Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-552

CWE-552

Files or Directories Accessible to External Parties

Parent: CWE-668 - Exposure of Resource to Wrong Sphere

The product makes files or directories accessible to unauthorized actors, even though they should not be.

474 vulnerabilities with CWE-552

CVE-2022-45129 HIGH

Payara <2022-11-04 - Info Disclosure

CVE-2022-43449 MEDIUM

OpenHarmony <v3.1.2 - Info Disclosure

CVE-2022-41710 MEDIUM

Markdownify 1.4.1 - Info Disclosure

CVE-2022-23738 MEDIUM

GitHub Enterprise Server < 3.2.20 - Unauthorized Private Repository File Access via Cache Key Manipulation

CVE-2022-37424 MEDIUM

OpenNebula <Linux - Info Disclosure

CVE-2022-43414 MEDIUM

Jenkins NUnit Plugin <0.27 - Info Disclosure

CVE-2022-2834 MEDIUM

Helpful WP <4.5.26 - Info Disclosure

CVE-2022-42234 HIGH

UCMS 1.6 - File Inclusion in Template Management Module

CVE-2022-2981 MEDIUM

WordPress Download Monitor <4.5.98 - Privilege Escalation

CVE-2022-40126 HIGH

Clash for Windows <0.19.9 - Privilege Escalation

CVE-2022-3287 MEDIUM

fwupd < 1.8.5 - Unauthenticated Sensitive Information Exposure via Redfish Plugin Configuration

CVE-2022-41343 HIGH

dompdf < 2.0.1 - Remote File Inclusion via @font-face Rule

CVE-2022-39208 HIGH

OneDev < 7.3.0 - Unauthenticated Arbitrary File Read via Project Directory Exposure

CVE-2022-36552 HIGH

Tenda AC6 Firmware < 02.03.01.114 - Unauthenticated Arbitrary File Read via DownloadFlash Endpoint

CVE-2022-1117 HIGH

fapolicyd 1.1.2 - Runtime Linker Detection Bypass Allows Execution

CVE-2022-35235 MEDIUM

XplodedThemes WPide <2.6 - Info Disclosure

CVE-2022-2392 MEDIUM

Lana Downloads Manager <1.8.0 - Info Disclosure

CVE-2022-36306 MEDIUM

AirVelocity <15.18.00.2511 - Info Disclosure

CVE-2022-22490 MEDIUM

IBM Robotic Process Automation <21.0.3 - Info Disclosure

CVE-2022-2357 HIGH

WSM Downloader <1.4.0 - Info Disclosure

CVE-2022-1585 HIGH

WordPress Plugin <1.0.0 - Info Disclosure

CVE-2022-33158 HIGH

Trend Micro VPN Proxy Pro <5.2.1026 - Privilege Escalation

CVE-2022-33901 MEDIUM

MultiSafepay <4.13.1 - Info Disclosure

CVE-2022-31475 MEDIUM

GiveWP <= 2.20.2 - Authenticated Arbitrary File Read via Export Function

CVE-2022-34049 MEDIUM

Wavlink WN530HG4 M30HG4.V5030.191116 - Info Disclosure

Previous Page 12 of 19 Next

Details

Vulnerabilities 474

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy