Vulnerabilidades CVE

A continuación la lista de las últimas vulnerabilidades publicadas por el instituto NIST:

Borrar filtros
CVE ID Publicado Severidad CVSS Descripción
CVE-2026-36813 2026-06-09 HIGH 7.5 Shenzhen Tenda Technology Co., Ltd Tenda W15E v15.11.0.10 was discovered to contain a buffer overflow in the picCropName parameter of the formCropAndSetWewifiPic function. This vulnerability allows attackers to…
CVE-2026-36806 2026-06-09 HIGH 7.5 Shenzhen Tenda Technology Co., Ltd Tenda W15E v15.11.0.10 was discovered to contain a buffer overflow in the webAuthUserPwd parameter of the formModifyWebAuthUser function. This vulnerability allows attackers to…
CVE-2026-36805 2026-06-09 HIGH 7.5 Shenzhen Tenda Technology Co., Ltd Tenda G0 v15.11.0.5 was discovered to contain multiple buffer overflows in the Saveqqlist function via the qqStr and markStr parameters. These vulnerabilities allow…
CVE-2026-11799 2026-06-09 HIGH 7.5 UXSS in Focus for iOS / Klar Webkit navigation. This vulnerability was fixed in Focus for iOS 151.3.1 and Klar for iOS 151.3.1.
CVE-2026-47641 2026-06-09 MEDIUM 4.6 Improper neutralization of input during web page generation ('cross-site scripting') in Microsoft Office SharePoint allows an authorized attacker to perform spoofing over a network.
CVE-2026-47640 2026-06-09 MEDIUM 4.6 Improper neutralization of input during web page generation ('cross-site scripting') in Microsoft Office SharePoint allows an authorized attacker to perform spoofing over a network.
CVE-2026-48574 2026-06-09 HIGH 7.8 Heap-based buffer overflow in Windows Media allows an unauthorized attacker to execute code locally.
CVE-2026-45447 2026-06-09 HIGH 8.8 Issue summary: A specially crafted PKCS#7 or S/MIME signed message could trigger a use-after-free during PKCS#7 signature verification. Impact summary: A use-after-free may result in process crashes, heap…
CVE-2026-36721 2026-06-09 CRITICAL 9.8 A lack of cryptographic signature verification in the validateAccessToken function of bookcars v8.3 allows attackers to bypass authentication via a forged JWT token.
CVE-2026-36719 2026-06-09 HIGH 7.5 An information disclosure vulnerability in the /api/v1/user/info endpoint of AgentChat v2.3.0 allows unauthenticated attackers to obtain sensitive information, including SHA256 password hashes, via enumerating user IDs.
CVE-2026-38615 2026-06-09 CRITICAL 9.8 DedeCMS V5.7.118 is vulnerable to Command Execution in file_manage_control.php.
CVE-2026-24064 2026-06-09 HIGH 7.8 Waves Central for macOS versions 13.0.9 through 16.5.5 contain a local privilege escalation vulnerability. A trusted XPC client component included with the product is signed with hardened runtime…
CVE-2025-55651 2026-06-09 MEDIUM 5.5 A NULL pointer dereference in the gf_isom_get_user_data_count function (isomedia/isom_read.c) of GPAC MP4Box v2.4 allows attackers to cause a Denial of Service (DoS) via supplying a crafted MP4 file.
CVE-2026-48575 2026-06-09 HIGH 7.9 Protection mechanism failure in Windows Secure Boot allows an authorized attacker to bypass a security feature locally.
CVE-2026-48576 2026-06-09 HIGH 7.9 Protection mechanism failure in Windows Secure Boot allows an authorized attacker to bypass a security feature locally.
CVE-2026-48578 2026-06-09 HIGH 7.9 Protection mechanism failure in Windows Secure Boot allows an authorized attacker to bypass a security feature locally.
CVE-2026-47935 2026-06-09 MEDIUM 5.4 Adobe Experience Manager versions 6.5.24, LTS SP1, 2026.04 and earlier are affected by a DOM-based Cross-Site Scripting (XSS) vulnerability. An attacker could exploit this issue by manipulating the…
CVE-2026-48583 2026-06-09 HIGH 7.8 Use after free in Windows Kernel allows an authorized attacker to elevate privileges locally.
CVE-2026-47936 2026-06-09 MEDIUM 5.4 Adobe Experience Manager versions 6.5.24, LTS SP1, 2026.04 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low-privileged attacker to…
CVE-2026-49841 2026-06-09 CRITICAL 9.8 FreeSWITCH is a Software Defined Telecom Stack enabling the digital transformation from proprietary telecom switches to a software implementation that runs on any commodity hardware. Prior to version…
CVE-2026-49843 2026-06-09 MEDIUM 5.3 FreeSWITCH is a Software Defined Telecom Stack enabling the digital transformation from proprietary telecom switches to a software implementation that runs on any commodity hardware. Prior to version…
CVE-2026-49160 2026-06-09 HIGH 7.5 Uncontrolled resource consumption in HTTP/2 allows an unauthorized attacker to deny service over a network.
CVE-2026-49848 2026-06-09 MEDIUM 4.3 FreeSWITCH is a Software Defined Telecom Stack enabling the digital transformation from proprietary telecom switches to a software implementation that runs on any commodity hardware. Prior to version…
CVE-2026-49847 2026-06-09 HIGH 7.5 FreeSWITCH is a Software Defined Telecom Stack enabling the digital transformation from proprietary telecom switches to a software implementation that runs on any commodity hardware. Prior to version…
CVE-2026-49842 2026-06-09 HIGH 7.5 FreeSWITCH is a Software Defined Telecom Stack enabling the digital transformation from proprietary telecom switches to a software implementation that runs on any commodity hardware. Prior to version…
CVE-2026-49840 2026-06-09 CRITICAL 9.1 FreeSWITCH is a Software Defined Telecom Stack enabling the digital transformation from proprietary telecom switches to a software implementation that runs on any commodity hardware. Prior to version…
CVE-2026-49475 2026-06-09 HIGH 7.5 FreeSWITCH is a Software Defined Telecom Stack enabling the digital transformation from proprietary telecom switches to a software implementation that runs on any commodity hardware. Prior to version…
CVE-2026-49472 2026-06-09 MEDIUM 5.3 FreeSWITCH is a Software Defined Telecom Stack enabling the digital transformation from proprietary telecom switches to a software implementation that runs on any commodity hardware. Prior to version…
CVE-2026-47939 2026-06-09 MEDIUM 5.4 Adobe Experience Manager versions 6.5.24, LTS SP1, 2026.04 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low-privileged attacker to…
CVE-2026-45771 2026-06-09 HIGH 7.5 FreeSWITCH is a Software Defined Telecom Stack enabling the digital transformation from proprietary telecom switches to a software implementation that runs on any commodity hardware. Prior to version…
CVE-2026-47946 2026-06-09 MEDIUM 5.4 Adobe Experience Manager versions 6.5.24, LTS SP1, 2026.04 and earlier are affected by a DOM-based Cross-Site Scripting (XSS) vulnerability. An attacker could exploit this issue by manipulating the…
CVE-2026-47945 2026-06-09 MEDIUM 5.4 Adobe Experience Manager versions 6.5.24, LTS SP1, 2026.04 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low-privileged attacker to…
CVE-2026-47944 2026-06-09 MEDIUM 5.4 Adobe Experience Manager versions 6.5.24, LTS SP1, 2026.04 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low-privileged attacker to…
CVE-2026-47941 2026-06-09 MEDIUM 5.4 Adobe Experience Manager versions 6.5.24, LTS SP1, 2026.04 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low-privileged attacker to…
CVE-2026-47947 2026-06-09 MEDIUM 5.4 Adobe Experience Manager versions 6.5.24, LTS SP1, 2026.04 and earlier are affected by a DOM-based Cross-Site Scripting (XSS) vulnerability. An attacker could exploit this issue by manipulating the…
CVE-2026-47948 2026-06-09 MEDIUM 5.4 Adobe Experience Manager versions 6.5.24, LTS SP1, 2026.04 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low-privileged attacker to…
CVE-2026-47949 2026-06-09 MEDIUM 5.4 Adobe Experience Manager versions 6.5.24, LTS SP1, 2026.04 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low-privileged attacker to…
CVE-2026-47950 2026-06-09 MEDIUM 5.4 Adobe Experience Manager versions 6.5.24, LTS SP1, 2026.04 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low-privileged attacker to…
CVE-2026-47951 2026-06-09 MEDIUM 5.4 Adobe Experience Manager versions 6.5.24, LTS SP1, 2026.04 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low-privileged attacker to…
CVE-2026-47990 2026-06-09 MEDIUM 5.4 Adobe Experience Manager versions 6.5.24, LTS SP1, 2026.04 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low-privileged attacker to…
CVE-2026-47942 2026-06-09 MEDIUM 5.4 Adobe Experience Manager versions 6.5.24, LTS SP1, 2026.04 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low-privileged attacker to…
CVE-2026-47991 2026-06-09 MEDIUM 4.3 Adobe Experience Manager versions 6.5.24, LTS SP1, 2026.04 and earlier are affected by an Improper Redirect (Open Redirect) vulnerability that could lead to account takeover. An attacker could…
CVE-2026-47993 2026-06-09 MEDIUM 5.4 Adobe Experience Manager versions 6.5.24, LTS SP1, 2026.04 and earlier are affected by a DOM-based Cross-Site Scripting (XSS) vulnerability. An attacker could exploit this issue by manipulating the…
CVE-2026-48250 2026-06-09 MEDIUM 5.4 Adobe Experience Manager versions 6.5.24, LTS SP1, 2026.04 and earlier are affected by a DOM-based Cross-Site Scripting (XSS) vulnerability. An attacker could exploit this issue by manipulating the…
CVE-2026-48251 2026-06-09 MEDIUM 5.4 Adobe Experience Manager versions 6.5.24, LTS SP1, 2026.04 and earlier are affected by a DOM-based Cross-Site Scripting (XSS) vulnerability. An attacker could exploit this issue by manipulating the…
CVE-2026-47943 2026-06-09 MEDIUM 5.4 Adobe Experience Manager versions 6.5.24, LTS SP1, 2026.04 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low-privileged attacker to…
CVE-2026-48256 2026-06-09 MEDIUM 5.4 Adobe Experience Manager versions 6.5.24, LTS SP1, 2026.04 and earlier are affected by a DOM-based Cross-Site Scripting (XSS) vulnerability. An attacker could exploit this issue by manipulating the…
CVE-2026-48258 2026-06-09 MEDIUM 5.4 Adobe Experience Manager versions 6.5.24, LTS SP1, 2026.04 and earlier are affected by a DOM-based Cross-Site Scripting (XSS) vulnerability. An attacker could exploit this issue by manipulating the…
CVE-2026-48264 2026-06-09 MEDIUM 5.4 Adobe Experience Manager versions 6.5.24, LTS SP1, 2026.04 and earlier are affected by a DOM-based Cross-Site Scripting (XSS) vulnerability. An attacker could exploit this issue by manipulating the…
CVE-2026-48265 2026-06-09 MEDIUM 5.4 Adobe Experience Manager versions 6.5.24, LTS SP1, 2026.04 and earlier are affected by a DOM-based Cross-Site Scripting (XSS) vulnerability. An attacker could exploit this issue by manipulating the…
« Anterior Página 112 de 4521 Siguiente »