Vulnerabilidades CVE

A continuación la lista de las últimas vulnerabilidades publicadas por el instituto NIST:

Borrar filtros
CVE ID Publicado Severidad CVSS Descripción
CVE-2025-41224 2025-07-08 HIGH 8.8 A vulnerability has been identified in RUGGEDCOM RMC8388 V5.X (All versions < V5.10.0), RUGGEDCOM RMC8388NC V5.X (All versions < V5.10.0), RUGGEDCOM RS416NCv2 V5.X (All versions < V5.10.0), RUGGEDCOM…
CVE-2025-41223 2025-07-08 MEDIUM 4.8 A vulnerability has been identified in RUGGEDCOM i800 (All versions), RUGGEDCOM i801 (All versions), RUGGEDCOM i802 (All versions), RUGGEDCOM i803 (All versions), RUGGEDCOM M2100 (All versions), RUGGEDCOM M2200…
CVE-2025-41222 2025-07-08 MEDIUM 5.3 A vulnerability has been identified in RUGGEDCOM i800 (All versions), RUGGEDCOM i801 (All versions), RUGGEDCOM i802 (All versions), RUGGEDCOM i803 (All versions), RUGGEDCOM M2100 (All versions), RUGGEDCOM M2200…
CVE-2025-40742 2025-07-08 MEDIUM 5.3 A vulnerability has been identified in SIPROTEC 5 6MD84 (CP300) (All versions), SIPROTEC 5 6MD85 (CP300) (All versions), SIPROTEC 5 6MD86 (CP300) (All versions), SIPROTEC 5 6MD89 (CP300)…
CVE-2025-40741 2025-07-08 HIGH 7.8 A vulnerability has been identified in Solid Edge SE2025 (All versions < V225.0 Update 5). The affected applications contain a stack based overflow vulnerability while parsing specially crafted…
CVE-2025-40740 2025-07-08 HIGH 7.8 A vulnerability has been identified in Solid Edge SE2025 (All versions < V225.0 Update 5). The affected applications contain an out of bounds read past the end of…
CVE-2025-40739 2025-07-08 HIGH 7.8 A vulnerability has been identified in Solid Edge SE2025 (All versions < V225.0 Update 5). The affected applications contain an out of bounds read past the end of…
CVE-2025-40738 2025-07-08 HIGH 8.8 A vulnerability has been identified in SINEC NMS (All versions < V4.0). The affected application does not properly validate file paths when extracting uploaded ZIP files. This could…
CVE-2025-40737 2025-07-08 HIGH 8.8 A vulnerability has been identified in SINEC NMS (All versions < V4.0). The affected application does not properly validate file paths when extracting uploaded ZIP files. This could…
CVE-2025-40736 2025-07-08 CRITICAL 9.8 A vulnerability has been identified in SINEC NMS (All versions < V4.0). The affected application exposes an endpoint that allows an unauthorized modification of administrative credentials. This could…
CVE-2025-40735 2025-07-08 HIGH 8.8 A vulnerability has been identified in SINEC NMS (All versions < V4.0). The affected devices are vulnerable to SQL injection. This could allow an unauthenticated remote attacker to…
CVE-2025-40593 2025-07-08 MEDIUM 6.5 A vulnerability has been identified in SIMATIC CN 4100 (All versions < V4.0). The affected application allows to control the device by storing arbitrary files in the SFTP…
CVE-2025-27127 2025-07-08 MEDIUM 4.3 A vulnerability has been identified in TIA Project-Server (All versions < V2.1.1), TIA Project-Server V17 (All versions), Totally Integrated Automation Portal (TIA Portal) V17 (All versions), Totally Integrated…
CVE-2025-23365 2025-07-08 HIGH 7.8 A vulnerability has been identified in TIA Administrator (All versions < V3.0.6). The affected application allows low-privileged users to trigger installations by overwriting cache files and modifying the…
CVE-2025-23364 2025-07-08 MEDIUM 6.2 A vulnerability has been identified in TIA Administrator (All versions < V3.0.6). The affected application improperly validates code signing certificates. This could allow an attacker to bypass the…
CVE-2025-21009 2025-07-08 MEDIUM 5.5 Out-of-bounds read in decoding malformed frame header in libsavsvc.so prior to Android 15 allows local attackers to cause memory corruption.
