Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CWE-552 (对外部实体的文件或目录可访问) — Vulnerability Class 198

198 vulnerabilities classified as CWE-552 (对外部实体的文件或目录可访问). AI Chinese analysis included.

CVE IDTitleCVSSSeverityPublished
CVE-2025-25266 Siemens Tecnomatix Plant Simulation 安全漏洞 — Tecnomatix Plant Simulation V2302 6.8 Medium2025-03-11
CVE-2025-2147 Beijing Zhide Intelligent Internet Technology Modern Farm Digital Integrated Management System file access — Modern Farm Digital Integrated Management System 5.3 Medium2025-03-10
CVE-2024-48864 File Station 5 — File Station 5 9.1 -2025-03-07
CVE-2025-26525 Arbitrary file read risk through pdfTeX — moodle 8.6 High2025-02-24
CVE-2024-12917 Improper Access Control in Agito Computer's Health4All — Health4All 8.3 High2025-02-24
CVE-2025-23421 Qardio iOS and Android applications Files or Directories Accessible to External Parties — Heart Health IOS Mobile Application 6.4 Medium2025-02-13
CVE-2024-11629 Telerik Document Processing RTF Export of Arbitrary File Path — Progress® Telerik® Document Processing Libraries 7.1 High2025-02-12
CVE-2025-1042 Files or Directories Accessible to External Parties in GitLab — GitLab 4.9 Medium2025-02-12
CVE-2025-0509 Signing Checks Bypass — Sparkle 7.3 High2025-02-04
CVE-2023-29080 Privilege escalation in InstallShield — InstallShield 7.3 -2025-01-30
CVE-2024-47106 IBM Jazz for Service Management information disclosure — Jazz for Service Management 5.3 Medium2025-01-18
CVE-2024-45627 Apache Linkis Metadata Query Service JDBC: JDBC Datasource Module with Mysql has file read vulnerability — Apache Linkis Metadata Query Service JDBC 6.5 -2025-01-14
CVE-2024-53649 Siemens SIPROTEC 5 安全漏洞 — SIPROTEC 5 6MD84 (CP300) 6.5 Medium2025-01-14
CVE-2024-47518 Specially constructed queries targeting ETM could discover active remote access sessions — Arista Edge Threat Management 6.4 Medium2025-01-10
CVE-2024-43660 Arbitrary file download using <redacted>.sh — Iocharger firmware for AC models 7.5 -2025-01-09
CVE-2024-54099 Huawei EMUI和Huawei HarmonyOS 安全漏洞 — HarmonyOS 6.7 Medium2024-12-12
CVE-2024-51542 Configuration Download — ASPECT-Enterprise 8.2 High2024-12-05
CVE-2024-53676 Hewlett Packard Enterprise Insight Remote Support 安全漏洞 — HPE Insight Remote Support 9.8 Critical2024-11-27
CVE-2024-10126 Local file inclusion vulnerability in M-Files Server — M-Files Server 4.3AIMediumAI2024-11-20
CVE-2024-31141 Apache Kafka Clients: Privilege escalation to filesystem read-access via automatic ConfigProvider — Apache Kafka Clients 6.5AIMediumAI2024-11-19
CVE-2023-20039 Cisco Industrial Network Director File Permissions — Cisco Industrial Network Director 5.5 Medium2024-11-15
CVE-2024-52292 Craft Allows Attackers to Read Arbitrary System Files — cms 7.7 High2024-11-13
CVE-2024-48838 Dell SmartFabric OS10 安全漏洞 — SmartFabric OS10 Software 3.3 Low2024-11-12
CVE-2024-10526 Rapid7 Velociraptor Local Privilege Escalation In Windows Velociraptor Service — Velociraptor 7.8AIHighAI2024-11-07
CVE-2024-49359 ZimaOS vulnerable to Directory Listing via Parameter Manipulation — ZimaOS 7.5 High2024-10-24
CVE-2024-49756 AshPostgres empty, atomic, non-bulk actions, policy bypass for side-effects vulnerability. — ash_postgres 5.3 Medium2024-10-23
CVE-2024-7107 Directory Traversal in National Keep's CyberMath — CyberMath 6.5AIMediumAI2024-09-26
CVE-2024-6878 Directory Browsing in Eliz Software's Panel — Panel 6.5AIMediumAI2024-09-18
CVE-2024-8655 Mercury MNVR816 web-static file access — MNVR816 5.3 Medium2024-09-10
CVE-2024-39581 Dell InsightIQ 安全漏洞 — PowerScale InsightIQ 7.3 High2024-09-10

Vulnerabilities classified as CWE-552 (对外部实体的文件或目录可访问) represent 198 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.