Fallos del tipo CWE-552
327 resultadosCVE-2024-57452HIGHChestnutCMS <=1.5.0 has an arbitrary file deletion vulnerability in contentcore.controller.FileController, which allows attackers to delete EPSS 0.4%CVE-2025-66389HIGHGitHub Copilot 1.372.0 allows filesystem access outside of a workspace folder (without user approval) via a file-handler URI parameter to feEPSS 0.4%CVE-2019-25239HIGHV-SOL GPON/EPON OLT Platform 2.03 Unauthenticated Configuration DownloadEPSS 0.4%CVE-2024-11629HIGHTelerik Document Processing RTF Export of Arbitrary File PathEPSS 0.4%CVE-2024-5056MEDIUMCWE-552: Files or Directories Accessible to External Parties vulnerability exists which may
prevent user to update the device firmware and pEPSS 0.3%CVE-2025-14771HIGHFile Disclosure in ABB T-MAC Plus web application and in ABB T-MAC plus Server - Default IIS Web SiteEPSS 0.3%CVE-2025-58753MEDIUMcopyparty: Sharing a single file does not fully restrict access to other files in source folderEPSS 0.3%CVE-2023-47612MEDIUMA CWE-552: Files or Directories Accessible to External Parties vulnerability exists in Telit Cinterion BGS5, Telit Cinterion EHS5/6/8, TelitEPSS 0.3%CVE-2026-4760HIGHPotential unauthorized access to files on the Web HMI server hostEPSS 0.3%CVE-2024-4981HIGHPagure: _update_file_in_git() follows symbolic links in temporary clonesEPSS 0.3%CVE-2023-52112MEDIUMUnauthorized file access vulnerability in the wallpaper service module. Successful exploitation of this vulnerability may cause features to EPSS 0.3%CVE-2024-41699MEDIUMPriority – CWE-552: Files or Directories Accessible to External PartiesEPSS 0.3%CVE-2024-51542HIGHConfiguration DownloadEPSS 0.3%CVE-2025-7389HIGHUnauthorized Arbitrary File Read via RMI in AdminServer InterfaceEPSS 0.3%CVE-2024-45894MEDIUMBlueCMS 1.6 suffers from Arbitrary File Deletion via the file_name parameter in an /admin/database.php?act=del request.EPSS 0.3%CVE-2019-3622HIGHDLP Endpoint log file redirection to arbitrary locationsEPSS 0.3%CVE-2025-5273HIGHAll versions of the package mcp-markdownify-server are vulnerable to Files or Directories Accessible to External Parties via the get-markdowEPSS 0.3%CVE-2026-33698CRITICALChamilo LMS affected by unauthenticated RCE in main/install folderEPSS 0.3%CVE-2022-40126HIGHA misconfiguration in the Service Mode profile directory of Clash for Windows v0.19.9 allows attackers to escalate privileges and execute arEPSS 0.3%CVE-2025-69428HIGHAn issue in Pro-Bit before v1.77.4 allows unauthenticated attackers to directly access sensitive directory and its subdirectories.EPSS 0.3%