Vulnerabilidades CVE

A continuación la lista de las últimas vulnerabilidades publicadas por el instituto NIST:

Borrar filtros
CVE ID Publicado Severidad CVSS Descripción
CVE-2025-6899 2025-06-30 MEDIUM 6.3 A vulnerability, which was classified as critical, was found in D-Link DI-7300G+ and DI-8200G 17.12.20A1/19.12.25A1. This affects an unknown part of the file msp_info.htm. The manipulation of the…
CVE-2025-53415 2025-06-30 HIGH 7.8 Delta Electronics DTM Soft Project File Parsing Deserialization of Untrusted Data Remote Code Execution
CVE-2025-40734 2025-06-30 N/A 0.0 Reflected Cross-Site Scripting (XSS) vulnerability in Daily Expense Manager v1.0. This vulnerability allows an attacker to execute JavaScript code by sending a POST request through the password and confirm_password…
CVE-2025-40733 2025-06-30 N/A 0.0 Reflected Cross-Site Scripting (XSS) vulnerability in Daily Expense Manager v1.0. This vulnerability allows an attacker to execute JavaScript code by sending a POST request through the username parameter in…
CVE-2025-40732 2025-06-30 N/A 0.0 user enumeration vulnerability in Daily Expense Manager v1.0. To exploit this vulnerability a POST request must be sent using the name parameter in /check.php
CVE-2025-40731 2025-06-30 N/A 0.0 SQL injection vulnerability in Daily Expense Manager v1.0. This vulnerability allows an attacker to retrieve, create, update and delete databases through the pname, pprice and id parameters in…
CVE-2025-6898 2025-06-30 MEDIUM 6.3 A vulnerability, which was classified as critical, has been found in D-Link DI-7300G+ 19.12.25A1. Affected by this issue is some unknown functionality of the file in proxy_client.asp. The manipulation…
CVE-2025-6897 2025-06-30 MEDIUM 5.5 A vulnerability classified as critical was found in D-Link DI-7300G+ 19.12.25A1. Affected by this vulnerability is an unknown functionality of the file httpd_debug.asp. The manipulation of the argument…
CVE-2025-38090 2025-06-30 N/A 0.0 In the Linux kernel, the following vulnerability has been resolved: drivers/rapidio/rio_cm.c: prevent possible heap overwrite In riocm_cdev_ioctl(RIO_CM_CHAN_SEND) -> cm_chan_msg_send() -> riocm_ch_send() cm_chan_msg_send() checks that userspace didn't send too…
CVE-2025-38089 2025-06-30 N/A 0.0 In the Linux kernel, the following vulnerability has been resolved: sunrpc: handle SVC_GARBAGE during svc auth processing as auth error tianshuo han reported a remotely-triggerable crash if the…
CVE-2025-38088 2025-06-30 N/A 0.0 In the Linux kernel, the following vulnerability has been resolved: powerpc/powernv/memtrace: Fix out of bounds issue in memtrace mmap memtrace mmap issue has an out of bounds issue.…
CVE-2025-38087 2025-06-30 N/A 0.0 In the Linux kernel, the following vulnerability has been resolved: net/sched: fix use-after-free in taprio_dev_notifier Since taprio’s taprio_dev_notifier() isn’t protected by an RCU read-side critical section, a race…
CVE-2025-6896 2025-06-30 MEDIUM 6.3 A vulnerability classified as critical has been found in D-Link DI-7300G+ 19.12.25A1. Affected is an unknown function of the file wget_test.asp. The manipulation of the argument url leads…
CVE-2025-6891 2025-06-30 HIGH 7.3 A vulnerability classified as critical has been found in code-projects Inventory Management System 1.0. Affected is an unknown function of the file /php_action/createUser.php. The manipulation of the argument…
CVE-2025-6890 2025-06-30 MEDIUM 6.3 A vulnerability was found in code-projects Movie Ticketing System 1.0. It has been rated as critical. This issue affects some unknown processing of the file /ticketConfirmation.php. The manipulation…
CVE-2025-6889 2025-06-30 HIGH 7.3 A vulnerability was found in code-projects Movie Ticketing System 1.0. It has been declared as critical. This vulnerability affects unknown code of the file /logIn.php. The manipulation of…
CVE-2025-6888 2025-06-30 HIGH 7.3 A vulnerability was found in PHPGurukul Teachers Record Management System 2.1. It has been classified as critical. This affects an unknown part of the file /admin/changeimage.php. The manipulation…
CVE-2025-6887 2025-06-30 HIGH 8.8 A vulnerability was found in Tenda AC5 15.03.06.47 and classified as critical. Affected by this issue is some unknown functionality of the file /goform/SetSysTimeCfg. The manipulation of the…
CVE-2025-6886 2025-06-30 HIGH 8.8 A vulnerability has been found in Tenda AC5 15.03.06.47 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /goform/openSchedWifi. The manipulation of…
CVE-2025-6885 2025-06-30 HIGH 7.3 A vulnerability, which was classified as critical, was found in PHPGurukul Teachers Record Management System 2.1. Affected is an unknown function of the file /admin/edit-teacher-detail.php. The manipulation of…
CVE-2025-6884 2025-06-30 MEDIUM 6.3 A vulnerability, which was classified as critical, has been found in code-projects Staff Audit System 1.0. This issue affects some unknown processing of the file /search_index.php. The manipulation…
CVE-2025-6883 2025-06-30 MEDIUM 6.3 A vulnerability classified as critical was found in code-projects Staff Audit System 1.0. This vulnerability affects unknown code of the file /update_index.php. The manipulation of the argument updateid…
CVE-2025-6882 2025-06-30 HIGH 8.8 A vulnerability classified as critical has been found in D-Link DIR-513 1.0. This affects an unknown part of the file /goform/formSetWanPPTP. The manipulation of the argument curTime leads…
CVE-2025-53076 2025-06-30 N/A 0.0 Improper Input Validation vulnerability in Samsung Open Source rLottie allows Overread Buffers.This issue affects rLottie: V0.2.
CVE-2025-53074 2025-06-30 N/A 0.0 Out-of-bounds Read vulnerability in Samsung Open Source rLottie allows Overflow Buffers.This issue affects rLottie: V0.2.
CVE-2025-6881 2025-06-30 HIGH 8.8 A vulnerability was found in D-Link DI-8100 16.07.21. It has been rated as critical. Affected by this issue is some unknown functionality of the file /pppoe_base.asp of the…
CVE-2025-53075 2025-06-30 N/A 0.0 Improper Input Validation vulnerability in Samsung Open Source rLottie allows Path Traversal.This issue affects rLottie: V0.2.
CVE-2025-46014 2025-06-30 HIGH 8.8 Several services in Honor Device Co., Ltd Honor PC Manager v16.0.0.118 was discovered to connect services to the named pipe iMateBookAssistant with default or overly permissive security attributes,…
CVE-2025-0634 2025-06-30 N/A 0.0 Use After Free vulnerability in Samsung Open Source rLottie allows Remote Code Inclusion.This issue affects rLottie: V0.2.
CVE-2025-6880 2025-06-30 MEDIUM 6.3 A vulnerability classified as critical has been found in SourceCodester Best Salon Management System 1.0. Affected is an unknown function of the file /panel/edit-tax.php. The manipulation of the…
CVE-2025-6879 2025-06-30 MEDIUM 6.3 A vulnerability was found in SourceCodester Best Salon Management System 1.0. It has been rated as critical. This issue affects some unknown processing of the file /panel/add-tax.php. The…
CVE-2025-6878 2025-06-30 MEDIUM 6.3 A vulnerability was found in SourceCodester Best Salon Management System 1.0. It has been declared as critical. This vulnerability affects unknown code of the file /panel/search-appointment.php. The manipulation…
CVE-2025-6877 2025-06-30 MEDIUM 6.3 A vulnerability was found in SourceCodester Best Salon Management System 1.0. It has been classified as critical. This affects an unknown part of the file /panel/edit-category.php. The manipulation…
CVE-2025-6876 2025-06-29 MEDIUM 6.3 A vulnerability was found in SourceCodester Best Salon Management System 1.0 and classified as critical. Affected by this issue is some unknown functionality of the file /panel/add-category.php. The…
CVE-2025-6875 2025-06-29 MEDIUM 6.3 A vulnerability has been found in SourceCodester Best Salon Management System 1.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /panel/edit-subscription.php.…
CVE-2025-6874 2025-06-29 MEDIUM 6.3 A vulnerability, which was classified as critical, was found in SourceCodester Best Salon Management System 1.0. Affected is an unknown function of the file /panel/add_subscribe.php. The manipulation of…
CVE-2025-6873 2025-06-29 MEDIUM 4.7 A vulnerability, which was classified as critical, has been found in SourceCodester Simple Company Website 1.0. This issue affects some unknown processing of the file /classes/Users.php?f=save. The manipulation…
CVE-2025-6872 2025-06-29 MEDIUM 4.7 A vulnerability classified as critical was found in SourceCodester Simple Company Website 1.0. This vulnerability affects unknown code of the file /classes/SystemSettings.php?f=update_settings. The manipulation of the argument img…
CVE-2025-6871 2025-06-29 HIGH 7.3 A vulnerability classified as critical has been found in SourceCodester Simple Company Website 1.0. This affects an unknown part of the file /classes/Login.php. The manipulation of the argument…
CVE-2015-20112 2025-06-29 LOW 3.4 RLPx 5 has two CTR streams based on the same key, IV, and nonce. This can facilitate decryption on a private network.
CVE-2025-6870 2025-06-29 MEDIUM 4.7 A vulnerability was found in SourceCodester Simple Company Website 1.0. It has been rated as critical. Affected by this issue is some unknown functionality of the file /classes/Content.php?f=service.…
CVE-2025-6869 2025-06-29 MEDIUM 4.7 A vulnerability was found in SourceCodester Simple Company Website 1.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file /admin/testimonials/manage.php.…
CVE-2025-24292 2025-06-29 MEDIUM 6.8 A misconfigured query in UniFi Network (v9.1.120 and earlier) could allow users to authenticate to Enterprise WiFi or VPN Server (l2tp and OpenVPN) using a device’s MAC address…
CVE-2025-24290 2025-06-29 CRITICAL 9.9 Multiple Authenticated SQL Injection vulnerabilities found in UISP Application (Version 2.4.206 and earlier) could allow a malicious actor with low privileges to escalate privileges.
CVE-2025-24289 2025-06-29 HIGH 7.5 A Cross-Site Request Forgery (CSRF) leading to Cross-Site Scripting (XSS) vulnerability in the UCRM Client Signup Plugin (v1.3.4 and earlier) could allow privilege escalation if an Administrator is…
CVE-2025-6868 2025-06-29 MEDIUM 4.7 A vulnerability was found in SourceCodester Simple Company Website 1.0. It has been classified as critical. Affected is an unknown function of the file /admin/clients/manage.php. The manipulation of…
CVE-2025-6867 2025-06-29 MEDIUM 4.7 A vulnerability was found in SourceCodester Simple Company Website 1.0 and classified as critical. This issue affects some unknown processing of the file /admin/services/manage.php. The manipulation of the…
CVE-2025-53017 2025-06-30 N/A 0.0 Rejected reason: Reason: This candidate was issued in error.
CVE-2025-53001 2025-06-30 N/A 0.0 Rejected reason: Reason: This candidate was issued in error.
CVE-2025-53416 2025-06-30 N/A 0.0 Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.
« Anterior Página 1031 de 4307 Siguiente »