Vulnerabilidades CVE

A continuación la lista de las últimas vulnerabilidades publicadas por el instituto NIST:

Borrar filtros
CVE ID Publicado Severidad CVSS Descripción
CVE-2025-4465 2025-05-09 HIGH 7.3 A vulnerability was found in itsourcecode Gym Management System 1.0 and classified as critical. Affected by this issue is some unknown functionality of the file /ajax.php?action=save_schedule. The manipulation…
CVE-2025-4466 2025-05-09 HIGH 7.3 A vulnerability was found in itsourcecode Gym Management System 1.0. It has been classified as critical. This affects an unknown part of the file /ajax.php?action=save_payment. The manipulation of…
CVE-2025-4471 2025-05-09 MEDIUM 5.3 A vulnerability, which was classified as critical, has been found in code-projects Jewelery Store Management system 1.0. Affected by this issue is some unknown functionality of the component…
CVE-2025-4472 2025-05-09 MEDIUM 5.3 A vulnerability was found in code-projects Departmental Store Management System 1.0. It has been classified as critical. Affected is the function bill. The manipulation of the argument Item…
CVE-2025-4480 2025-05-09 MEDIUM 5.3 A vulnerability was found in code-projects Simple College Management System 1.0. It has been declared as critical. This vulnerability affects the function input of the component Add New…
CVE-2025-4481 2025-05-09 HIGH 7.3 A vulnerability was found in SourceCodester Apartment Visitor Management System 1.0. It has been rated as critical. This issue affects some unknown processing of the file /search-result.php. The…
CVE-2025-4482 2025-05-09 HIGH 7.3 A vulnerability classified as critical was found in Project Worlds Student Project Allocation System 1.0. Affected by this vulnerability is an unknown functionality of the file /change_pass/forgot_password_sql.php. The…
CVE-2021-40438 2021-09-16 CRITICAL 9.0 A crafted request uri-path can cause mod_proxy to forward the request to an origin server choosen by the remote user. This issue affects Apache HTTP Server 2.4.48 and…
CVE-2025-48050 2025-05-15 HIGH 7.5 In DOMPurify through 3.2.5 before 6bc6d60, scripts/server.js does not ensure that a pathname is located under the current working directory. NOTE: the Supplier disputes the significance of this…
CVE-2024-52880 2025-05-15 HIGH 7.9 An issue was discovered in Insyde InsydeH2O kernel 5.2 before version 05.29.50, kernel 5.3 before version 05.38.50, kernel 5.4 before version 05.46.50, kernel 5.5 before version 05.54.50, kernel…
CVE-2025-30712 2025-04-15 HIGH 8.1 Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). The supported version that is affected is 7.1.6. Easily exploitable vulnerability allows high privileged attacker with…
CVE-2022-2720 2022-10-12 MEDIUM 5.3 In affected versions of Octopus Server it was identified that when a sensitive value is a substring of another value, sensitive value masking will only partially work.
CVE-2025-4182 2025-05-01 HIGH 7.3 A vulnerability was found in PCMan FTP Server 2.0.7. It has been rated as critical. Affected by this issue is some unknown functionality of the component BELL Command…
CVE-2025-4183 2025-05-01 HIGH 7.3 A vulnerability classified as critical has been found in PCMan FTP Server 2.0.7. This affects an unknown part of the component RECV Command Handler. The manipulation leads to…
CVE-2025-4184 2025-05-02 HIGH 7.3 A vulnerability classified as critical was found in PCMan FTP Server 2.0.7. This vulnerability affects unknown code of the component QUOTE Command Handler. The manipulation leads to buffer…
CVE-2025-4236 2025-05-03 HIGH 7.3 A vulnerability has been found in PCMan FTP Server 2.0.7 and classified as critical. Affected by this vulnerability is an unknown functionality of the component MDIR Command Handler.…
CVE-2025-4237 2025-05-03 HIGH 7.3 A vulnerability was found in PCMan FTP Server 2.0.7 and classified as critical. Affected by this issue is some unknown functionality of the component MDELETE Command Handler. The…
CVE-2025-0787 2025-01-28 LOW 3.5 A vulnerability was found in ESAFENET CDG V5. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the file /appDetail.jsp. The manipulation…
CVE-2025-3371 2025-04-07 HIGH 7.3 A vulnerability, which was classified as critical, has been found in PCMan FTP Server 2.0.7. This issue affects some unknown processing of the component DELETE Command Handler. The…
CVE-2025-3349 2025-04-07 HIGH 7.3 A vulnerability, which was classified as critical, has been found in PCMan FTP Server 2.0.7. This issue affects some unknown processing of the component SYST Command Handler. The…
CVE-2025-0788 2025-01-28 MEDIUM 6.3 A vulnerability was found in ESAFENET CDG V5. It has been rated as critical. Affected by this issue is some unknown functionality of the file /content_top.jsp. The manipulation…
CVE-2025-0786 2025-01-28 MEDIUM 6.3 A vulnerability was found in ESAFENET CDG V5. It has been classified as critical. Affected is an unknown function of the file /appDetail.jsp. The manipulation of the argument…
CVE-2025-0785 2025-01-28 LOW 3.5 A vulnerability was found in ESAFENET CDG V5 and classified as problematic. This issue affects some unknown processing of the file /SysConfig.jsp. The manipulation of the argument help…
CVE-2024-9536 2024-10-05 MEDIUM 6.3 A vulnerability was found in ESAFENET CDG V5. It has been rated as critical. Affected by this issue is some unknown functionality of the file /MultiServerBackService?path=1. The manipulation…
CVE-2025-3240 2025-04-04 HIGH 7.3 A vulnerability, which was classified as critical, has been found in PHPGurukul Online Fire Reporting System 1.2. Affected by this issue is some unknown functionality of the file…
CVE-2025-3377 2025-04-07 HIGH 7.3 A vulnerability was found in PCMan FTP Server 2.0.7. It has been rated as critical. This issue affects some unknown processing of the component ENC Command Handler. The…
CVE-2025-3376 2025-04-07 HIGH 7.3 A vulnerability was found in PCMan FTP Server 2.0.7. It has been declared as critical. This vulnerability affects unknown code of the component CONF Command Handler. The manipulation…
CVE-2025-3375 2025-04-07 HIGH 7.3 A vulnerability was found in PCMan FTP Server 2.0.7. It has been classified as critical. This affects an unknown part of the component CDUP Command Handler. The manipulation…
CVE-2025-3373 2025-04-07 HIGH 7.3 A vulnerability has been found in PCMan FTP Server 2.0.7 and classified as critical. Affected by this vulnerability is an unknown functionality of the component SITE CHMOD Command…
CVE-2025-3372 2025-04-07 HIGH 7.3 A vulnerability, which was classified as critical, was found in PCMan FTP Server 2.0.7. Affected is an unknown function of the component MKDIR Command Handler. The manipulation leads…
CVE-2025-4497 2025-05-10 MEDIUM 5.3 A vulnerability was found in code-projects Simple Banking System up to 1.0. It has been rated as critical. This issue affects some unknown processing of the component Sign…
CVE-2025-26492 2025-02-11 HIGH 7.7 In JetBrains TeamCity before 2024.12.2 improper Kubernetes connection settings could expose sensitive resources
CVE-2025-26493 2025-02-11 MEDIUM 4.6 In JetBrains TeamCity before 2024.12.2 several DOM-based XSS were possible on the Code Inspection Report tab
CVE-2025-31139 2025-03-27 MEDIUM 4.3 In JetBrains TeamCity before 2025.03 base64 encoded password could be exposed in build log
CVE-2025-31140 2025-03-27 MEDIUM 4.6 In JetBrains TeamCity before 2025.03 stored XSS was possible on Cloud Profiles page
CVE-2025-31141 2025-03-27 LOW 2.7 In JetBrains TeamCity before 2025.03 exception could lead to credential leakage on Cloud Profiles page
CVE-2025-46432 2025-04-25 MEDIUM 4.3 In JetBrains TeamCity before 2025.03.1 base64-encoded credentials could be exposed in build logs
CVE-2025-46433 2025-04-25 MEDIUM 4.9 In JetBrains TeamCity before 2025.03.1 improper path validation in loggingPreset parameter was possible
CVE-2025-46618 2025-04-25 LOW 3.5 In JetBrains TeamCity before 2025.03.1 stored XSS was possible on Data Directory tab
CVE-2025-33104 2025-05-14 MEDIUM 4.4 IBM WebSphere Application Server 8.5 and 9.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the…
CVE-2025-2900 2025-05-14 HIGH 7.5 IBM Semeru Runtime 8.0.302.0 through 8.0.442.0, 11.0.12.0 through 11.0.26.0, 17.0.0.0 through 17.0.14.0, and 21.0.0.0 through 12.0.6.0 is vulnerable to a denial of service caused by a buffer overflow…
CVE-2025-0138 2025-05-14 N/A 0.0 Web sessions in the web interface of Palo Alto Networks Prisma® Cloud Compute Edition do not expire when users are deleted, which makes Prisma Cloud Compute Edition susceptible…
CVE-2025-0137 2025-05-14 N/A 0.0 An improper input neutralization vulnerability in the management web interface of the Palo Alto Networks PAN-OS® software enables a malicious authenticated read-write administrator to impersonate another legitimate authenticated…
CVE-2025-0136 2025-05-14 N/A 0.0 Using the AES-128-CCM algorithm for IPSec on certain Palo Alto Networks PAN-OS® firewalls (PA-7500, PA-5400, PA-5400f, PA-3400, PA-1600, PA-1400, and PA-400 Series) leads to unencrypted data transfer to…
CVE-2025-0135 2025-05-14 N/A 0.0 An incorrect privilege assignment vulnerability in the Palo Alto Networks GlobalProtect™ App on macOS devices enables a locally authenticated non administrative user to disable the app. The GlobalProtect…
CVE-2025-0134 2025-05-14 N/A 0.0 A code injection vulnerability in the Palo Alto Networks Cortex XDR® Broker VM allows an authenticated user to execute arbitrary code with root privileges on the host operating…
CVE-2025-0133 2025-05-14 N/A 0.0 A reflected cross-site scripting (XSS) vulnerability in the GlobalProtect™ gateway and portal features of Palo Alto Networks PAN-OS® software enables execution of malicious JavaScript in the context of…
CVE-2025-0132 2025-05-14 N/A 0.0 A missing authentication vulnerability in Palo Alto Networks Cortex XDR® Broker VM allows an unauthenticated user to disable certain internal services on the Broker VM.  The attacker must…
CVE-2025-0131 2025-05-14 N/A 0.0 An incorrect privilege management vulnerability in the OPSWAT MetaDefender Endpoint Security SDK used by the Palo Alto Networks GlobalProtect™ app on Windows devices allows a locally authenticated non-administrative…
CVE-2025-4639 2025-05-14 N/A 0.0 CWE-611 Improper Restriction of XML External Entity Reference in the getDocumentBuilder() method of WebDav servlet in Peergos. This issue affects Peergos through version 1.1.0.
« Anterior Página 1213 de 4310 Siguiente »