Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-552

CWE-552

Files or Directories Accessible to External Parties

Parent: CWE-668 - Exposure of Resource to Wrong Sphere

The product makes files or directories accessible to unauthorized actors, even though they should not be.

474 vulnerabilities with CWE-552

CVE-2022-23316 MEDIUM

taoCMS 3.0.2 - Unauthenticated Arbitrary File Read via Admin Download Path Parameter

CVE-2022-21236 HIGH

Reolink RLC-410W Firmware 3.0.0.136_20121102 - Information Disclosure via Web Server Misconfiguration

CVE-2022-0244 HIGH

GitLab CE/EE <14.5 - Info Disclosure

CVE-2022-22270 MEDIUM

Dialer <SMR Jan-2022 Release 1 - Info Disclosure

CVE-2022-22269 MEDIUM

Keeping sensitive data - Info Disclosure

CVE-2022-22268 MEDIUM

Samsung Knox Guard <SMR Jan-2022 Release 1 - Privilege Escalation

CVE-2022-22267 MEDIUM

ActivityMetricsLogger <SMR Jan-2022 Release 1 - Info Disclosure

CVE-2021-47960 MEDIUM

Synology SSL VPN Client < 1.4.5-0684 - Information Disclosure via Local HTTP Server

CVE-2021-4474 MEDIUM

Ruckus AP CLI Arbitrary File Read Allows Authenticated Remote File Access

CVE-2021-4463 HIGH

Longjing Technology BEMS API <=1.21 - Info Disclosure

CVE-2021-3856 MEDIUM

Keycloak < 15.1.0 - Unauthenticated Arbitrary File Read via Theme Resource Path Traversal

CVE-2021-4112 HIGH

Ansible-Tower - Privilege Escalation

CVE-2021-3996 MEDIUM

util-linux 2.34-2.37.2 - Unauthenticated Filesystem Unmount via libmount Logic Error

CVE-2021-3995 MEDIUM

util-linux 2.34-2.37.2 - Unprivileged FUSE Filesystem Unmount via UID Prefix Match

CVE-2021-3800 MEDIUM

glib < 2.63.6 - Information Disclosure via Charset Alias

CVE-2021-40150 HIGH

E1 Zoom camera <3.0.0.716 - Info Disclosure

CVE-2021-40149 MEDIUM

E1 Zoom Camera <3.0.0.716 - Info Disclosure

CVE-2021-3717 HIGH

Wildfly <17.0 - Privilege Escalation

CVE-2021-42644 MEDIUM

cmseasy V7.7.5_20211012 - Info Disclosure

CVE-2021-32008 CRITICAL

Secomea GateManager <9.6.621421014 - Path Traversal

CVE-2021-25004 MEDIUM

SEUR Oficial WordPress <1.7.2 - Info Disclosure

CVE-2021-44983 MEDIUM

taocms 3.0.1 - Authenticated Arbitrary File Download via File Management Column

CVE-2021-33843 MEDIUM

Fresenius Kabi Agilia SP MC WiFi <vD25 - Info Disclosure

CVE-2021-20148 MEDIUM

ManageEngine ADSelfService Plus <6116 - Info Disclosure

CVE-2021-44315 HIGH

Bus Pass Management System v1.0 - Info Disclosure

Previous Page 14 of 19 Next

Details

Vulnerabilities 474

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy