CVEs classified under CWE-538, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (50)
CVE-2016-20024 — CVSS 9.8 (critical): ZKTeco ZKTime.Net 3.0.1.6 contains an insecure file permissions vulnerability that allows unprivileged users to escalate privileges by…
CVE-2025-12059 — CVSS 9.8 (critical): Insertion of Sensitive Information into Externally-Accessible File or Directory vulnerability in Logo Software Industry and Trade Inc. Logo…
CVE-2023-46723 — CVSS 8.9 (high): lte-pic32-writer is a writer for PIC32 devices. In versions 0.0.1 and prior, those who use `sendto.txt` are vulnerable to attackers who…
CVE-2026-49298 — CVSS 8.8 (high): A bug in Apache Airflow's KubernetesExecutor caused JWT tokens used by worker pods to authenticate against the Execution API to be passed…
CVE-2026-21672 — CVSS 8.8 (high): A vulnerability allowing local privilege escalation on Windows-based Veeam Backup & Replication servers.
CVE-2023-7062 — CVSS 8.8 (high): The Advanced File Manager Shortcodes plugin for WordPress is vulnerable to Directory Traversal in all versions up to, and including, 2.4…
CVE-2024-22433 — CVSS 8.8 (high): Dell Data Protection Search 19.2.0 and above contain an exposed password opportunity in plain text when using LdapSettings.get_ldap_info in…
CVE-2026-27173 — CVSS 8.7 (high): JWT tokens that were used by workers in Kubernetes Executors have been exposed to users who had read only access to Kuberentes Pods. This…
CVE-2026-23838: Tandoor Recipes is a recipe manager than can be installed with the Nix package manager. Starting in version 23.05 and prior to version…
CVE-2021-4471: TG8 Firewall exposes a directory such as /data/ over HTTP without authentication. This directory stores credential files for previously…
CVE-2016-15056: Ubee EVW3226 cable modem/routers firmware versions up to and including 1.0.20 store configuration backup files in the web root after they…
CVE-2021-40363 — CVSS 7.8 (high): A vulnerability has been identified in SIMATIC PCS 7 V8.2 (All versions), SIMATIC PCS 7 V9.0 (All versions), SIMATIC PCS 7 V9.1 (All…
CVE-2021-21250 — CVSS 7.7 (high): OneDev is an all-in-one devops platform. In OneDev before version 4.0.3, there is a critical vulnerability which may lead to arbitrary file…
CVE-2024-22045 — CVSS 7.6 (high): A vulnerability has been identified in SINEMA Remote Connect Client (All versions < V3.1 SP1). The product places sensitive information…
CVE-2023-54346 — CVSS 7.5 (high): WordPress Plugin Backup Migration 1.2.8 contains an information disclosure vulnerability that allows unauthenticated attackers to download…
CVE-2019-25706 — CVSS 7.5 (high): Across DR-810 contains an unauthenticated file disclosure vulnerability that allows remote attackers to download the rom-0 backup file…
CVE-2020-37104 — CVSS 7.5 (high): ASTPP 4.0.1 contains an information disclosure vulnerability that allows unauthenticated attackers to download database backup files by…
CVE-2025-61138 — CVSS 7.5 (high): Qlik Sense Enterprise v14.212.13 was discovered to contain an information leak via the /dev-hub/ directory.
CVE-2023-4595 — CVSS 7.5 (high): An information exposure vulnerability has been found, the exploitation of which could allow a remote user to retrieve sensitive information…
CVE-2018-10590 — CVSS 7.5 (high): In Advantech WebAccess versions V8.2_20170817 and prior, WebAccess versions V8.3.0 and prior, WebAccess Dashboard versions V.2.0.15 and…
CVE-2016-10399 — CVSS 7.5 (high): Sendio versions before 8.2.1 were affected by a Local File Inclusion vulnerability that allowed an unauthenticated, remote attacker to read…
CVE-2014-0771 — CVSS 7.5 (high): The BWOCXRUN.BwocxrunCtrl.1 control contains a method named “OpenUrlToBuffer.” This method takes a URL as a parameter and returns its…
CVE-2024-31954 — CVSS 7.3 (high): An issue was discovered in the installer in Samsung Portable SSD for T5 1.6.10 on Windows. Because it is possible to tamper with the…
CVE-2024-6880: During MegaBIP installation process, a user is encouraged to change a default path to administrative portal, as keeping it secret is listed…
CVE-2024-47580 — CVSS 6.8 (medium): An attacker authenticated as an administrator can use an exposed webservice to create a PDF with an embedded attachment. By specifying the…
CVE-2024-47579 — CVSS 6.8 (medium): An attacker authenticated as an administrator can use an exposed webservice to upload or download a custom PDF font file on the system…
CVE-2025-27017 — CVSS 6.5 (medium): Apache NiFi 1.13.0 through 2.2.0 includes the username and password used to authenticate with MongoDB in the NiFi provenance events that…
CVE-2025-0194 — CVSS 6.5 (medium): An issue was discovered in GitLab CE/EE affecting all versions starting from 17.4 prior to 17.5.5, starting from 17.6 prior to 17.6.3, and…
CVE-2022-44623 — CVSS 6.5 (medium): In JetBrains TeamCity version before 2022.10, Project Viewer could see scrambled secure values in the MetaRunner settings
CVE-2018-11798 — CVSS 6.5 (medium): The Apache Thrift Node.js static web server in versions 0.9.2 through 0.11.0 have been determined to contain a security vulnerability in…
CVE-2025-36051 — CVSS 6.2 (medium): IBM QRadar SIEM 7.5.0 through 7.5.0 Update Package 14 stores potentially sensitive information in configuration files that could be read by…
CVE-2025-24689 — CVSS 5.9 (medium): Insertion of Sensitive Information into Externally-Accessible File or Directory vulnerability in Javier Carazo Import and export users and…
CVE-2025-31421 — CVSS 5.8 (medium): Insertion of Sensitive Information into Externally-Accessible File or Directory vulnerability in Oblak Studio Srbtranslatin srbtranslatin…
CVE-2025-31558 — CVSS 5.8 (medium): Insertion of Sensitive Information into Externally-Accessible File or Directory vulnerability in Greg TailPress tailpress allows Retrieve…
CVE-2025-31550 — CVSS 5.8 (medium): Insertion of Sensitive Information into Externally-Accessible File or Directory vulnerability in thom4 WP-LESS wp-less allows Retrieve…
CVE-2025-22633 — CVSS 5.8 (medium): Insertion of Sensitive Information into Externally-Accessible File or Directory vulnerability in StellarWP Give – Divi Donation Modules…
CVE-2025-36372 — CVSS 5.5 (medium): IBM Db2 11.5.0 through 11.5.9, and 12.1.0 through 12.1.4 for Linux, UNIX and Windows (includes Db2 Connect Server) could disclose sensitive…
CVE-2025-12699 — CVSS 5.5 (medium): The ZOLL ePCR IOS application reflects unsanitized user input into a WebView. Attacker-controlled strings placed into PCR fields (run…
CVE-2025-36058 — CVSS 5.5 (medium): IBM Business Automation Workflow containers 25.0.0 through 25.0.0 Interim Fix 002, 24.0.1 through 24.0.1 Interim Fix 005, and 24.0.0…
CVE-2025-20665 — CVSS 5.5 (medium): In devinfo, there is a possible information disclosure due to a missing SELinux policy. This could lead to local information disclosure of…
CVE-2026-33705 — CVSS 5.3 (medium): Chamilo LMS is a learning management system. Prior to 1.11.38, Twig template files (.tpl) under /main/template/default/ are directly…
CVE-2025-11891 — CVSS 5.3 (medium): The Shelf Planner plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 2.8.1 through…
CVE-2024-51977 — CVSS 5.3 (medium): An unauthenticated attacker who can access either the HTTP service (TCP port 80), the HTTPS service (TCP port 443), or the IPP service (TCP…
CVE-2025-27150 — CVSS 5.3 (medium): Tuleap is an Open Source Suite to improve management of software developments and collaboration. The password to connect the Redis instance…
CVE-2025-22773 — CVSS 5.3 (medium): Insertion of Sensitive Information into Externally-Accessible File or Directory vulnerability in WP Chill Htaccess File Editor…
CVE-2025-22306 — CVSS 5.3 (medium): Insertion of Sensitive Information into Externally-Accessible File or Directory vulnerability in Spencer Haws Link Whisper Free…
CVE-2024-0191 — CVSS 5.3 (medium): A vulnerability was found in RRJ Nueva Ecija Engineer Online Portal 1.0. It has been classified as problematic. Affected is an unknown…
CVE-2014-0772 — CVSS 5.0 (medium): The BWOCXRUN.BwocxrunCtrl.1 control contains a method named OpenUrlToBufferTimeout. This method takes a URL as a parameter and returns its…
CVE-2026-50099 — CVSS 4.6 (medium): During WiFi association, Naxclow device firmware prints the host network’s SSID, PSK, and negotiated WPA keys in cleartext to an exposed…
CVE-2022-20864 — CVSS 4.6 (medium): A vulnerability in the password-recovery disable feature of Cisco IOS XE ROM Monitor (ROMMON) Software for Cisco Catalyst Switches could…