Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-552

CWE-552

Files or Directories Accessible to External Parties

Parent: CWE-668 - Exposure of Resource to Wrong Sphere

The product makes files or directories accessible to unauthorized actors, even though they should not be.

474 vulnerabilities with CWE-552

CVE-2019-19018 LOW

TitanHQ WebTitan <5.18 - Info Disclosure

CVE-2019-17221 HIGH

PhantomJS < 2.1.1 - Arbitrary File Read via XMLHttpRequest for file:// URI

CVE-2019-4398 LOW

IBM Cloud Orchestrator <2.5.0.9, <2.4.0.5 - Info Disclosure

CVE-2019-17112 MEDIUM

Zoho ManageEngine DataSecurity Plus <5.0.1 5012 - Info Disclosure

CVE-2019-0381 MEDIUM

SAP SQL Anywhere <17.0 - Info Disclosure

CVE-2019-17130 MEDIUM

vBulletin <= 5.5.4 - Information Exposure via External URL Handling

CVE-2019-14273 MEDIUM

SilverStripe assets <4.0 - Info Disclosure

CVE-2019-13140 MEDIUM

Inteno EG200 EG200-WU7P1U_ADAMO3.16.4-190226_1650 - Unauthenticated 3DES Key Extraction via JUCI ACL Misconfiguration

CVE-2019-3622 HIGH

McAfee DLPe <11.3.0 - Privilege Escalation

CVE-2019-10930 HIGH

SIPROTEC 5 and DIGSI 5 Engineering Software < V7.90 - Unauthenticated Arbitrary File Access via TCP Port 443

CVE-2019-13404 HIGH

Python < 2.7.16 - Unprotected User Data Exposure via Default Installation Directory

CVE-2019-3569 HIGH

HHVM < 3.30.5 and 4.0-4.8 - Unintended FastCGI Interface Binding

CVE-2019-12375 MEDIUM

Ivanti LANDESK Management Suite <10.0.1.168 - RCE/Info Disclosure

CVE-2019-3811 MEDIUM

sssd < 2.1 - Unintended Home Directory Path Disclosure

CVE-2018-25164 HIGH

EverSync 0.5 - Unauthenticated Arbitrary File Download via Files Directory

CVE-2018-25145 MEDIUM

Microhard Systems IPn4G 1.1.0 - Info Disclosure

CVE-2018-10867 CRITICAL

redhat-certification 7 - Info Disclosure

CVE-2018-10863 HIGH

redhat-certification 7 - Info Disclosure

CVE-2018-9587 HIGH

Android - Local Privilege Escalation

CVE-2018-16946 HIGH

LG Smart Network Camera Firmware 1310250-1508190 - Unauthenticated Sensitive Information Exposure

CVE-2018-10869 HIGH

redhat-certification - Info Disclosure

CVE-2018-5112 HIGH

Firefox < 58 - Privileged Page Access via Extension Development Tools Panel

CVE-2018-1079 HIGH

pacemaker_command_line_interface < 0.9.164 - Authenticated Arbitrary File Write via REST /remote/put_file

CVE-2018-0106 LOW

Cisco Elastic Services Controller - Unauthenticated Sensitive Information Exposure via ConfD Directory Access

CVE-2017-6922 MEDIUM

Drupal Core <8.3.4 & 7.x <7.56 - Auth Bypass

Previous Page 18 of 19 Next

Details

Vulnerabilities 474

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy