Vulnerabilidades CVE

A continuación la lista de las últimas vulnerabilidades publicadas por el instituto NIST:

Borrar filtros
CVE ID Publicado Severidad CVSS Descripción
CVE-2025-44134 2025-04-24 MEDIUM 6.5 A vulnerability was found in Code-Projects Online Class and Exam Scheduling System 1.0 in the file /Scheduling/pages/class_save.php. Manipulation of parameter class will lead to SQL injection attacks.
CVE-2025-44135 2025-04-24 MEDIUM 6.5 A vulnerability was found in code-projects Online Class and Exam Scheduling System 1.0 in /Scheduling/pages/profile_update.php. Manipulating the parameter username will cause SQL injection attacks.
CVE-2025-41450 2025-05-08 HIGH 8.2 Improper Authentication vulnerability in Danfoss AKSM8xxA Series.This issue affects Danfoss AK-SM 8xxA Series prior to version 4.2
CVE-2025-47899 2025-05-14 N/A 0.0 Rejected reason: Not used
CVE-2025-47898 2025-05-14 N/A 0.0 Rejected reason: Not used
CVE-2025-47897 2025-05-14 N/A 0.0 Rejected reason: Not used
CVE-2025-47896 2025-05-14 N/A 0.0 Rejected reason: Not used
CVE-2025-47895 2025-05-14 N/A 0.0 Rejected reason: Not used
CVE-2025-47894 2025-05-14 N/A 0.0 Rejected reason: Not used
CVE-2025-47893 2025-05-14 N/A 0.0 Rejected reason: Not used
CVE-2025-47892 2025-05-14 N/A 0.0 Rejected reason: Not used
CVE-2025-47891 2025-05-14 N/A 0.0 Rejected reason: Not used
CVE-2024-0340 2024-01-09 MEDIUM 4.4 A vulnerability was found in vhost_new_msg in drivers/vhost/vhost.c in the Linux kernel, which does not properly initialize memory in messages passed between virtual guests and the host operating…
CVE-2025-32912 2025-04-14 MEDIUM 6.5 A flaw was found in libsoup, where SoupAuthDigest is vulnerable to a NULL pointer dereference. The HTTP server may cause the libsoup client to crash.
CVE-2024-52616 2024-11-21 MEDIUM 5.3 A flaw was found in the Avahi-daemon, where it initializes DNS transaction IDs randomly only once at startup, incrementing them sequentially after that. This predictable behavior facilitates DNS…
CVE-2025-0793 2025-01-29 MEDIUM 6.3 A vulnerability has been found in ESAFENET CDG V5 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /todoDetail.jsp. The manipulation of…
CVE-2025-0794 2025-01-29 LOW 3.5 A vulnerability was found in ESAFENET CDG V5 and classified as problematic. Affected by this issue is some unknown functionality of the file /todoDetail.jsp. The manipulation of the…
CVE-2025-0795 2025-01-29 LOW 3.5 A vulnerability was found in ESAFENET CDG V5. It has been classified as problematic. This affects an unknown part of the file /todolistjump.jsp. The manipulation of the argument…
CVE-2024-45627 2025-01-14 MEDIUM 5.9 In Apache Linkis
CVE-2024-9020 2025-01-18 MEDIUM 5.4 The List category posts WordPress plugin before 0.90.3 does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode…
CVE-2024-12321 2025-01-27 HIGH 7.1 The WC Affiliate WordPress plugin through 2.3.9 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which…
CVE-2025-4668 2025-05-13 N/A 0.0 Rejected reason: ** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. Reason: This candidate was issued in error. Notes: All references and descriptions in this candidate have been…
CVE-2025-46421 2025-04-24 MEDIUM 6.8 A flaw was found in libsoup. When libsoup clients encounter an HTTP redirect, they mistakenly send the HTTP Authorization header to the new host that the redirection points…
CVE-2025-46420 2025-04-24 MEDIUM 6.5 A flaw was found in libsoup. It is vulnerable to memory leaks in the soup_header_parse_quality_list() function when parsing a quality list that contains elements with all zeroes.
CVE-2025-32908 2025-04-14 HIGH 7.5 A flaw was found in libsoup. The HTTP/2 server in libsoup may not fully validate the values of pseudo-headers :scheme, :authority, and :path, which may allow a user…
CVE-2022-22128 2022-10-17 CRITICAL 9.8 Tableau discovered a path traversal vulnerability affecting Tableau Server Administration Agent’s internal file transfer service that could allow remote code execution.Tableau only supports product versions for 24 months…
CVE-2022-0699 2022-10-17 CRITICAL 9.8 A double-free condition exists in contrib/shpsort.c of shapelib 1.5.0 and older releases. This issue may allow an attacker to cause a denial of service or have other unspecified…
CVE-2019-14841 2022-10-17 HIGH 8.8 A flaw was found in the RHDM, where an authenticated attacker can change their assigned role in the response header. This flaw allows an attacker to gain admin…
CVE-2019-14840 2022-10-17 HIGH 7.5 A flaw was found in the RHDM, where sensitive HTML form fields like Password has auto-complete enabled which may lead to leak of credentials.
