Skip to content
Toggle Navigation
Kit ISO 27001
Ingeniería y Consultoría
Recursos
ISO 27001
ISO 27001 – GAP Analysis Tool
Ciberseguridad
Vulnerabilidades CVE
Blog
Contacto
Obtener el Toolkit
Toggle Navigation
Kit ISO 27001
Ingeniería y Consultoría
Recursos
ISO 27001
ISO 27001 – GAP Analysis Tool
Ciberseguridad
Vulnerabilidades CVE
Blog
Contacto
Obtener el Toolkit
Vulnerabilidades CVE
Vulnerabilidades CVE
drmunozcl
2025-06-04T18:44:58-04:00
Vulnerabilidades CVE
A continuación la lista de las últimas vulnerabilidades publicadas por el instituto NIST:
Severidad:
Todas
NONE
LOW
MEDIUM
HIGH
CRITICAL
UNKNOWN
CVE:
Aplicar
Borrar filtros
CVE ID
Publicado
Severidad
CVSS
Descripción
CVE-2025-5306
2025-06-27
N/A
0.0
Improper Neutralization of Special Elements in the Netflow directory field may allow OS command injection. This issue affects Pandora FMS 774 through 778
CVE-2025-4587
2025-06-27
MEDIUM
6.4
The A/B Testing for WordPress plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'ab-testing-for-wp/ab-test-block' block in all versions up to, and including, 1.18.2 due…
CVE-2025-5526
2025-06-27
N/A
0.0
The BuddyPress Docs WordPress plugin before 2.2.5 lacks proper access controls and allows a logged in user to view and download files belonging to another user
CVE-2025-5194
2025-06-27
N/A
0.0
The WP Map Block WordPress plugin before 2.0.3 does not validate and escape some of its block options before outputting them back in a page/post where the block…
CVE-2025-41418
2025-06-27
MEDIUM
5.3
Buffer Overflow vulnerability exists in multiple versions of TB-eye network recorders and AHD recorders. The CGI process may be terminated abnormally by processing a specially crafted request.
CVE-2025-36529
2025-06-27
HIGH
7.2
An OS command injection issue exists in multiple versions of TB-eye network recorders and AHD recorders. If this vulnerability is exploited, an arbitrary OS command may be executed…
CVE-2025-6753
2025-06-27
MEDIUM
6.3
A vulnerability was found in huija bicycleSharingServer 1.0 and classified as critical. This issue affects the function selectAdminByNameLike of the file AdminController.java. The manipulation leads to sql injection.…
CVE-2025-6488
2025-06-27
MEDIUM
6.4
The isMobile plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘device’ parameter in all versions up to, and including, 1.1.1 due to insufficient input sanitization…
CVE-2025-6752
2025-06-27
HIGH
8.8
A vulnerability has been found in Linksys WRT1900ACS, EA7200, EA7450 and EA7500 up to 20250619 and classified as critical. This vulnerability affects the function SetDefaultConnectionService of the file…
CVE-2025-6751
2025-06-27
HIGH
8.8
A vulnerability, which was classified as critical, was found in Linksys E8450 up to 1.2.00.360516. This affects the function set_device_language of the file portal.cgi of the component HTTP…
CVE-2025-53166
2025-06-27
N/A
0.0
Rejected reason: Not used
CVE-2025-53165
2025-06-27
N/A
0.0
Rejected reason: Not used
CVE-2025-53164
2025-06-27
N/A
0.0
Rejected reason: Not used
CVE-2025-53163
2025-06-27
N/A
0.0
Rejected reason: Not used
CVE-2025-53162
2025-06-27
N/A
0.0
Rejected reason: Not used
CVE-2025-53161
2025-06-27
N/A
0.0
Rejected reason: Not used
CVE-2025-53160
2025-06-27
N/A
0.0
Rejected reason: Not used
CVE-2025-53159
2025-06-27
N/A
0.0
Rejected reason: Not used
CVE-2025-53158
2025-06-27
N/A
0.0
Rejected reason: Not used
CVE-2025-53157
2025-06-27
N/A
0.0
Rejected reason: Not used
CVE-2025-47824
2025-06-27
LOW
2.0
Flock Safety LPR (License Plate Reader) devices with firmware through 2.2 have cleartext storage of code.
CVE-2025-47823
2025-06-27
LOW
2.2
Flock Safety LPR (License Plate Reader) devices with firmware through 2.2 have a hardcoded password for a system.
CVE-2025-47822
2025-06-27
MEDIUM
6.4
Flock Safety LPR (License Plate Reader) devices with firmware through 2.2 have an on-chip debug interface with improper access control.
CVE-2025-47821
2025-06-27
LOW
2.2
Flock Safety Gunshot Detection devices before 1.3 have a hardcoded password for a system.
CVE-2025-47820
2025-06-27
LOW
2.0
Flock Safety Gunshot Detection devices before 1.3 have cleartext storage of code.
CVE-2025-6749
2025-06-27
MEDIUM
6.3
A vulnerability classified as critical was found in huija bicycleSharingServer up to 7b8a3ba48ad618604abd4797d2e7cf3b5ac7625a. Affected by this vulnerability is the function searchAdminMessageShow of the file AdminController.java. The manipulation of…
CVE-2025-6748
2025-06-27
LOW
2.1
A vulnerability classified as problematic has been found in Bharti Airtel Thanks App 4.105.4 on Android. Affected is an unknown function of the file /Android/data/com.myairtelapp/files/. The manipulation leads…
CVE-2025-47819
2025-06-27
MEDIUM
6.4
Flock Safety Gunshot Detection devices before 1.3 have an on-chip debug interface with improper access control.
CVE-2025-47818
2025-06-27
LOW
2.2
Flock Safety Gunshot Detection devices before 1.3 have a hard-coded password for a connection.
CVE-2025-6738
2025-06-27
MEDIUM
6.3
A vulnerability, which was classified as critical, has been found in huija bicycleSharingServer up to 7b8a3ba48ad618604abd4797d2e7cf3b5ac7625a. Affected by this issue is the function userDao.selectUserByUserNameLike of the file UserServiceImpl.java.…
CVE-2025-6736
2025-06-27
MEDIUM
6.3
A vulnerability classified as critical was found in juzaweb CMS 3.4.2. Affected by this vulnerability is an unknown functionality of the file /admin-cp/theme/install of the component Add New…
CVE-2025-6735
2025-06-27
MEDIUM
6.3
A vulnerability classified as critical has been found in juzaweb CMS 3.4.2. Affected is an unknown function of the file /admin-cp/imports of the component Import Page. The manipulation…
CVE-2025-6734
2025-06-26
HIGH
8.8
A vulnerability was found in UTT HiPER 840G up to 3.1.1-190328. It has been rated as critical. This issue affects the function sub_484E40 of the file /goform/formP2PLimitConfig of…
CVE-2025-6733
2025-06-26
HIGH
8.8
A vulnerability was found in UTT HiPER 840G up to 3.1.1-190328. It has been declared as critical. This vulnerability affects the function sub_416928 of the file /goform/formConfigDnsFilterGlobal of…
CVE-2025-6732
2025-06-26
HIGH
8.8
A vulnerability was found in UTT HiPER 840G up to 3.1.1-190328. It has been classified as critical. This affects the function strcpy of the file /goform/setSysAdm of the…
CVE-2025-5731
2025-06-26
MEDIUM
6.2
A flaw was found in Infinispan CLI. A sensitive password, decoded from a Base64-encoded Kubernetes secret, is processed in plaintext and included in a command string that may…
CVE-2015-0849
2025-06-26
N/A
0.0
pycode-browser before version 1.0 is prone to a predictable temporary file vulnerability.
CVE-2025-52555
2025-06-26
MEDIUM
6.5
Ceph is a distributed object, block, and file storage platform. In versions 17.2.7, 18.2.1 through 18.2.4, and 19.0.0 through 19.2.2, an unprivileged user can escalate to root privileges…
CVE-2025-49603
2025-06-26
CRITICAL
9.1
Northern.tech Mender Server before 3.7.11 and 4.x before 4.0.1 has Incorrect Access Control.
CVE-2014-7210
2025-06-26
N/A
0.0
pdns specific as packaged in Debian in version before 3.3.1-1 creates a too privileged MySQL user. It was discovered that the maintainer scripts of pdns-backend-mysql grant too wide…
CVE-2014-6274
2025-06-26
N/A
0.0
git-annex had a bug in the S3 and Glacier remotes where if embedcreds=yes was set, and the remote used encryption=pubkey or encryption=hybrid, the embedded AWS credentials were stored…
CVE-2013-1440
2025-06-26
N/A
0.0
Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.
CVE-2025-30131
2025-06-26
CRITICAL
9.8
An issue was discovered on IROAD Dashcam FX2 devices. An unauthenticated file upload endpoint can be leveraged to execute arbitrary commands by uploading a CGI-based webshell. Once a…
CVE-2013-1424
2025-06-26
MEDIUM
5.6
Buffer overflow vulnerability in matplotlib.This issue affects matplotlib: before upstream commit ba4016014cb4fb4927e36ce8ea429fed47dcb787.
CVE-2025-5995
2025-06-26
N/A
0.0
Canon EOS Webcam Utility Pro for MAC OS version 2.3d (2.3.29) and earlier contains an improper directory permissions vulnerability. Exploitation of this vulnerability requires administrator access by a…
CVE-2025-53122
2025-06-26
N/A
0.0
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in OpenNMS Horizon and Meridian applications allows SQL Injection. Users should upgrade to Meridian 2024.2.6…
CVE-2025-52904
2025-06-26
HIGH
8.0
File Browser provides a file managing interface within a specified directory and it can be used to upload, delete, preview, rename and edit files. In version 2.32.0 of…
CVE-2025-52903
2025-06-26
HIGH
8.0
File Browser provides a file managing interface within a specified directory and it can be used to upload, delete, preview, rename and edit files. In version 2.32.0, the…
CVE-2025-51671
2025-06-26
MEDIUM
5.4
A SQL injection vulnerability was discovered in the PHPGurukul Dairy Farm Shop Management System 1.3. The vulnerability allows remote attackers to execute arbitrary SQL code via the category…
CVE-2025-49592
2025-06-26
MEDIUM
4.6
n8n is a workflow automation platform. Versions prior to 1.98.0 have an Open Redirect vulnerability in the login flow. Authenticated users can be redirected to untrusted, attacker-controlled domains…
« Anterior
Página 1038 de 4307
Siguiente »
Page load link
Go to Top