CVE-2025-21008 2025-07-08 MEDIUM 5.5 Out-of-bounds read in decoding frame header in libsavsvc.so prior to Android 15 allows local attackers to cause memory corruption.
CVE-2025-21007 2025-07-08 MEDIUM 5.5 Out-of-bounds write in accessing uninitialized memory in libsavsvc.so prior to Android 15 allows local attackers to cause memory corruption.
CVE-2025-21006 2025-07-08 HIGH 7.0 Out-of-bounds write in handling of macro blocks for MPEG4 codec in libsavsvc.so prior to Android 15 allows local attackers to write out-of-bounds memory.
CVE-2025-21005 2025-07-08 MEDIUM 5.5 Improper access control in isemtelephony prior to Android 15 allows local attackers to access sensitive information.
CVE-2025-21004 2025-07-08 MEDIUM 6.2 Improper verification of intent by broadcast receiver in System UI for Galaxy Watch prior to SMR Jul-2025 Release 1 allows local attackers to power off the device.
CVE-2025-21003 2025-07-08 MEDIUM 4.0 Insecure storage of sensitive information in Emergency SOS prior to SMR Jul-2025 Release 1 allows local attackers to access sensitive information.
CVE-2025-21002 2025-07-08 MEDIUM 6.2 Improper access control in LeAudioService prior to SMR Jul-2025 Release 1 allows local attackers to manipulate broadcasting Auracast.
CVE-2025-21001 2025-07-08 MEDIUM 6.2 Improper access control in LeAudioService prior to SMR Jul-2025 Release 1 allows local attackers to stop broadcasting Auracast.
CVE-2025-21000 2025-07-08 MEDIUM 6.2 Improper privilege management in Bluetooth prior to SMR Jul-2025 Release 1 allows local attackers to enable Bluetooth.
CVE-2025-20999 2025-07-08 MEDIUM 4.1 Improper authorization in accessing saved Wi-Fi password for Galaxy Tablet prior to SMR Jul-2025 Release 1 allows secondary users to access owner's saved Wi-Fi password.
CVE-2025-20998 2025-07-08 MEDIUM 5.5 Improper access control in SamsungAccount for Galaxy Watch prior to SMR Jul-2025 Release 1 allows local attackers to access phone number.
CVE-2025-20997 2025-07-08 MEDIUM 6.2 Incorrect default permission in Framework for Galaxy Watch prior to SMR Jul-2025 Release 1 allows local attackers to reset some configuration of Galaxy Watch.
CVE-2025-20983 2025-07-08 MEDIUM 6.4 Out-of-bounds write in checking auth secret in KnoxVault trustlet prior to SMR Jul-2025 Release 1 allows local privileged attackers to write out-of-bounds memory.
CVE-2025-20982 2025-07-08 MEDIUM 6.4 Out-of-bounds write in setting auth secret in KnoxVault trustlet prior to SMR Jul-2025 Release 1 allows local privileged attackers to write out-of-bounds memory.