CVE-2017-7517 2022-10-17 LOW 3.5 An input validation vulnerability exists in Openshift Enterprise due to a 1:1 mapping of tenants in Hawkular Metrics and projects/namespaces in OpenShift. If a user creates a project…
CVE-2024-13052 2025-01-27 HIGH 7.1 The Dental Optimizer Patient Generator App WordPress plugin through 1.0 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected…
CVE-2024-13116 2025-01-27 LOW 3.8 The Crelly Slider WordPress plugin before 1.4.7 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored…
CVE-2024-13117 2025-01-27 MEDIUM 6.5 The Social Share Buttons for WordPress plugin through 2.7 allows an unauthenticated user to upload arbitrary images and change the path where they are uploaded
CVE-2025-2033 2025-03-06 MEDIUM 6.3 A vulnerability, which was classified as critical, was found in code-projects Blood Bank Management System 1.0. Affected is an unknown function of the file /user_dashboard/view_donor.php. The manipulation of…
CVE-2025-2037 2025-03-06 MEDIUM 6.3 A vulnerability was found in code-projects Blood Bank Management System 1.0. It has been declared as critical. This vulnerability affects unknown code of the file /user_dashboard/delete_requester.php. The manipulation…
CVE-2025-2038 2025-03-06 HIGH 7.3 A vulnerability was found in code-projects Blood Bank Management System 1.0. It has been rated as critical. This issue affects some unknown processing of the file /upload/. The…
CVE-2025-2039 2025-03-06 MEDIUM 4.7 A vulnerability classified as critical has been found in code-projects Blood Bank Management System 1.0. Affected is an unknown function of the file /admin/delete_members.php. The manipulation of the…
CVE-2025-2044 2025-03-06 MEDIUM 4.7 A vulnerability was found in code-projects Blood Bank Management System 1.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file…
CVE-2025-0734 2025-01-27 MEDIUM 4.7 A vulnerability has been found in y_project RuoYi up to 4.8.0 and classified as critical. This vulnerability affects the function getBeanName of the component Whitelist. The manipulation leads…
CVE-2025-2655 2025-03-23 HIGH 7.3 A vulnerability was found in SourceCodester AC Repair and Services System 1.0. It has been declared as critical. This vulnerability affects the function save_users of the file /classes/Users.php.…
CVE-2025-4120 2025-04-30 HIGH 8.8 A vulnerability was found in Netgear JWNR2000v2 1.0.0.11. It has been classified as critical. Affected is the function sub_4238E8. The manipulation of the argument host leads to buffer…
CVE-2025-4121 2025-04-30 MEDIUM 6.3 A vulnerability was found in Netgear JWNR2000v2 1.0.0.11. It has been declared as critical. Affected by this vulnerability is the function cmd_wireless. The manipulation of the argument host…
CVE-2025-2656 2025-03-23 HIGH 7.3 A vulnerability classified as critical has been found in PHPGurukul Zoo Management System 2.1. Affected is an unknown function of the file /admin/login.php. The manipulation of the argument…
CVE-2025-4150 2025-05-01 HIGH 8.8 A vulnerability was found in Netgear EX6200 1.0.3.94. It has been declared as critical. This vulnerability affects the function sub_54340. The manipulation of the argument host leads to…
CVE-2025-4173 2025-05-01 MEDIUM 6.3 A vulnerability classified as critical was found in SourceCodester Online Eyewear Shop 1.0. Affected by this vulnerability is the function delete_cart of the file /oews/classes/Master.php?f=delete_cart. The manipulation of…
CVE-2025-4180 2025-05-01 HIGH 7.3 A vulnerability was found in PCMan FTP Server 2.0.7. It has been classified as critical. Affected is an unknown function of the component TRACE Command Handler. The manipulation…
CVE-2025-4181 2025-05-01 HIGH 7.3 A vulnerability was found in PCMan FTP Server 2.0.7. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the component SEND Command…
CVE-2025-46619 2025-04-30 HIGH 7.6 A security issue has been discovered in Couchbase Server before 7.6.4 and fixed in v.7.6.4 and v.7.2.7 for Windows that could allow unauthorized access to sensitive files. Depending…
CVE-2025-4108 2025-04-30 HIGH 7.3 A vulnerability, which was classified as critical, was found in PHPGurukul Student Record System 3.20. Affected is an unknown function of the file /add-subject.php. The manipulation of the…
CVE-2025-4109 2025-04-30 MEDIUM 6.3 A vulnerability has been found in PHPGurukul Pre-School Enrollment System 1.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /admin/edit-subadmin.php. The…
« Anterior Página 1232 de 4311 Siguiente »