Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CWE-552 (对外部实体的文件或目录可访问) — Vulnerability Class 198

198 vulnerabilities classified as CWE-552 (对外部实体的文件或目录可访问). AI Chinese analysis included.

CVE IDTitleCVSSSeverityPublished
CVE-2025-33150 IBM Cognos Analytics Certified Containers information disclosure — Cognos Analytics Certified Containers 5.3 Medium2025-11-10
CVE-2025-58152 Century Systems FutureNet MA-X series 安全漏洞 — FutureNet MA-X series 5.3 Medium2025-10-31
CVE-2025-11965 Eclipse Vert.x 安全漏洞 — Vert.x 7.5AIHighAI2025-10-22
CVE-2025-31996 Unprotected files are impacting HCL Unica Platform — Unica Platform 5.3 Medium2025-10-13
CVE-2025-59976 Junos Space: Arbitrary file download vulnerability in web interface — Junos Space 6.5 Medium2025-10-09
CVE-2025-61734 Apache Kylin: improper restriction of file read — Apache Kylin 9.1AICriticalAI2025-10-02
CVE-2025-3025 CCleaner Link Following Local Privilege Escalation Vulnerability — CCleaner 7.3 High2025-09-15
CVE-2025-59054 dstack has insecure LUKS2 persistent storage partitions that may be opened and used — dstack 9.9 -2025-09-12
CVE-2025-9273 CData API Server MySQL Misconfiguration Information Disclosure Vulnerability — API Server 6.5 -2025-09-02
CVE-2025-52460 DOS & CO SS1 安全漏洞 — SS1 7.5 -2025-08-28
CVE-2025-43758 Liferay Portal和Liferay DXP 安全漏洞 — Portal 7.5AIHighAI2025-08-22
CVE-2009-10005 ContentKeeper Web Appliance < 125.10 Arbitrary File Access via mimencode — Web Appliance 7.5AIHighAI2025-08-20
CVE-2025-43749 Liferay Portal和Liferay DXP 安全漏洞 — Portal 7.5AIHighAI2025-08-20
CVE-2025-23276 NVIDIA GPU Display Driver 安全漏洞 — GPU Display Drivers 7.8 High2025-08-02
CVE-2025-30103 Dell SmartFabric OS10 Software 安全漏洞 — SmartFabric OS10 Software 5.5 Medium2025-07-30
CVE-2025-53536 Roo Code allows Potential Remote Code Execution via .vscode/settings.json — Roo-Code 8.1 High2025-07-07
CVE-2025-49797 Brother Industries Multiple driver installers for Windows 安全漏洞 — Multiple driver installers for Windows 7.8AIHighAI2025-06-25
CVE-2024-56731 Gogs deletion of internal files allows remote command execution — gogs 10.0 Critical2025-06-24
CVE-2025-0620 Samba: smbd doesn't pick up group membership changes when re-authenticating an expired smb session 4.9 Medium2025-06-06
CVE-2025-40908 YAML-LibYAML prior to 0.903.0 for Perl uses 2-args open, allowing existing files to be modified — YAML::LibYAML 7.5 -2025-06-01
CVE-2025-4634 Local File Inclusion — Airpointer 4.1 Medium2025-05-30
CVE-2025-5273 Markdownify MCP Server 安全漏洞 — mcp-markdownify-server 6.5 Medium2025-05-29
CVE-2025-4134 Lack of file validation in Avast Business Antivirus for Linux allows writing untrusted update files — Avast Business Antivirus 7.3 High2025-05-28
CVE-2025-21264 Visual Studio Code Security Feature Bypass Vulnerability — Microsoft Visual Studio Code CoPilot Chat Extension 7.1 High2025-05-13
CVE-2024-4981 Pagure: _update_file_in_git() follows symbolic links in temporary clones 7.6 High2025-05-12
CVE-2025-32819 SonicWALL SMA100 安全漏洞 — SMA100 8.1AIHighAI2025-05-07
CVE-2025-1982 Local File Inclusion in Ready_ — Ready_ 6.5AIMediumAI2025-04-16
CVE-2025-2222 Schneider Electric ConneXium Network Manager 安全漏洞 — ConneXium Network Manager 7.8 High2025-04-09
CVE-2025-22369 Mennekes smart/premium charges systems, Arbitrary file download using ReadFile endpoint — Smart / Premium charging stations 7.5 -2025-03-11
CVE-2025-25267 Siemens Tecnomatix Plant Simulation 安全漏洞 — Tecnomatix Plant Simulation V2302 6.2 Medium2025-03-11

Vulnerabilities classified as CWE-552 (对外部实体的文件或目录可访问) represent 198 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.