CVE-2025-31982 HCL BigFix Service Management (SM) had directories that were not linked or publicly visible but could be accessed directl

HCL BigFix Service Management SM had directories that were not linked or publicly visible but could be accessed directly. This could allow an increased risk of information disclosure or misuse of sensitive functionality...

CVE-2024-48838

Dell SmartFabric OS10 Software, versions 10.5.6.x, 10.5.5.x, 10.5.4.x, 10.5.3.x, contains a Files or Directories Accessible to External Parties vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to Filesystem access for attacker...

CVE-2024-41699

Priority – CWE-552: Files or Directories Accessible to External Parties...

CVE-2024-38429 Matrix - CWE-552: Files or Directories Accessible to External Parties

Matrix Tafnit v8 - CWE-552: Files or Directories Accessible to External Parties...

CVE-2024-38429 Matrix - CWE-552: Files or Directories Accessible to External Parties

Matrix Tafnit v8 - CWE-552: Files or Directories Accessible to External Parties...

GHSA-Q5MG-PC7R-R8CR Files or Directories Accessible to External Parties in ProjectDiscovery

Files or Directories Accessible to External Parties vulnerability in smb server in ProjectDiscovery Interactsh allows remote attackers to read/write any files in the directory and subdirectories of where the victim runs interactsh-server via anonymous login...

CVE-2024-5262

Files or Directories Accessible to External Parties vulnerability in smb server in ProjectDiscovery Interactsh allows remote attackers to read/write any files in the directory and subdirectories of where the victim runs interactsh-server via anonymous login...

CVE-2024-5262 ProjectDiscovery Interactsh - Files or Directories Accessible to External Parties

Files or Directories Accessible to External Parties vulnerability in smb server in ProjectDiscovery Interactsh allows remote attackers to read/write any files in the directory and subdirectories of where the victim runs interactsh-server via anonymous login...

CVE-2023-45594

CVE-2023-45594 affects AiLux imx6 bundle earlier than imx6_1.0.7-2. The root cause is a CWE-552 vulnerability in the embedded Chromium browser that could allow a physical attacker to arbitrarily download or upload files to the device’s filesystem, with impacts on confidentiality, integrity, and a...

CVE-2023-5101

Files or Directories Accessible to External Parties in RDT400 in SICK APU allows an unprivileged remote attacker to download various files from the server via HTTP requests...

CVE-2023-3712

CVE-2023-3712 affects Honeywell PM43 printers (32-bit ARM) via Files or Directories Accessible to External Parties in printer web page modules, enabling privilege escalation. Affected are PM43 versions prior to P10.19.050004; remediation advised to update to MR19.5 (e.g., P10.19.050006). The init...

CVE-2023-3712 Potential user privilege escalation

Files or Directories Accessible to External Parties vulnerability in Honeywell PM43 on 32 bit, ARM Printer web page modules allows Privilege Escalation.This issue affects PM43 versions prior to P10.19.050004. Update to the latest available firmware version of the respective printers to version...

CVE-2023-3712 Potential user privilege escalation

Files or Directories Accessible to External Parties vulnerability in Honeywell PM43 on 32 bit, ARM Printer web page modules allows Privilege Escalation.This issue affects PM43 versions prior to P10.19.050004. Update to the latest available firmware version of the respective printers to version...

CVE-2023-32226

CVE-2023-32226 affects SysAid (SysAid IT service management). The issue is described as CWE-552: Files or Directories Accessible to External Parties, allowing an authenticated user to exfiltrate files from the server via an unspecified method. Some sources indicate affected versions are earlier t...

GHSA-3P9P-59QF-MQWH Apache InLong has Files or Directories Accessible to External Parties

Files or Directories Accessible to External Parties vulnerability in Apache Software Foundation Apache InLong. This issue affects Apache InLong from 1.2.0 through 1.6.0.The user in InLong could cancel an application that doesn't belong to it. Users are advised to upgrade to Apache InLong's 1.7.0 ...

Hardcoded credentials

A CWE-552 "Files or Directories Accessible to External Parties” in the web interface of the Tyan S5552 BMC version 3.00 allows an unauthenticated remote attacker to retrieve the private key of the TLS certificate in use by the BMC via forced browsing. This can then be abused to perform...

CVE-2023-31064 Apache InLong: Insecurity direct object references cancelling applications

Files or Directories Accessible to External Parties vulnerability in Apache Software Foundation Apache InLong.This issue affects Apache InLong: from 1.2.0 through 1.6.0. the user in InLong could cancel an application that doesn't belongs to it. Users are advised to upgrade to Apache InLong's 1.7....

CVE-2023-31066 Apache InLong: Insecure direct object references for inlong sources

Files or Directories Accessible to External Parties vulnerability in Apache Software Foundation Apache InLong.This issue affects Apache InLong: from 1.4.0 through 1.6.0. Different users in InLong could delete, edit, stop, and start others' sources! Users are advised to upgrade to Apache InLong's...

CVE-2021-22769

A CWE-552: Files or Directories Accessible to External Parties vulnerability exists in Easergy T300 with firmware V2.7.1 and older that could expose files or directory content when access from an attacker is not restricted or incorrectly restricted...

CVE-2021-22769

A CWE-552: Files or Directories Accessible to External Parties vulnerability exists in Easergy T300 with firmware V2.7.1 and older that could expose files or directory content when access from an attacker is not restricted or incorrectly restricted...