Vulnerabilidades CVE

A continuación la lista de las últimas vulnerabilidades publicadas por el instituto NIST:

Borrar filtros
CVE ID Publicado Severidad CVSS Descripción
CVE-2025-7176 2025-07-08 HIGH 7.3 A vulnerability was found in PHPGurukul Hospital Management System 1.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file view-medhistory.php.…
CVE-2025-7175 2025-07-08 MEDIUM 6.3 A vulnerability was found in code-projects E-Commerce Site 1.0. It has been classified as critical. Affected is an unknown function of the file /admin/users_photo.php. The manipulation of the…
CVE-2025-7174 2025-07-08 HIGH 7.3 A vulnerability was found in code-projects Library System 1.0 and classified as critical. This issue affects some unknown processing of the file /teacher-issue-book.php. The manipulation of the argument…
CVE-2025-7165 2025-07-08 HIGH 7.3 A vulnerability was found in PHPGurukul/Campcodes Cyber Cafe Management System 1.0 and classified as critical. Affected by this issue is some unknown functionality of the file /forgot-password.php. The…
CVE-2025-7164 2025-07-08 HIGH 7.3 A vulnerability has been found in PHPGurukul/Campcodes Cyber Cafe Management System 1.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /index.php.…
CVE-2025-7149 2025-07-07 MEDIUM 6.3 A vulnerability was found in Campcodes Advanced Online Voting System 1.0. It has been classified as critical. This affects an unknown part of the file /admin/candidates_delete.php. The manipulation…
CVE-2025-7150 2025-07-07 MEDIUM 6.3 A vulnerability was found in Campcodes Advanced Online Voting System 1.0. It has been declared as critical. This vulnerability affects unknown code of the file /admin/voters_delete.php. The manipulation…
CVE-2025-7151 2025-07-07 MEDIUM 6.3 A vulnerability was found in Campcodes Advanced Online Voting System 1.0. It has been rated as critical. This issue affects some unknown processing of the file /admin/voters_add.php. The…
CVE-2025-48386 2025-07-08 MEDIUM 6.3 Git is a fast, scalable, distributed revision control system with an unusually rich command set that provides both high-level operations and full access to internals. The wincred credential…
CVE-2025-48385 2025-07-08 N/A 0.0 Git is a fast, scalable, distributed revision control system with an unusually rich command set that provides both high-level operations and full access to internals. When cloning a…
CVE-2025-48384 2025-07-08 HIGH 8.0 Git is a fast, scalable, distributed revision control system with an unusually rich command set that provides both high-level operations and full access to internals. When reading a…
CVE-2025-27369 2025-07-08 MEDIUM 4.3 IBM OpenPages with Watson 8.3 and 9.0 is vulnerable to information disclosure of sensitive information due to a weaker than expected security for certain REST end points used…
CVE-2025-27367 2025-07-08 MEDIUM 5.3 IBM OpenPages with Watson 8.3 and 9.0 is vulnerable to improper input validation due to bypassing of client-side validation for the data types and requiredness of fields for…
CVE-2024-49784 2025-07-08 MEDIUM 5.3 IBM OpenPages with Watson 8.3 and 9.0 could provide weaker than expected security in storage of encrypted data with AES encryption and CBC mode. If an authenticated remote…
CVE-2024-49783 2025-07-08 MEDIUM 5.3 IBM OpenPages with Watson 8.3 and 9.0 could provide weaker than expected security in storage of encrypted data. If an authenticated remote attacker with access to the database…
CVE-2023-43039 2025-07-08 MEDIUM 6.1 IBM OpenPages with Watson 9.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality…
CVE-2025-7152 2025-07-08 MEDIUM 6.3 A vulnerability classified as critical has been found in Campcodes Advanced Online Voting System 1.0. Affected is an unknown function of the file /admin/candidates_add.php. The manipulation of the…
CVE-2025-7153 2025-07-08 LOW 3.5 A vulnerability classified as problematic was found in CodeAstro Simple Hospital Management System 1.0. Affected by this vulnerability is an unknown functionality of the file /doctor.html of the…
CVE-2025-7363 2025-07-08 N/A 0.0 The TitleIcon extension for MediaWiki is vulnerable to stored XSS through the #titleicon_unicode parser function. User input passed to this function is wrapped in an HtmlArmor object without…
CVE-2025-7362 2025-07-08 N/A 0.0 The MsUpload extension for MediaWiki is vulnerable to stored XSS via the msu-continue system message, which is inserted into the DOM without proper sanitization. The vulnerability occurs in…
CVE-2025-7189 2025-07-08 MEDIUM 6.3 A vulnerability, which was classified as critical, has been found in code-projects Chat System 1.0. Affected by this issue is some unknown functionality of the file /user/send_message.php. The…
CVE-2025-7188 2025-07-08 MEDIUM 6.3 A vulnerability classified as critical was found in code-projects Chat System 1.0. Affected by this vulnerability is an unknown functionality of the file /user/addmember.php. The manipulation of the…
CVE-2025-7140 2025-07-07 LOW 2.4 A vulnerability classified as problematic has been found in SourceCodester Best Salon Management System 1.0. Affected is an unknown function of the file /panel/edit-staff.php of the component Update…
