Vulnerabilidades CVE

A continuación la lista de las últimas vulnerabilidades publicadas por el instituto NIST:

Borrar filtros
CVE ID Publicado Severidad CVSS Descripción
CVE-2025-6759 2025-07-08 N/A 0.0 Local Privilege escalation allows a low-privileged user to gain SYSTEM privileges in Windows Virtual Delivery Agent for CVAD and Citrix DaaS
CVE-2025-49547 2025-07-08 MEDIUM 5.4 Adobe Experience Manager versions 11.4 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low-privileged attacker to inject malicious scripts…
CVE-2025-49534 2025-07-08 MEDIUM 5.4 Adobe Experience Manager versions 11.4 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low-privileged attacker to inject malicious scripts…
CVE-2025-49533 2025-07-08 CRITICAL 9.8 Adobe Experience Manager (MS) versions 6.5.23.0 and earlier are affected by a Deserialization of Untrusted Data vulnerability that could lead to arbitrary code execution by an attacker. Exploitation…
CVE-2025-49532 2025-07-08 HIGH 7.8 Illustrator versions 28.7.6, 29.5.1 and earlier are affected by an Integer Underflow (Wrap or Wraparound) vulnerability that could result in arbitrary code execution in the context of the…
CVE-2025-49531 2025-07-08 HIGH 7.8 Illustrator versions 28.7.6, 29.5.1 and earlier are affected by an Integer Overflow or Wraparound vulnerability that could result in arbitrary code execution in the context of the current…
CVE-2025-49530 2025-07-08 HIGH 7.8 Illustrator versions 28.7.6, 29.5.1 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation…
CVE-2025-49529 2025-07-08 HIGH 7.8 Illustrator versions 28.7.6, 29.5.1 and earlier are affected by an Access of Uninitialized Pointer vulnerability that could result in arbitrary code execution in the context of the current…
CVE-2025-49528 2025-07-08 HIGH 7.8 Illustrator versions 28.7.6, 29.5.1 and earlier are affected by a Stack-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user.…
CVE-2025-49527 2025-07-08 HIGH 7.8 Illustrator versions 28.7.6, 29.5.1 and earlier are affected by a Stack-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user.…
CVE-2025-49526 2025-07-08 HIGH 7.8 Illustrator versions 28.7.6, 29.5.1 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation…
CVE-2025-49525 2025-07-08 MEDIUM 5.5 Illustrator versions 28.7.6, 29.5.1 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. Exploitation of this issue requires user interaction…
CVE-2025-49524 2025-07-08 MEDIUM 5.5 Illustrator versions 28.7.6, 29.5.1 and earlier are affected by a NULL Pointer Dereference vulnerability that could lead to application denial-of-service. An attacker could exploit this vulnerability to crash…
CVE-2025-47136 2025-07-08 HIGH 7.8 InDesign Desktop versions 19.5.3 and earlier are affected by an Integer Underflow (Wrap or Wraparound) vulnerability that could result in arbitrary code execution in the context of the…
CVE-2025-47134 2025-07-08 HIGH 7.8 InDesign Desktop versions 19.5.3 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user.…
CVE-2025-47103 2025-07-08 HIGH 7.8 InDesign Desktop versions 19.5.3 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user.…
CVE-2025-43594 2025-07-08 HIGH 7.8 InDesign Desktop versions 19.5.3 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation…
CVE-2025-43592 2025-07-08 HIGH 7.8 InDesign Desktop versions 19.5.3 and earlier are affected by an Access of Uninitialized Pointer vulnerability that could result in arbitrary code execution in the context of the current…
CVE-2025-43591 2025-07-08 HIGH 7.8 InDesign Desktop versions 19.5.3 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user.…
CVE-2025-30313 2025-07-08 MEDIUM 5.5 Illustrator versions 28.7.6, 29.5.1 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. Exploitation of this issue requires user interaction…
CVE-2025-27203 2025-07-08 CRITICAL 9.6 Adobe Connect versions 24.0 and earlier are affected by a Deserialization of Untrusted Data vulnerability that could lead to arbitrary code execution by an attacker. Exploitation of this…
CVE-2025-27165 2025-07-08 MEDIUM 5.5 Substance3D - Stager versions 3.1.2 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. Exploitation of this issue requires user…
CVE-2025-7194 2025-07-08 HIGH 8.8 A vulnerability was found in D-Link DI-500WF 17.04.10A1T. It has been declared as critical. Affected by this vulnerability is the function sprintf of the file ip_position.asp of the…
CVE-2025-7031 2025-07-08 N/A 0.0 Missing Authentication for Critical Function vulnerability in Drupal Config Pages Viewer allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Config Pages Viewer: from 0.0.0 before 1.0.4.
