Vulnerabilidades CVE

A continuación la lista de las últimas vulnerabilidades publicadas por el instituto NIST:

Borrar filtros
CVE ID Publicado Severidad CVSS Descripción
CVE-2024-55069 2025-05-02 MEDIUM 5.3 ffmpeg 7.1 is vulnerable to Null Pointer Dereference in function iamf_read_header in /libavformat/iamfdec.c.
CVE-2024-31578 2024-04-17 HIGH 7.5 FFmpeg version n6.1.1 was discovered to contain a heap use-after-free via the av_hwframe_ctx_init function.
CVE-2024-36617 2024-11-29 MEDIUM 6.2 FFmpeg n6.1.1 has an integer overflow vulnerability in the FFmpeg CAF decoder.
CVE-2025-1594 2025-02-23 MEDIUM 6.3 A vulnerability, which was classified as critical, was found in FFmpeg up to 7.1. This affects the function ff_aac_search_for_tns of the file libavcodec/aacenc_tns.c of the component AAC Encoder.…
CVE-2025-1373 2025-02-17 LOW 3.3 A vulnerability was found in FFmpeg up to 7.1. It has been rated as problematic. Affected by this issue is the function mov_read_trak of the file libavformat/mov.c of…
CVE-2024-7055 2024-08-06 MEDIUM 6.3 A vulnerability was found in FFmpeg up to 7.0.1. It has been classified as critical. This affects the function pnm_decode_frame in the library /libavcodec/pnmdec.c. The manipulation leads to…
CVE-2024-34256 2024-05-14 CRITICAL 9.8 OFCMS V1.1.2 is vulnerable to SQL Injection via the new table function.
CVE-2024-31952 2024-05-14 MEDIUM 6.7 An issue was discovered in Samsung Magician 8.0.0 on macOS. Because symlinks are used during the installation process, an attacker can escalate privileges via arbitrary file permission writes.…
CVE-2024-36071 2024-06-20 MEDIUM 6.3 Samsung Magician 8.0.0 on Windows allows an admin to escalate privileges by tampering with the directory and DLL files used during the installation process. This occurs because of…
CVE-2024-31953 2024-05-14 MEDIUM 6.7 An issue was discovered in Samsung Magician 8.0.0 on macOS. Because it is possible to tamper with the directory and executable files used during the installation process, an…
CVE-2024-53921 2024-12-03 LOW 2.8 An issue was discovered in the installer in Samsung Magician 8.1.0 on Windows. An attacker can create arbitrary folders in the system permission directory via a symbolic link…
CVE-2025-45542 2025-06-02 HIGH 7.3 SQL injection vulnerability in the registrationform endpoint of CloudClassroom-PHP-Project v1.0. The pass parameter is vulnerable due to improper input validation, allowing attackers to inject SQL queries.
CVE-2024-35369 2024-11-29 MEDIUM 5.5 In FFmpeg version n6.1.1, specifically within the avcodec/speexdec.c module, a potential security vulnerability exists due to insufficient validation of certain parameters when parsing Speex codec extradata. This vulnerability…
CVE-2024-36619 2024-11-29 MEDIUM 5.3 FFmpeg n6.1.1 has a vulnerability in the WAVARC decoder of the libavcodec library which allows for an integer overflow when handling certain block types, leading to a denial-of-service…
CVE-2024-36618 2024-11-29 MEDIUM 6.2 FFmpeg n6.1.1 has a vulnerability in the AVI demuxer of the libavformat library which allows for an integer overflow, potentially resulting in a denial-of-service (DoS) condition.
CVE-2024-36615 2024-11-29 MEDIUM 5.9 FFmpeg n7.0 has a race condition vulnerability in the VP9 decoder. This could lead to a data race if video encoding parameters were being exported, as the side…
CVE-2024-36616 2024-11-29 MEDIUM 6.5 An integer overflow in the component /libavformat/westwood_vqa.c of FFmpeg n6.1.1 allows attackers to cause a denial of service in the application via a crafted VQA file.
CVE-2024-35366 2024-11-29 CRITICAL 9.1 FFmpeg n6.1.1 is Integer Overflow. The vulnerability exists in the parse_options function of sbgdec.c within the libavformat module. When parsing certain options, the software does not adequately validate…
CVE-2024-35367 2024-11-29 CRITICAL 9.1 FFmpeg n6.1.1 has an Out-of-bounds Read via libavcodec/ppc/vp8dsp_altivec.c, static const vec_s8 h_subpel_filters_outer
CVE-2024-35368 2024-11-29 CRITICAL 9.8 FFmpeg n7.0 is affected by a Double Free via the rkmpp_retrieve_frame function within libavcodec/rkmppdec.c.
CVE-2024-35365 2025-01-03 HIGH 8.8 FFmpeg version n6.1.1 has a double-free vulnerability in the fftools/ffmpeg_mux_init.c component of FFmpeg, specifically within the new_stream_audio function.
CVE-2024-36613 2025-01-03 MEDIUM 6.2 FFmpeg n6.1.1 has a vulnerability in the DXA demuxer of the libavformat library allowing for an integer overflow, potentially resulting in a denial-of-service (DoS) condition or other undefined…
CVE-2025-4749 2025-05-16 HIGH 7.5 A vulnerability classified as critical was found in D-Link DI-7003GV2 24.04.18D1 R(68125). This vulnerability affects the function sub_4983B0 of the file /H5/backup.asp?opt=reset of the component Factory Reset Handler.…
CVE-2025-4746 2025-05-16 HIGH 7.3 A vulnerability has been found in Campcodes Sales and Inventory System 1.0 and classified as critical. This vulnerability affects unknown code of the file /pages/purchase_delete.php. The manipulation of…
CVE-2025-4841 2025-05-17 HIGH 8.8 A vulnerability was found in D-Link DCS-932L 2.18.01 and classified as critical. Affected by this issue is the function sub_404780 of the file /bin/gpio. The manipulation of the…
CVE-2025-4759 2025-05-16 HIGH 8.3 Versions of the package lockfile-lint-api before 5.9.2 are vulnerable to Incorrect Behavior Order: Early Validation via the resolved attribute of the package URL validation which can be bypassed…
CVE-2025-4750 2025-05-16 MEDIUM 5.3 A vulnerability, which was classified as problematic, has been found in D-Link DI-7003GV2 24.04.18D1 R(68125). This issue affects some unknown processing of the file /H5/get_version.data of the component…
CVE-2025-4752 2025-05-16 MEDIUM 5.3 A vulnerability has been found in D-Link DI-7003GV2 24.04.18D1 R(68125) and classified as problematic. Affected by this vulnerability is an unknown functionality of the file /install_base.data. The manipulation…
CVE-2025-4753 2025-05-16 MEDIUM 5.3 A vulnerability was found in D-Link DI-7003GV2 24.04.18D1 R(68125) and classified as problematic. Affected by this issue is some unknown functionality of the file /login.data. The manipulation leads…
CVE-2025-4755 2025-05-16 HIGH 7.3 A vulnerability was found in D-Link DI-7003GV2 24.04.18D1 R(68125). It has been classified as critical. This affects the function sub_497DE4 of the file /H5/netconfig.asp. The manipulation leads to…
CVE-2025-44172 2025-06-02 MEDIUM 6.5 Tenda AC6 V15.03.05.16 was discovered to contain a stack overflow via the time parameter in the setSmartPowerManagement function.
CVE-2025-5160 2025-05-26 MEDIUM 4.3 A vulnerability classified as problematic has been found in H3C SecCenter SMP-E1114P02 up to 20250513. Affected is the function Download of the file /packetCaptureStrategy/download. The manipulation of the…
CVE-2025-5159 2025-05-26 MEDIUM 4.3 A vulnerability was found in H3C SecCenter SMP-E1114P02 up to 20250513. It has been rated as problematic. This issue affects the function Download of the file /cfgFile/1/download. The…
CVE-2025-2146 2025-05-26 CRITICAL 9.8 Buffer overflow in WebService Authentication processing of Small Office Multifunction Printers and Laser Printers(*) which may allow an attacker on the network segment to trigger the affected product…
CVE-2025-5158 2025-05-25 MEDIUM 4.3 A vulnerability was found in H3C SecCenter SMP-E1114P02 up to 20250513. It has been declared as problematic. This vulnerability affects the function downloadSoftware of the file /cfgFile/downloadSoftware. The…
CVE-2025-5157 2025-05-25 MEDIUM 4.3 A vulnerability was found in H3C SecCenter SMP-E1114P02 up to 20250513. It has been classified as critical. This affects the function fileContent of the file /cfgFile/fileContent. The manipulation…
CVE-2025-5156 2025-05-25 HIGH 8.8 A vulnerability was found in H3C GR-5400AX up to 100R008 and classified as critical. Affected by this issue is the function EditWlanMacList of the file /routing/goform/aspForm. The manipulation…
CVE-2025-5155 2025-05-25 MEDIUM 6.3 A vulnerability has been found in qianfox FoxCMS 1.2.5 and classified as critical. Affected by this vulnerability is the function batchCope of the file app/admin/controller/Article.php. The manipulation of…
CVE-2025-5135 2025-05-24 LOW 2.4 A vulnerability, which was classified as problematic, has been found in Tmall Demo up to 20250505. Affected by this issue is some unknown functionality of the file /tmall/admin/…
CVE-2025-5134 2025-05-24 LOW 3.5 A vulnerability classified as problematic was found in Tmall Demo up to 20250505. Affected by this vulnerability is an unknown functionality of the component Buy Item Page. The…
CVE-2025-5133 2025-05-24 MEDIUM 4.3 A vulnerability classified as problematic has been found in Tmall Demo up to 20250505. Affected is an unknown function of the component Search Box. The manipulation leads to…
CVE-2025-5131 2025-05-24 MEDIUM 4.7 A vulnerability was found in Tmall Demo up to 20250505. It has been declared as critical. This vulnerability affects the function uploadCategoryImage of the file tmall/admin/uploadCategoryImage. The manipulation…
CVE-2025-46176 2025-05-23 MEDIUM 6.5 Hardcoded credentials in the Telnet service in D-Link DIR-605L v2.13B01 and DIR-816L v2.06B01 allow attackers to remotely execute arbitrary commands via firmware analysis.
CVE-2024-51102 2025-05-23 MEDIUM 4.4 PHPGURUKUL Student Management System using PHP and MySQL v1 was discovered to contain multiple SQL injection vulnerabilities at /studentrecordms/login.php via the username and password parameters.
CVE-2024-51103 2025-05-23 MEDIUM 6.5 PHPGURUKUL Student Management System using PHP and MySQL v1 was discovered to contain multiple SQL injection vulnerabilities at /studentrecordms/password-recovery.php via the emailid and id parameters.
CVE-2024-51099 2025-05-23 MEDIUM 6.1 A reflected cross-site scripting (XSS) vulnerability in the component mcgs/download-medical-cards.php of PHPGURUKUL Medical Card Generation System using PHP and MySQL v1.0 allows attackers to execute arbitrary code in…
CVE-2025-5184 2025-05-26 MEDIUM 4.3 A vulnerability was found in Summer Pearl Group Vacation Rental Management Platform up to 1.0.1. It has been classified as problematic. Affected is an unknown function of the…
CVE-2025-5183 2025-05-26 LOW 3.5 A vulnerability was found in Summer Pearl Group Vacation Rental Management Platform up to 1.0.1 and classified as problematic. This issue affects some unknown processing of the component…
CVE-2025-5182 2025-05-26 MEDIUM 4.3 A vulnerability has been found in Summer Pearl Group Vacation Rental Management Platform up to 1.0.1 and classified as critical. This vulnerability affects unknown code of the component…
CVE-2025-5181 2025-05-26 LOW 3.5 A vulnerability, which was classified as problematic, was found in Summer Pearl Group Vacation Rental Management Platform up to 1.0.1. This affects an unknown part of the file…
« Anterior Página 1112 de 4308 Siguiente »