CVE-2025-6044 2025-07-07 MEDIUM 6.1 An Improper Access Control vulnerability in the Stylus Tools component of Google ChromeOS version 16238.64.0 on Lenovo devices allows a physical attacker to bypass the lock screen and…
CVE-2025-53499 2025-07-07 CRITICAL 9.1 : Missing Authorization vulnerability in Wikimedia Foundation Mediawiki - AbuseFilter Extension allows Unauthorized Access.This issue affects Mediawiki - AbuseFilter Extension: from 1.39.X before 1.39.13, from 1.42.X before 1.42.7,…
CVE-2025-53498 2025-07-07 MEDIUM 5.3 : Insufficient Logging vulnerability in Wikimedia Foundation Mediawiki - AbuseFilter Extension allows Data Leakage Attacks.This issue affects Mediawiki - AbuseFilter Extension: from 1.39.X before 1.39.13, from 1.42.X before…
CVE-2025-53495 2025-07-07 CRITICAL 9.1 Missing Authorization vulnerability in Wikimedia Foundation Mediawiki - AbuseFilter Extension allows Unauthorized Access.This issue affects Mediawiki - AbuseFilter Extension: from 1.39.X before 1.39.13, from 1.42.X before 1.42.7, from…
CVE-2025-53488 2025-07-07 MEDIUM 6.1 Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Wikimedia Foundation Mediawiki - WikiHiero Extension allows Stored XSS.This issue affects Mediawiki - WikiHiero…
CVE-2025-4663 2025-07-08 N/A 0.0 An Improper Check for Unusual or Exceptional Conditions vulnerability in Brocade Fabric OS before 9.2.2.a could allow an authenticated, network-based attacker to cause a Denial-of-Service (DoS). The vulnerability…
CVE-2025-49691 2025-07-08 HIGH 8.0 Heap-based buffer overflow in Windows Media allows an unauthorized attacker to execute code over an adjacent network.
CVE-2025-47135 2025-07-08 MEDIUM 5.5 Dimension versions 4.1.2 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass…
CVE-2025-30312 2025-07-08 HIGH 7.8 Dimension versions 4.1.2 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of…
CVE-2025-0928 2025-07-08 HIGH 8.8 In Juju versions prior to 3.6.8 and 2.9.52, any authenticated controller user was allowed to upload arbitrary agent binaries to any model or to the controller itself, without…
CVE-2025-7173 2025-07-08 HIGH 7.3 A vulnerability has been found in code-projects Library System 1.0 and classified as critical. This vulnerability affects unknown code of the file /add-student.php. The manipulation of the argument…
CVE-2025-7186 2025-07-08 MEDIUM 6.3 A vulnerability was found in code-projects Chat System 1.0. It has been rated as critical. This issue affects some unknown processing of the file /user/fetch_chat.php. The manipulation of…
CVE-2025-7155 2025-07-08 HIGH 7.3 A vulnerability, which was classified as critical, was found in PHPGurukul Online Notes Sharing System 1.0. This affects an unknown part of the file /Dashboard of the component…
CVE-2025-53512 2025-07-08 MEDIUM 6.5 The /log endpoint on a Juju controller lacked sufficient authorization checks, allowing unauthorized users to access debug messages that could contain sensitive information.
CVE-2025-49760 2025-07-08 LOW 3.5 External control of file name or path in Windows Storage allows an authorized attacker to perform spoofing over a network.
CVE-2025-49756 2025-07-08 LOW 3.3 Use of a broken or risky cryptographic algorithm in Office Developer Platform allows an authorized attacker to bypass a security feature locally.
CVE-2025-7154 2025-07-08 MEDIUM 6.3 A vulnerability, which was classified as critical, has been found in TOTOLINK N200RE 9.3.5u.6095_B20200916/9.3.5u.6139_B20201216. Affected by this issue is the function sub_41A0F8 of the file /cgi-bin/cstecgi.cgi. The manipulation…
CVE-2025-49753 2025-07-08 HIGH 8.8 Heap-based buffer overflow in Windows Routing and Remote Access Service (RRAS) allows an unauthorized attacker to execute code over a network.
CVE-2025-49744 2025-07-08 HIGH 7.0 Heap-based buffer overflow in Microsoft Graphics Component allows an authorized attacker to elevate privileges locally.
CVE-2025-49742 2025-07-08 HIGH 7.8 Integer overflow or wraparound in Microsoft Graphics Component allows an authorized attacker to execute code locally.
CVE-2025-49740 2025-07-08 HIGH 8.8 Protection mechanism failure in Windows SmartScreen allows an unauthorized attacker to bypass a security feature over a network.
CVE-2025-49739 2025-07-08 HIGH 8.8 Improper link resolution before file access ('link following') in Visual Studio allows an unauthorized attacker to elevate privileges over a network.
CVE-2025-49738 2025-07-08 HIGH 7.8 Improper link resolution before file access ('link following') in Microsoft PC Manager allows an authorized attacker to elevate privileges locally.
CVE-2025-49737 2025-07-08 HIGH 7.0 Concurrent execution using shared resource with improper synchronization ('race condition') in Microsoft Teams allows an authorized attacker to elevate privileges locally.
CVE-2025-49735 2025-07-08 HIGH 8.1 Use after free in Windows KDC Proxy Service (KPSSVC) allows an unauthorized attacker to execute code over a network.
CVE-2025-49733 2025-07-08 HIGH 7.8 Use after free in Windows Win32K - ICOMP allows an authorized attacker to elevate privileges locally.
CVE-2025-49732 2025-07-08 HIGH 7.8 Heap-based buffer overflow in Microsoft Graphics Component allows an authorized attacker to elevate privileges locally.
« Anterior Página 1007 de 4307 Siguiente »