Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CWE-552 (对外部实体的文件或目录可访问) — Vulnerability Class 198

198 vulnerabilities classified as CWE-552 (对外部实体的文件或目录可访问). AI Chinese analysis included.

CVE IDTitleCVSSSeverityPublished
CVE-2023-47612 Telit Cinterion BGS5 安全漏洞 — BGS5 6.8 Medium2023-11-09
CVE-2023-31017 CVE — NVIDIA GPU Display driver, vGPU driver, and Cloud gaming driver 7.8 High2023-11-02
CVE-2023-5101 SICK APU 安全漏洞 — APU0200 5.3 Medium2023-10-09
CVE-2023-45160 Elevated Temp Directory Execution in 1E Client — 1E Client 8.8 High2023-10-05
CVE-2023-20235 Cisco IOS XE Software 安全漏洞 — Cisco IOS XE Software 6.5 Medium2023-10-04
CVE-2023-3712 Potential user privilege escalation — PM23/43 6.6 Medium2023-09-12
CVE-2023-4588 File accessibility vulnerability in Delinea Secret Server — Secret Server 6.8 Medium2023-09-06
CVE-2023-4743 Dreamer CMS file access — CMS 3.1 Low2023-09-03
CVE-2023-4475 An Arbitrary File Movement vulnerability was found on the ADM — ADM 7.5 High2023-08-22
CVE-2023-37551 CODESYS Files or Directories Accessible to External Parties in CmpApp — CODESYS Control for BeagleBone SL 6.5 Medium2023-08-03
CVE-2023-32226 Sysaid - CWE-552: Files or Directories Accessible to External Parties — Sysaid 8.3 High2023-07-30
CVE-2023-34316 Delta Electronics InfraSuite Device Master Improper Access Control — Infrasuite Device Master 6.5 Medium2023-07-10
CVE-2023-2538 TLS Private Key Accessible to External Parties — s5552_bmc 5.8 Medium2023-07-05
CVE-2023-32684 In Lima, a malicious disk image could read a single file on the host filesystem as a qcow2/vmdk backing file — lima 2.7 Low2023-05-30
CVE-2023-31064 Apache InLong: Insecurity direct object references cancelling applications — Apache InLong 6.5 -2023-05-22
CVE-2023-31066 Apache InLong: Insecure direct object references for inlong sources — Apache InLong 8.1 -2023-05-22
CVE-2023-2766 Weaver OA jx2_config.ini file access — OA 5.3 Medium2023-05-17
CVE-2023-29107 Siemens SIMATIC Cloud Connect 安全漏洞 — SIMATIC Cloud Connect 7 CC712 5.3 Medium2023-05-09
CVE-2023-1246 Files or Directories Accessible to External Parties in Saysis Starcities — Starcities 7.5 High2023-03-10
CVE-2022-45052 Local File Inclusion in Axiell Iguana CMS — Iguana 8.8 High2023-01-04
CVE-2022-2981 Download Monitor < 4.5.98 - Admin+ Arbitrary File Download — Download Monitor 4.9 -2022-10-10
CVE-2022-39208 Git Repository Disclosure in Onedev — onedev 7.5 High2022-09-13
CVE-2022-1117 glibc 安全特征问题漏洞 — fapolicyd 8.4 -2022-08-29
CVE-2021-3856 Red Hat Keycloak 路径遍历漏洞 — keycloak 4.3 -2022-08-26
CVE-2021-4112 Red Hat Ansible 权限许可和访问控制问题漏洞 — ansible-tower 8.8 -2022-08-25
CVE-2021-3995 util-linux 权限许可和访问控制问题漏洞 — util-linux 5.5 -2022-08-23
CVE-2021-3996 util-linux 权限许可和访问控制问题漏洞 — util-linux 5.5 -2022-08-23
CVE-2022-2392 Lana Downloads Manager < 1.8.0 - Contributor+ Arbitrary File Download — Lana Downloads Manager 6.5 -2022-08-22
CVE-2022-2357 WSM Downloader <= 1.4.0 - Unauthenticated Arbitrary File Download — WSM Downloader 7.5 -2022-08-08
CVE-2022-1585 Project Source Code Download <= 1.0.0 - Unauthenticated Backup Download — WordPress project source code download 7.5 -2022-08-01

Vulnerabilities classified as CWE-552 (对外部实体的文件或目录可访问) represent 198 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.