Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-552

CWE-552

Files or Directories Accessible to External Parties

Parent: CWE-668 - Exposure of Resource to Wrong Sphere

The product makes files or directories accessible to unauthorized actors, even though they should not be.

474 vulnerabilities with CWE-552

CVE-2025-23276 HIGH

NVIDIA Installer - Privilege Escalation

CVE-2025-30103 MEDIUM

Dell SmartFabric OS10 <10.6.0.5 - Info Disclosure

CVE-2025-34139 HIGH

Sitecore Experience Manager (XM) 8.0-10.4 - Unauthenticated Arbitrary File Read

CVE-2025-41240 CRITICAL

Bitnami Helm charts - Info Disclosure

CVE-2025-34110 CRITICAL

ColoradoFTP Server < 1.3 Build 8 - Path Traversal

CVE-2025-53536 HIGH

Roo Code <3.22.6 - Command Injection

CVE-2025-49797 HIGH

Multiple Brother, Toshiba Tec, and Ricoh Windows Driver Installers - Privilege Escalation

CVE-2025-0620 MEDIUM

Samba 4.21.0-4.21.5 - Unauthenticated File Share Exposure via Session Reauthentication

CVE-2025-40908 CRITICAL

YAML-LibYAML <0.903.0 - Code Injection

CVE-2025-4634 MEDIUM

Airpointer <2.4.107-2 - Local File Inclusion

CVE-2025-5273 MEDIUM

mcp-markdownify-server - Info Disclosure

CVE-2025-48928 MEDIUM KEV

TeleMessage <2025-05-05 - Info Disclosure

CVE-2025-4134 HIGH

Avast Business Antivirus for Linux <4.5 - Info Disclosure

CVE-2025-45529 HIGH

Siteserver CMS 7.3.1 - Arbitrary File Read via ReadTextAsynchronous Function

CVE-2025-4909 HIGH

SourceCodester Client DBMS 1.0 - Info Disclosure

CVE-2025-4807 MEDIUM

SourceCodester Online Student Clearance System 1.0 - Info Disclosure

CVE-2025-21264 HIGH

Visual Studio Code - Info Disclosure

CVE-2025-32819 HIGH

SonicWall SMA 100/200/210/400/410/500v < 10.2.1.15-81sv Authenticated Arbitrary File Deletion

CVE-2025-1982 HIGH

Ready's Attachment Upload - Path Traversal

CVE-2025-2222 HIGH

Files or Directories Accessible - Info Disclosure

CVE-2025-27147 HIGH

GLPI Inventory Plugin <1.5.0 - Privilege Escalation

CVE-2025-2652 MEDIUM

SourceCodester Employee and Visitor Gate Pass Logging System 1.0 - ...

CVE-2025-2651 MEDIUM

SourceCodester Online Eyewear Shop 1.0 - Info Disclosure

CVE-2025-22369 HIGH

Mennekes Smart/Premium - Info Disclosure

CVE-2025-25267 MEDIUM

Tecnomatix Plant Simulation <V2302.0021, <V2404.0010 - Info Disclosure

Previous Page 4 of 19 Next

Details

Vulnerabilities 474

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy