Vulnerabilidades CVE

A continuación la lista de las últimas vulnerabilidades publicadas por el instituto NIST:

Borrar filtros
CVE ID Publicado Severidad CVSS Descripción
CVE-2025-6167 2025-06-17 MEDIUM 5.5 A vulnerability classified as critical has been found in themanojdesai python-a2a up to 0.5.5. Affected is the function create_workflow of the file python_a2a/agent_flow/server/api.py. The manipulation leads to path…
CVE-2025-6166 2025-06-17 LOW 3.5 A vulnerability was found in frdel Agent-Zero up to 0.8.4. It has been rated as problematic. This issue affects the function image_get of the file /python/api/image_get.py. The manipulation…
CVE-2025-6165 2025-06-17 HIGH 8.8 A vulnerability was found in TOTOLINK X15 1.0.0-B20230714.1105. It has been declared as critical. This vulnerability affects unknown code of the file /boafrm/formTmultiAP of the component HTTP POST…
CVE-2025-6164 2025-06-17 HIGH 8.8 A vulnerability was found in TOTOLINK A3002R 4.0.0-B20230531.1404. It has been classified as critical. This affects an unknown part of the file /boafrm/formMultiAP of the component HTTP POST…
CVE-2025-5209 2025-06-17 MEDIUM 4.8 The Ivory Search WordPress plugin before 5.5.10 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Cross-Site…
CVE-2025-6163 2025-06-17 HIGH 8.8 A vulnerability was found in TOTOLINK A3002RU 3.0.0-B20230809.1615 and classified as critical. Affected by this issue is some unknown functionality of the file /boafrm/formMultiAP of the component HTTP…
CVE-2025-6162 2025-06-17 HIGH 8.8 A vulnerability has been found in TOTOLINK EX1200T 4.1.2cu.5232_B20210713 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /boafrm/formMultiAP of the component…
CVE-2025-6161 2025-06-17 HIGH 7.3 A vulnerability, which was classified as critical, was found in SourceCodester Simple Food Ordering System 1.0. Affected is an unknown function of the file /editproduct.php. The manipulation of…
CVE-2025-6160 2025-06-17 HIGH 7.3 A vulnerability, which was classified as critical, has been found in SourceCodester Client Database Management System 1.0. This issue affects some unknown processing of the file /user_customer_create_order.php. The…
CVE-2025-6159 2025-06-17 HIGH 7.3 A vulnerability classified as critical was found in code-projects Hostel Management System 1.0. This vulnerability affects unknown code of the file /allocate_room.php. The manipulation of the argument search_box…
CVE-2025-6158 2025-06-17 HIGH 8.8 A vulnerability classified as critical has been found in D-Link DIR-665 1.00. This affects the function sub_AC78 of the component HTTP POST Request Handler. The manipulation leads to…
CVE-2025-6157 2025-06-17 HIGH 7.3 A vulnerability was found in PHPGurukul Nipah Virus Testing Management System 1.0. It has been rated as critical. Affected by this issue is some unknown functionality of the…
CVE-2025-6156 2025-06-17 MEDIUM 6.3 A vulnerability was found in PHPGurukul Nipah Virus Testing Management System 1.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the…
CVE-2025-6155 2025-06-17 HIGH 7.3 A vulnerability was found in PHPGurukul Hostel Management System 1.0. It has been classified as critical. Affected is an unknown function of the file /includes/login-hm.inc.php. The manipulation of…
CVE-2025-6154 2025-06-17 HIGH 7.3 A vulnerability was found in PHPGurukul Hostel Management System 1.0 and classified as critical. This issue affects some unknown processing of the file /includes/login.inc.php. The manipulation of the…
CVE-2025-6153 2025-06-17 HIGH 7.3 A vulnerability has been found in PHPGurukul Hostel Management System 1.0 and classified as critical. This vulnerability affects unknown code of the file /admin/students.php. The manipulation of the…
CVE-2025-49823 2025-06-17 NONE 0.0 (conda) Constructor is a tool which allows constructing an installer for a collection of conda packages. Prior to version 3.11.3, shell installer scripts process the installation prefix (user_prefix)…
CVE-2025-6152 2025-06-17 MEDIUM 6.3 A vulnerability, which was classified as critical, was found in Steel Browser up to 0.1.3. This affects the function handleFileUpload of the file api/src/modules/files/files.routes.ts. The manipulation of the…
CVE-2025-5673 2025-06-17 MEDIUM 6.5 The Blog2Social: Social Media Auto Post & Scheduler plugin for WordPress is vulnerable to SQL Injection via the ‘prgSortPostType’ parameter in all versions up to, and including, 8.4.4…
CVE-2025-4775 2025-06-17 MEDIUM 6.4 The WordPress Infinite Scroll – Ajax Load More plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the data-button-label HTML attribute in all versions up to, and…
CVE-2025-3774 2025-06-17 HIGH 7.2 The Wise Chat plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the X-Forwarded-For header in all versions up to, and including, 3.3.4 due to insufficient input…
CVE-2025-6151 2025-06-17 HIGH 8.8 A vulnerability, which was classified as critical, has been found in TP-Link TL-WR940N V4. Affected by this issue is some unknown functionality of the file /userRpm/WanSlaacCfgRpm.htm. The manipulation…
CVE-2025-6150 2025-06-17 HIGH 8.8 A vulnerability classified as critical was found in TOTOLINK X15 1.0.0-B20230714.1105. Affected by this vulnerability is an unknown functionality of the file /boafrm/formMultiAP of the component HTTP POST…
CVE-2025-6149 2025-06-17 HIGH 8.8 A vulnerability classified as critical has been found in TOTOLINK A3002R 4.0.0-B20230531.1404. Affected is an unknown function of the file /boafrm/formSysLog of the component HTTP POST Request Handler.…
CVE-2025-6148 2025-06-17 HIGH 8.8 A vulnerability was found in TOTOLINK A3002RU 3.0.0-B20230809.1615. It has been rated as critical. This issue affects some unknown processing of the file /boafrm/formSysLog of the component HTTP…
CVE-2025-6147 2025-06-17 HIGH 8.8 A vulnerability was found in TOTOLINK A702R 4.0.0-B20230721.1521. It has been declared as critical. This vulnerability affects unknown code of the file /boafrm/formSysLog of the component HTTP POST…
CVE-2025-48993 2025-06-17 N/A 0.0 Group-Office is an enterprise customer relationship management and groupware tool. Prior to versions 6.8.123 and 25.0.27, a malicious JavaScript payload can be executed via the Look and Feel…
CVE-2025-6146 2025-06-17 HIGH 8.8 A vulnerability was found in TOTOLINK X15 1.0.0-B20230714.1105. It has been classified as critical. This affects an unknown part of the file /boafrm/formSysLog of the component HTTP POST…
CVE-2025-6145 2025-06-16 HIGH 8.8 A vulnerability was found in TOTOLINK EX1200T 4.1.2cu.5232_B20210713 and classified as critical. Affected by this issue is some unknown functionality of the file /boafrm/formSysLog of the component HTTP…
CVE-2025-6144 2025-06-16 HIGH 8.8 A vulnerability has been found in TOTOLINK EX1200T 4.1.2cu.5232_B20210713 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /boafrm/formSysCmd of the component…
CVE-2025-6143 2025-06-16 HIGH 8.8 A vulnerability, which was classified as critical, was found in TOTOLINK EX1200T 4.1.2cu.5232_B20210713. Affected is an unknown function of the file /boafrm/formNtp of the component HTTP POST Request…
CVE-2025-48992 2025-06-16 N/A 0.0 Group-Office is an enterprise customer relationship management and groupware tool. Prior to versions 6.8.123 and 25.0.27, a stored and blind cross-site scripting (XSS) vulnerability exists in the Name…
CVE-2025-6142 2025-06-16 MEDIUM 6.3 A vulnerability was found in Intera InHire up to 20250530. It has been declared as critical. Affected by this vulnerability is an unknown functionality. The manipulation of the…
CVE-2025-6141 2025-06-16 LOW 3.3 A vulnerability has been found in GNU ncurses up to 6.5-20250322 and classified as problematic. This vulnerability affects the function postprocess_termcap of the file tinfo/parse_entry.c. The manipulation leads…
CVE-2025-6140 2025-06-16 LOW 3.3 A vulnerability, which was classified as problematic, was found in spdlog up to 1.15.1. This affects the function scoped_padder in the library include/spdlog/pattern_formatter-inl.h. The manipulation leads to resource…
CVE-2025-27587 2025-06-16 N/A 0.0 OpenSSL 3.0.0 through 3.3.2 on the PowerPC architecture is vulnerable to a Minerva attack, exploitable by measuring the time of signing of random messages using the EVP_DigestSign API,…
CVE-2025-6138 2025-06-16 HIGH 8.8 A vulnerability classified as critical was found in TOTOLINK T10 4.1.8cu.5207. Affected by this vulnerability is the function setWizardCfg of the file /cgi-bin/cstecgi.cgi of the component HTTP POST…
CVE-2025-43200 2025-06-16 MEDIUM 4.8 This issue was addressed with improved checks. This issue is fixed in watchOS 11.3.1, macOS Ventura 13.7.4, iOS 15.8.4 and iPadOS 15.8.4, iOS 16.7.11 and iPadOS 16.7.11, iPadOS…
CVE-2025-6179 2025-06-16 CRITICAL 9.8 Permissions Bypass in Extension Management in Google ChromeOS 16181.27.0 on managed Chrome devices allows a local attacker to disable extensions and access Developer Mode, including loading additional extensions…
CVE-2025-3494 2025-06-17 N/A 0.0 Rejected reason: This CVE ID has been rejected by its CNA as it was not a security issue.
CVE-2025-3493 2025-06-17 N/A 0.0 Rejected reason: This CVE ID has been rejected by its CNA as it was not a security issue.
CVE-2025-52445 2025-06-17 N/A 0.0 Rejected reason: Not used
CVE-2025-52444 2025-06-17 N/A 0.0 Rejected reason: Not used
CVE-2025-52443 2025-06-17 N/A 0.0 Rejected reason: Not used
CVE-2025-52442 2025-06-17 N/A 0.0 Rejected reason: Not used
CVE-2025-52441 2025-06-17 N/A 0.0 Rejected reason: Not used
CVE-2025-52440 2025-06-17 N/A 0.0 Rejected reason: Not used
CVE-2025-52439 2025-06-17 N/A 0.0 Rejected reason: Not used
CVE-2025-52438 2025-06-17 N/A 0.0 Rejected reason: Not used
CVE-2025-52437 2025-06-17 N/A 0.0 Rejected reason: Not used
« Anterior Página 1067 de 4308 Siguiente »