Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-552

CWE-552

Files or Directories Accessible to External Parties

Parent: CWE-668 - Exposure of Resource to Wrong Sphere

The product makes files or directories accessible to unauthorized actors, even though they should not be.

474 vulnerabilities with CWE-552

CVE-2017-2621 MEDIUM

OpenStack Orchestration <8.0.0, 6.1.0, 7.0.2 - Info Disclosure

CVE-2017-2622 MEDIUM

OpenStack Workflow - Info Disclosure

CVE-2017-1602 MEDIUM

IBM Rational Collaborative Lifecycle Management 5.0-6.0 - Authenticated Unauthorized Access via Crafted URL

CVE-2017-15104 HIGH

Heketi < 5.0.1 - Unauthorized Sensitive Information Exposure via World-Readable Configuration File

CVE-2017-12079 HIGH

Synology Photo Station <6.8.1-3458, <6.3-2970 - Info Disclosure

CVE-2017-16651 HIGH KEV

Roundcube Webmail <1.1.10, 1.2.x <1.2.7, 1.3.x <1.3.3 - Arbitrary File Access

CVE-2017-7079 MEDIUM

iTunes < 12.7 - Unauthorized iOS Backup Access via Data Sync Component

CVE-2017-11829 MEDIUM

Microsoft Windows 10 - Privilege Escalation

CVE-2017-14942 CRITICAL

Intelbras WRN 150 - Authentication Bypass

CVE-2017-2551 HIGH

Wordpress plugin BackWPup <3.4.2 - Info Disclosure

CVE-2017-10930 CRITICAL

ZXR10 1800-2S <3.00.40 - Privilege Escalation

CVE-2017-6774 MEDIUM

Cisco ASR 5000 - Privilege Escalation

CVE-2017-7737 MEDIUM

Fortinet FortiWeb <5.8.2 - Info Disclosure

CVE-2017-11746 HIGH

Tenshi 0.15 - Arbitrary Process Termination via PID File Manipulation

CVE-2017-1308 MEDIUM

IBM Daeja ViewONE <5.0 - Info Disclosure

CVE-2016-20025 HIGH

ZKTeco ZKAccess Professional 3.5.3 Privilege Escalation via Insecure Permissions

CVE-2016-10829 MEDIUM

cPanel <55.9999.141 - Info Disclosure

CVE-2016-3715 MEDIUM KEV

ImageMagick <6.9.3-10, <7.0.1-1 - Remote Code Execution

CVE-2015-4715 MEDIUM

ownCloud Server <6.0.8, <7.0.6, <8.0.4 - Info Disclosure

CVE-2015-5211 CRITICAL

Spring Framework <4.2.1, 3.2.14 - RFD

CVE-2015-1350 MEDIUM

Linux Kernel 3.0-3.19.7 - Local Denial of Service via VFS setattr Capability Stripping

CVE-2009-10005 HIGH

ContentKeeper Web Appliance <125.10 - Path Traversal

Digitaldesign CMS 0.1 - Info Disclosure

nextweb (i)site - Unauthenticated Sensitive Information Exposure via Direct Database Request

Previous Page 19 of 19

Details

Vulnerabilities 474

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy