Vulnerabilidades CVE

A continuación la lista de las últimas vulnerabilidades publicadas por el instituto NIST:

CVE ID Publicado Severidad CVSS Descripción
CVE-2025-5568 2025-06-07 MEDIUM 6.4 The WpEvently plugin for WordPress is vulnerable to Stored Cross-Site Scripting via multiple parameters in all versions up to, and…
CVE-2025-5528 2025-06-07 MEDIUM 6.1 The Social Sharing Plugin – Sassy Social Share plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the heateor_mastodon_share…
CVE-2024-9994 2025-06-07 MEDIUM 6.4 The Essential Addons for Elementor – Best Elementor Addon, Templates, Widgets, Kits & WooCommerce Builders plugin for WordPress is vulnerable…
CVE-2024-9993 2025-06-07 MEDIUM 6.4 The Essential Addons for Elementor – Best Elementor Addon, Templates, Widgets, Kits & WooCommerce Builders plugin for WordPress is vulnerable…
CVE-2025-5303 2025-06-07 HIGH 7.2 The LTL Freight Quotes – Freightview Edition, LTL Freight Quotes – Daylight Edition and LTL Freight Quotes – Day &…
CVE-2025-5399 2025-06-07 N/A 0.0 Due to a mistake in libcurl's WebSocket code, a malicious server can send a particularly crafted packet which makes libcurl…
CVE-2025-5814 2025-06-07 MEDIUM 5.3 The Profiler – What Slowing Down Your WP plugin for WordPress is vulnerable to unauthorized modification of data due to…
CVE-2025-47601 2025-06-07 HIGH 8.8 Missing Authorization vulnerability in Christiaan Pieterse MaxiBlocks allows Privilege Escalation.This issue affects MaxiBlocks: from n/a through 2.1.0.
CVE-2025-49128 2025-06-06 MEDIUM 4.0 Jackson-core contains core low-level incremental ("streaming") parser and generator abstractions used by Jackson Data Processor. Starting in version 2.0.0 and…
CVE-2025-47950 2025-06-06 HIGH 7.5 CoreDNS is a DNS server that chains plugins. In versions prior to 1.12.2, a Denial of Service (DoS) vulnerability exists…
CVE-2025-49127 2025-06-06 N/A 0.0 Kafbat UI is a web user interface for managing Apache Kafka clusters. An unsafe deserialization vulnerability in version 1.0.0 allows…
CVE-2025-5797 2025-06-06 LOW 3.5 A vulnerability was found in code-projects Laundry System 1.0 and classified as problematic. This issue affects some unknown processing of…
CVE-2025-5799 2025-06-06 HIGH 8.8 A vulnerability was found in Tenda AC8 16.03.34.09. It has been declared as critical. Affected by this vulnerability is the…
CVE-2025-5798 2025-06-06 HIGH 8.8 A vulnerability was found in Tenda AC8 16.03.34.09. It has been classified as critical. Affected is the function fromSetSysTime of…
CVE-2025-5796 2025-06-06 LOW 3.5 A vulnerability has been found in code-projects Laundry System 1.0 and classified as problematic. This vulnerability affects unknown code of…
CVE-2025-5795 2025-06-06 HIGH 8.8 A vulnerability, which was classified as critical, was found in Tenda AC5 1.0/15.03.06.47. This affects the function fromadvsetlanip of the…
CVE-2025-5794 2025-06-06 HIGH 8.8 A vulnerability, which was classified as critical, has been found in Tenda AC5 15.03.06.47. Affected by this issue is the…
CVE-2025-5481 2025-06-06 HIGH 7.8 Sante DICOM Viewer Pro DCM File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute…
CVE-2025-5480 2025-06-06 HIGH 7.8 Action1 Uncontrolled Search Path Element Local Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations…
CVE-2025-5474 2025-06-06 HIGH 7.3 2BrightSparks SyncBackFree Link Following Local Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of…
CVE-2025-5473 2025-06-06 HIGH 7.8 GIMP ICO File Parsing Integer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on…
CVE-2025-3485 2025-06-06 HIGH 7.2 Allegra extractFileFromZip Directory Traversal Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations…
CVE-2025-2766 2025-06-06 HIGH 8.8 70mai A510 Use of Default Password Authentication Bypass Vulnerability. This vulnerability allows network-adjacent attackers to bypass authentication on affected installations…
CVE-2025-5793 2025-06-06 HIGH 8.8 A vulnerability, which was classified as critical, was found in TOTOLINK EX1200T 4.1.2cu.5232_B20210713. Affected is an unknown function of the…
CVE-2025-5792 2025-06-06 HIGH 8.8 A vulnerability, which was classified as critical, has been found in TOTOLINK EX1200T 4.1.2cu.5232_B20210713. This issue affects some unknown processing…
CVE-2025-5790 2025-06-06 HIGH 8.8 A vulnerability classified as critical was found in TOTOLINK X15 1.0.0-B20230714.1105. This vulnerability affects unknown code of the file /boafrm/formIpQoS…
CVE-2025-5789 2025-06-06 HIGH 8.8 A vulnerability classified as critical has been found in TOTOLINK X15 1.0.0-B20230714.1105. This affects an unknown part of the file…
CVE-2025-49011 2025-06-06 LOW 3.7 SpiceDB is an open source database for storing and querying fine-grained authorization data. Prior to version 1.44.2, on schemas involving…
CVE-2025-5788 2025-06-06 HIGH 8.8 A vulnerability was found in TOTOLINK X15 1.0.0-B20230714.1105. It has been rated as critical. Affected by this issue is some…
CVE-2025-5787 2025-06-06 HIGH 8.8 A vulnerability was found in TOTOLINK X15 1.0.0-B20230714.1105. It has been declared as critical. Affected by this vulnerability is an…
CVE-2025-5786 2025-06-06 HIGH 8.8 A vulnerability was found in TOTOLINK X15 1.0.0-B20230714.1105. It has been classified as critical. Affected is an unknown function of…
CVE-2025-49599 2025-06-06 MEDIUM 4.1 Huawei EG8141A5 devices through V5R019C00S100, EG8145V5 devices through V5R019C00S100, and EG8145V5-V2 devices through V5R021C00S184 allow the Epuser account to disable…
CVE-2025-5785 2025-06-06 HIGH 8.8 A vulnerability was found in TOTOLINK X15 1.0.0-B20230714.1105 and classified as critical. This issue affects some unknown processing of the…
CVE-2025-5784 2025-06-06 MEDIUM 6.3 A vulnerability has been found in PHPGurukul Employee Record Management System 1.3 and classified as critical. This vulnerability affects unknown…
CVE-2025-5806 2025-06-06 HIGH 8.0 Jenkins Gatling Plugin 136.vb_9009b_3d33a_e serves Gatling reports in a manner that bypasses the Content-Security-Policy protection introduced in Jenkins 1.641 and…
CVE-2025-5783 2025-06-06 MEDIUM 6.3 A vulnerability, which was classified as critical, was found in PHPGurukul Employee Record Management System 1.3. This affects an unknown…
CVE-2025-5751 2025-06-06 MEDIUM 4.6 WOLFBOX Level 2 EV Charger Management Card Hard-coded Credentials Authentication Bypass Vulnerability. This vulnerability allows physically present attackers to bypass…
CVE-2025-5750 2025-06-06 HIGH 8.8 WOLFBOX Level 2 EV Charger tuya_svc_devos_activate_result_parse Heap-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute…
CVE-2025-5749 2025-06-06 MEDIUM 6.3 WOLFBOX Level 2 EV Charger BLE Encryption Keys Uninitialized Variable Authentication Bypass Vulnerability. This vulnerability allows network-adjacent attackers to bypass…
CVE-2025-5748 2025-06-06 HIGH 8.0 WOLFBOX Level 2 EV Charger LAN OTA Exposed Dangerous Method Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to…
CVE-2025-5747 2025-06-06 HIGH 8.0 WOLFBOX Level 2 EV Charger MCU Command Parsing Misinterpretation of Input Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers…
CVE-2025-5685 2025-06-05 HIGH 8.8 A vulnerability, which was classified as critical, was found in Tenda CH22 1.0.0.1. This affects the function formNatlimit of the…
CVE-2025-33035 2025-06-06 N/A 0.0 A path traversal vulnerability has been reported to affect File Station 5. If a remote attacker gains a user account,…
CVE-2025-33031 2025-06-06 N/A 0.0 An improper certificate validation vulnerability has been reported to affect File Station 5. If a remote attacker gains a user…
CVE-2025-30279 2025-06-06 N/A 0.0 An improper certificate validation vulnerability has been reported to affect File Station 5. If a remote attacker gains a user…
CVE-2025-29892 2025-06-06 N/A 0.0 An SQL injection vulnerability has been reported to affect Qsync Central. If exploited, the vulnerability could allow remote attackers who…
CVE-2025-29885 2025-06-06 N/A 0.0 An improper certificate validation vulnerability has been reported to affect File Station 5. If exploited, the vulnerability could allow remote…
CVE-2025-29884 2025-06-06 N/A 0.0 An improper certificate validation vulnerability has been reported to affect File Station 5. If exploited, the vulnerability could allow remote…
CVE-2025-29883 2025-06-06 N/A 0.0 An improper certificate validation vulnerability has been reported to affect File Station 5. If exploited, the vulnerability could allow remote…
CVE-2025-29877 2025-06-06 N/A 0.0 A NULL pointer dereference vulnerability has been reported to affect File Station 5. If a remote attacker gains a user…
Página 1 de 3219 Siguiente »