-2019-14841"
},
{
"type": "WEB",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1744801"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-HG75-J4C9-FV98
Vulnerability from github – Published: 2024-12-07 00:31 – Updated: 2024-12-12 03:32Insecure Permissions vulnerability in Open Robotics Robotic Operating System 2 ROS2 navigation2 v.humble allows an attacker to execute arbitrary code via a crafted script to the nav2__amcl.
{
"affected": [],
"aliases": [
"CVE-2024-41645"
],
"database_specific": {
"cwe_ids": [
"CWE-281"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2024-12-06T22:15:20Z",
"severity": "CRITICAL"
},
"details": "Insecure Permissions vulnerability in Open Robotics Robotic Operating System 2 ROS2 navigation2 v.humble allows an attacker to execute arbitrary code via a crafted script to the nav2__amcl.",
"id": "GHSA-hg75-j4c9-fv98",
"modified": "2024-12-12T03:32:59Z",
"published": "2024-12-07T00:31:03Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-41645"
},
{
"type": "WEB",
"url": "https://github.com/ros-navigation/navigation2/issues/4497"
},
{
"type": "WEB",
"url": "https://github.com/ros-navigation/navigation2/pull/4521"
},
{
"type": "WEB",
"url": "https://github.com/GoesM/ROS-CVE-CNVDs"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-HH33-46Q4-HWM2
Vulnerability from github – Published: 2024-11-26 19:58 – Updated: 2024-11-26 21:43Impact
Existing lakeFS users who have issued credentials to users who have been deleted. Creating a new user with the same username, that user will inherit all of the previous user's credentials lakeFS needs to delete user credentials upon user deletion.
Patches
Has the problem been patched? What versions should users upgrade to?
Workarounds
A possible workaround will be not to reuse usernames that were previously deleted
References
Are there any links users can visit to find out more?
{
"affected": [
{
"package": {
"ecosystem": "Go",
"name": "github.com/treeverse/lakefs"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "1.33.0"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"aliases": [
"CVE-2024-43784"
],
"database_specific": {
"cwe_ids": [
"CWE-281",
"CWE-287"
],
"github_reviewed": true,
"github_reviewed_at": "2024-11-26T19:58:20Z",
"nvd_published_at": "2024-11-26T21:15:07Z",
"severity": "MODERATE"
},
"details": "### Impact\nExisting lakeFS users who have issued credentials to users who have been deleted.\nCreating a new user with the same username, that user will inherit all of the previous user\u0027s credentials lakeFS needs to delete user credentials upon user deletion.\n\n### Patches\n_Has the problem been patched? What versions should users upgrade to?_\n\n### Workarounds\nA possible workaround will be not to reuse usernames that were previously deleted\n\n### References\n_Are there any links users can visit to find out more?_\n",
"id": "GHSA-hh33-46q4-hwm2",
"modified": "2024-11-26T21:43:45Z",
"published": "2024-11-26T19:58:20Z",
"references": [
{
"type": "WEB",
"url": "https://github.com/treeverse/lakeFS/security/advisories/GHSA-hh33-46q4-hwm2"
},
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-43784"
},
{
"type": "PACKAGE",
"url": "https://github.com/treeverse/lakeFS"
},
{
"type": "WEB",
"url": "https://github.com/treeverse/lakeFS/releases/tag/v1.33.0"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:L/I:H/A:L",
"type": "CVSS_V3"
},
{
"score": "CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:A/VC:L/VI:H/VA:L/SC:N/SI:N/SA:N",
"type": "CVSS_V4"
}
],
"summary": "Re-creating a deleted user in lakeFS will re-enable previous user credentials that existed prior to its deletion"
}
GHSA-HH56-V5H3-G3F8
Vulnerability from github – Published: 2021-12-16 00:01 – Updated: 2021-12-18 00:01In createNoCredentialsPermissionNotification and related functions of AccountManagerService.java, there is a possible way to retrieve accounts from the device without permissions due to a permissions bypass. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-9Android ID: A-179338675
{
"affected": [],
"aliases": [
"CVE-2021-0704"
],
"database_specific": {
"cwe_ids": [
"CWE-281"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2021-12-15T19:15:00Z",
"severity": "MODERATE"
},
"details": "In createNoCredentialsPermissionNotification and related functions of AccountManagerService.java, there is a possible way to retrieve accounts from the device without permissions due to a permissions bypass. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-9Android ID: A-179338675",
"id": "GHSA-hh56-v5h3-g3f8",
"modified": "2021-12-18T00:01:45Z",
"published": "2021-12-16T00:01:34Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-0704"
},
{
"type": "WEB",
"url": "https://source.android.com/security/bulletin/2021-12-01"
}
],
"schema_version": "1.4.0",
"severity": []
}
GHSA-HJJQ-3JJ4-C7C6
Vulnerability from github – Published: 2023-07-06 19:24 – Updated: 2024-04-04 05:31An incorrect TLB flush issue was found in the Linux kernel’s GPU i915 kernel driver, potentially leading to random memory corruption or data leaks. This flaw could allow a local user to crash the system or escalate their privileges on the system.
{
"affected": [],
"aliases": [
"CVE-2022-4139"
],
"database_specific": {
"cwe_ids": [
"CWE-281",
"CWE-401"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2023-01-27T18:15:00Z",
"severity": "HIGH"
},
"details": "An incorrect TLB flush issue was found in the Linux kernel\u2019s GPU i915 kernel driver, potentially leading to random memory corruption or data leaks. This flaw could allow a local user to crash the system or escalate their privileges on the system.",
"id": "GHSA-hjjq-3jj4-c7c6",
"modified": "2024-04-04T05:31:56Z",
"published": "2023-07-06T19:24:08Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-4139"
},
{
"type": "WEB",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2147572"
},
{
"type": "WEB",
"url": "https://security.netapp.com/advisory/ntap-20230309-0004"
},
{
"type": "WEB",
"url": "https://www.openwall.com/lists/oss-security/2022/11/30/1"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-HM88-XQXR-4JWR
Vulnerability from github – Published: 2024-06-20 09:30 – Updated: 2024-06-20 09:30There is an unauthorized access vulnerability in ZTE H388X. If H388X is caused by brute-force serial port cracking,attackers with common user permissions can use this vulnerability to obtain elevated permissions on the affected device by performing specific operations.
{
"affected": [],
"aliases": [
"CVE-2023-25646"
],
"database_specific": {
"cwe_ids": [
"CWE-281"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2024-06-20T07:15:41Z",
"severity": "HIGH"
},
"details": "There is an unauthorized access vulnerability in ZTE H388X. If H388X is caused by brute-force serial port cracking,attackers with common user permissions can use this vulnerability to obtain elevated permissions on the affected device by performing specific operations.",
"id": "GHSA-hm88-xqxr-4jwr",
"modified": "2024-06-20T09:30:59Z",
"published": "2024-06-20T09:30:59Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-25646"
},
{
"type": "WEB",
"url": "https://support.zte.com.cn/support/news/LoopholeInfoDetail.aspx?newsId=1035844"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:P/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-HMHQ-WHFW-X78Q
Vulnerability from github – Published: 2022-05-24 19:10 – Updated: 2022-05-24 19:10If a user had granted a permission to a webpage and saved that grant, any webpage running on the same host - irrespective of scheme or port - would be granted that permission. This bug only affects Firefox for Android. Other operating systems are unaffected.. This vulnerability affects Firefox < 90.