CVE-2024-31854 2025-07-08 HIGH 8.1 A vulnerability has been identified in SICAM TOOLBOX II (All versions < V07.11). During establishment of a https connection to the TLS server of a managed device, the…
CVE-2024-31853 2025-07-08 HIGH 8.1 A vulnerability has been identified in SICAM TOOLBOX II (All versions < V07.11). During establishment of a https connection to the TLS server of a managed device, the…
CVE-2023-52236 2025-07-08 HIGH 7.0 A vulnerability has been identified in RUGGEDCOM i800 (All versions), RUGGEDCOM i801 (All versions), RUGGEDCOM i802 (All versions), RUGGEDCOM i803 (All versions), RUGGEDCOM M2100 (All versions), RUGGEDCOM M2200…
CVE-2025-7172 2025-07-08 HIGH 7.3 A vulnerability, which was classified as critical, was found in code-projects Crime Reporting System 1.0. This affects an unknown part of the file /headlogin.php. The manipulation of the…
CVE-2025-6744 2025-07-08 HIGH 7.3 The The Woodmart theme for WordPress is vulnerable to arbitrary shortcode execution in all versions up to, and including, 8.2.3. This is due to the software allowing users…
CVE-2025-7171 2025-07-08 HIGH 7.3 A vulnerability, which was classified as critical, has been found in code-projects Crime Reporting System 1.0. Affected by this issue is some unknown functionality of the file /policelogin.php.…
CVE-2025-7170 2025-07-08 HIGH 7.3 A vulnerability classified as critical was found in code-projects Crime Reporting System 1.0. Affected by this vulnerability is an unknown functionality of the file /registration.php. The manipulation of…
CVE-2025-7169 2025-07-08 HIGH 7.3 A vulnerability classified as critical has been found in code-projects Crime Reporting System 1.0. Affected is an unknown function of the file /complainer_page.php. The manipulation of the argument…
CVE-2025-7168 2025-07-08 HIGH 7.3 A vulnerability was found in code-projects Crime Reporting System 1.0. It has been rated as critical. This issue affects some unknown processing of the file /userlogin.php. The manipulation…
CVE-2025-38237 2025-07-08 N/A 0.0 In the Linux kernel, the following vulnerability has been resolved: media: platform: exynos4-is: Add hardware sync wait to fimc_is_hw_change_mode() In fimc_is_hw_change_mode(), the function changes camera modes without waiting…
CVE-2025-38236 2025-07-08 N/A 0.0 In the Linux kernel, the following vulnerability has been resolved: af_unix: Don't leave consecutive consumed OOB skbs. Jann Horn reported a use-after-free in unix_stream_read_generic(). The following sequences reproduce…
CVE-2025-7346 2025-07-08 N/A 0.0 Any unauthenticated attacker can bypass the localhost restrictions posed by the application and utilize this to create arbitrary packages
CVE-2025-7167 2025-07-08 MEDIUM 6.3 A vulnerability was found in code-projects Responsive Blog Site 1.0. It has been declared as critical. This vulnerability affects unknown code of the file /category.php. The manipulation of…
CVE-2025-7166 2025-07-08 MEDIUM 6.3 A vulnerability was found in code-projects Responsive Blog Site 1.0. It has been classified as critical. This affects an unknown part of the file /single.php. The manipulation of…
CVE-2025-6746 2025-07-08 HIGH 8.8 The WoodMart plugin for WordPress is vulnerable to Local File Inclusion in all versions up to, and including, 8.2.3 via the 'layout' attribute. This makes it possible for…
CVE-2025-6743 2025-07-08 MEDIUM 6.4 The Woodmart theme for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'multiple_markers' attribute in all versions up to, and including, 8.2.3 due to insufficient input…
CVE-2025-42956 2025-07-08 MEDIUM 6.1 SAP NetWeaver Application Server ABAP and ABAP Platform allows an unauthenticated attacker to create a malicious link which they can make publicly available. When an authenticated victim clicks…
CVE-2025-41668 2025-07-08 HIGH 8.8 A low privileged remote attacker with file access can replace a critical file or folder used by the service security-profile to get read, write and execute access to…
CVE-2025-41667 2025-07-08 HIGH 8.8 A low privileged remote attacker with file access can replace a critical file used by the arp-preinit script to get read, write and execute access to any file…
CVE-2025-41666 2025-07-08 HIGH 8.8 A low privileged remote attacker with file access can replace a critical file used by the watchdog to get read, write and execute access to any file on…
« Anterior Página 1012 de 4307 Siguiente »