CVE-2025-53480 2025-07-08 MEDIUM 5.4 The CheckUser extension’s Special:Investigate page has a vulnerability in the Account information tab, where specific internationalized messages are rendered without proper escaping. Attackers can exploit this by appending…
CVE-2025-49551 2025-07-08 HIGH 8.8 ColdFusion versions 2025.2, 2023.14, 2021.20 and earlier are affected by a Use of Hard-coded Credentials vulnerability that could result in privilege escalation. An attacker could leverage this vulnerability…
CVE-2025-49546 2025-07-08 LOW 2.4 ColdFusion versions 2025.2, 2023.14, 2021.20 and earlier are affected by an Improper Access Control vulnerability that could lead to application denial-of-service. A high-privileged attacker could exploit this vulnerability…
CVE-2025-49545 2025-07-08 MEDIUM 6.2 ColdFusion versions 2025.2, 2023.14, 2021.20 and earlier are affected by a Server-Side Request Forgery (SSRF) vulnerability that could lead to arbitrary file system read. A high-privilege authenticated attacker…
CVE-2025-49544 2025-07-08 MEDIUM 6.8 ColdFusion versions 2025.2, 2023.14, 2021.20 and earlier are affected by an Improper Restriction of XML External Entity Reference ('XXE') vulnerability that could result in a Security feature bypass.…
CVE-2025-49543 2025-07-08 MEDIUM 4.3 ColdFusion versions 2025.2, 2023.14, 2021.20 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a high-privileged attacker to inject malicious scripts…
CVE-2025-49542 2025-07-08 MEDIUM 5.2 ColdFusion versions 2025.2, 2023.14, 2021.20 and earlier are affected by a reflected Cross-Site Scripting (XSS) vulnerability. If an unauthenticated attacker is able to convince a victim to visit…
CVE-2025-49541 2025-07-08 MEDIUM 4.3 ColdFusion versions 2025.2, 2023.14, 2021.20 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a high-privileged attacker to inject malicious scripts…
CVE-2025-49540 2025-07-08 MEDIUM 4.3 ColdFusion versions 2025.2, 2023.14, 2021.20 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a high-privileged attacker to inject malicious scripts…
CVE-2025-49539 2025-07-08 MEDIUM 4.5 ColdFusion versions 2025.2, 2023.14, 2021.20 and earlier are affected by an Improper Restriction of XML External Entity Reference ('XXE') vulnerability that could result in a security feature bypass.…
CVE-2025-49538 2025-07-08 HIGH 7.4 ColdFusion versions 2025.2, 2023.14, 2021.20 and earlier are affected by an XML Injection vulnerability that could lead to arbitrary file system read. An attacker can exploit this issue…
CVE-2025-49537 2025-07-08 HIGH 7.9 ColdFusion versions 2025.2, 2023.14, 2021.20 and earlier are affected by an Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability that could lead…
CVE-2025-49536 2025-07-08 HIGH 7.3 ColdFusion versions 2025.2, 2023.14, 2021.20 and earlier are affected by an Incorrect Authorization vulnerability that could result in a Security feature bypass. A low-privileged attacker could leverage this…
CVE-2025-49535 2025-07-08 CRITICAL 9.3 ColdFusion versions 2025.2, 2023.14, 2021.20 and earlier are affected by an Improper Restriction of XML External Entity Reference ('XXE') vulnerability that could result in a Security feature bypass.…
CVE-2025-43584 2025-07-08 MEDIUM 5.5 Substance3D - Viewer versions 0.22 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. Exploitation of this issue requires user…
CVE-2025-43583 2025-07-08 MEDIUM 5.5 Substance3D - Viewer versions 0.22 and earlier are affected by a NULL Pointer Dereference vulnerability that could lead to application denial-of-service. An attacker could exploit this vulnerability to…
CVE-2025-43582 2025-07-08 HIGH 7.8 Substance3D - Viewer versions 0.22 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current…
CVE-2025-47422 2025-07-08 HIGH 7.5 Advanced Installer before 22.6 has an uncontrolled search path element local privilege escalation vulnerability. When running as SYSTEM in certain configurations, Advanced Installer looks in standard-user writable locations…
CVE-2025-29267 2025-07-08 MEDIUM 6.5 SQL Injection vulnerability in Abis, Inc Adjutant Core Accounting ERP build v.PreBeta250F allows a remote attacker to obtain a sensitive information via the cid parameter in the GET…
CVE-2025-37103 2025-07-08 CRITICAL 9.8 Hard-coded login credentials were found in HPE Networking Instant On Access Points, allowing anyone with knowledge of it to bypass normal device authentication. Successful exploitation could allow a…
CVE-2025-37102 2025-07-08 HIGH 7.2 An authenticated command injection vulnerability exists in the Command line interface of HPE Networking Instant On Access Points. A successful exploitation could allow a remote attacker with elevated…
CVE-2025-7180 2025-07-08 HIGH 7.3 A vulnerability, which was classified as critical, has been found in code-projects Staff Audit System 1.0. This issue affects some unknown processing of the file /login.php. The manipulation…
CVE-2025-7181 2025-07-08 MEDIUM 6.3 A vulnerability, which was classified as critical, was found in code-projects Staff Audit System 1.0. Affected is an unknown function of the file /test.php. The manipulation of the…
CVE-2025-7179 2025-07-08 HIGH 7.3 A vulnerability classified as critical was found in code-projects Library System 1.0. This vulnerability affects unknown code of the file /add-teacher.php. The manipulation of the argument Username leads…
CVE-2025-7178 2025-07-08 HIGH 7.3 A vulnerability classified as critical has been found in code-projects Food Distributor Site 1.0. This affects an unknown part of the file /admin/login.php. The manipulation of the argument…
CVE-2025-7177 2025-07-08 MEDIUM 4.7 A vulnerability was found in PHPGurukul Car Washing Management System 1.0. It has been rated as critical. Affected by this issue is some unknown functionality of the file…
« Anterior Página 1006 de 4307 Siguiente »