{
"affected": [],
"aliases": [
"CVE-2021-29971"
],
"database_specific": {
"cwe_ids": [
"CWE-281"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2021-08-05T20:15:00Z",
"severity": "CRITICAL"
},
"details": "If a user had granted a permission to a webpage and saved that grant, any webpage running on the same host - irrespective of scheme or port - would be granted that permission. *This bug only affects Firefox for Android. Other operating systems are unaffected.*. This vulnerability affects Firefox \u003c 90.",
"id": "GHSA-hmhq-whfw-x78q",
"modified": "2022-05-24T19:10:12Z",
"published": "2022-05-24T19:10:12Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-29971"
},
{
"type": "WEB",
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1713638"
},
{
"type": "WEB",
"url": "https://www.mozilla.org/security/advisories/mfsa2021-28"
}
],
"schema_version": "1.4.0",
"severity": []
}
GHSA-HQ28-CRG7-95PR
Vulnerability from github – Published: 2026-05-08 22:24 – Updated: 2026-07-02 14:48Impact
An authenticated user with only users.edit permission can escalate their own privileges to admin by sending a PATCH request to /api/v1/users/{id} with permissions[admin]=1. The API controller only strips the superuser key from the permissions array, allowing admin and all other permission keys to be set by any user who can update users.
Patches
Patched in https://github.com/grokability/snipe-it/commit/ce18ff669ceb0f0349749fd5d11c1d3d40b10569, fix was released in v8.4.1
Workarounds
None.
{
"affected": [
{
"package": {
"ecosystem": "Packagist",
"name": "snipe/snipe-it"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "8.4.1"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"aliases": [
"CVE-2026-44832"
],
"database_specific": {
"cwe_ids": [
"CWE-281",
"CWE-863"
],
"github_reviewed": true,
"github_reviewed_at": "2026-05-08T22:24:45Z",
"nvd_published_at": "2026-05-26T20:16:20Z",
"severity": "HIGH"
},
"details": "### Impact\nAn authenticated user with only `users.edit` permission can escalate their own privileges to `admin` by sending a PATCH request to `/api/v1/users/{id}` with `permissions[admin]=1`. The API controller only strips the `superuser` key from the permissions array, allowing `admin` and all other permission keys to be set by any user who can update users.\n\n### Patches\nPatched in https://github.com/grokability/snipe-it/commit/ce18ff669ceb0f0349749fd5d11c1d3d40b10569, fix was released in v8.4.1\n\n### Workarounds\nNone.",
"id": "GHSA-hq28-crg7-95pr",
"modified": "2026-07-02T14:48:19Z",
"published": "2026-05-08T22:24:45Z",
"references": [
{
"type": "WEB",
"url": "https://github.com/grokability/snipe-it/security/advisories/GHSA-hq28-crg7-95pr"
},
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-44832"
},
{
"type": "WEB",
"url": "https://github.com/grokability/snipe-it/commit/ce18ff669ceb0f0349749fd5d11c1d3d40b10569"
},
{
"type": "PACKAGE",
"url": "https://github.com/grokability/snipe-it"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
},
{
"score": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N",
"type": "CVSS_V4"
}
],
"summary": "Snipe-IT has Privilege Escalation via API Permissions Assignment"
}
GHSA-HQ36-29FH-GRCG
Vulnerability from github – Published: 2021-12-16 00:01 – Updated: 2022-07-13 00:01In getConfiguredNetworks of WifiServiceImpl.java, there is a possible way to determine whether an app is installed, without query permissions, due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-12Android ID: A-197749180
{
"affected": [],
"aliases": [
"CVE-2021-1004"
],
"database_specific": {
"cwe_ids": [
"CWE-281"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2021-12-15T19:15:00Z",
"severity": "HIGH"
},
"details": "In getConfiguredNetworks of WifiServiceImpl.java, there is a possible way to determine whether an app is installed, without query permissions, due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-12Android ID: A-197749180",
"id": "GHSA-hq36-29fh-grcg",
"modified": "2022-07-13T00:01:00Z",
"published": "2021-12-16T00:01:04Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-1004"
},
{
"type": "WEB",
"url": "https://source.android.com/security/bulletin/pixel/2021-12-01"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
]
}
No mitigation information available for this CWE.
No CAPEC attack patterns related to this CWE.