Vulnerabilidades CVE

A continuación la lista de las últimas vulnerabilidades publicadas por el instituto NIST:

Borrar filtros
CVE ID Publicado Severidad CVSS Descripción
CVE-2025-4110 2025-04-30 MEDIUM 6.3 A vulnerability was found in PHPGurukul Pre-School Enrollment System 1.0 and classified as critical. Affected by this issue is some unknown functionality of the file /admin/edit-teacher.php. The manipulation…
CVE-2025-4111 2025-04-30 MEDIUM 6.3 A vulnerability was found in PHPGurukul Pre-School Enrollment System 1.0. It has been classified as critical. This affects an unknown part of the file /admin/visitor-details.php. The manipulation of…
CVE-2025-4340 2025-05-06 MEDIUM 6.3 A vulnerability classified as critical has been found in D-Link DIR-890L and DIR-806A1 up to 100CNb11/108B03. Affected is the function sub_175C8 of the file /htdocs/soap.cgi. The manipulation leads…
CVE-2025-4112 2025-04-30 HIGH 7.3 A vulnerability was found in PHPGurukul Student Record System 3.20. It has been declared as critical. This vulnerability affects unknown code of the file /add-course.php. The manipulation of…
CVE-2025-4341 2025-05-06 MEDIUM 6.3 A vulnerability classified as critical was found in D-Link DIR-880L up to 104WWb01. Affected by this vulnerability is the function sub_16570 of the file /htdocs/ssdpcgi of the component…
CVE-2025-4113 2025-04-30 MEDIUM 6.3 A vulnerability was found in PHPGurukul Curfew e-Pass Management System 1.0. It has been rated as critical. This issue affects some unknown processing of the file /admin/edit-pass-detail.php. The…
CVE-2025-4342 2025-05-06 HIGH 8.8 A vulnerability, which was classified as critical, has been found in D-Link DIR-600L up to 2.07B01. Affected by this issue is the function formEasySetupWizard3. The manipulation of the…
CVE-2025-4343 2025-05-06 HIGH 8.8 A vulnerability has been found in D-Link DIR-600L up to 2.07B01 and classified as critical. This vulnerability affects the function formEasySetupWizard. The manipulation of the argument host leads…
CVE-2025-46762 2025-05-06 CRITICAL 9.8 Schema parsing in the parquet-avro module of Apache Parquet 1.15.0 and previous versions allows bad actors to execute arbitrary code. While 1.15.1 introduced a fix to restrict untrusted…
CVE-2025-4354 2025-05-06 HIGH 8.8 A vulnerability was found in Tenda DAP-1520 1.10B04_BETA02 and classified as critical. Affected by this issue is the function check_dws_cookie of the file /storage. The manipulation leads to…
CVE-2025-4355 2025-05-06 HIGH 8.8 A vulnerability was found in Tenda DAP-1520 1.10B04_BETA02. It has been classified as critical. This affects the function set_ws_action of the file /dws/api/. The manipulation leads to heap-based…
CVE-2025-4356 2025-05-06 HIGH 8.8 A vulnerability was found in Tenda DAP-1520 1.10B04_BETA02. It has been declared as critical. This vulnerability affects the function mod_graph_auth_uri_handler of the file /storage of the component Authentication…
CVE-2025-4357 2025-05-06 MEDIUM 4.7 A vulnerability was found in Tenda RX3 16.03.13.11_multi. It has been rated as critical. This issue affects some unknown processing of the file /goform/telnet. The manipulation leads to…
CVE-2025-4441 2025-05-08 HIGH 8.8 A vulnerability was found in D-Link DIR-605L 2.13B01. It has been classified as critical. This affects the function formSetWAN_Wizard534. The manipulation of the argument curTime leads to buffer…
CVE-2025-4442 2025-05-09 HIGH 8.8 A vulnerability was found in D-Link DIR-605L 2.13B01. It has been declared as critical. This vulnerability affects the function formSetWAN_Wizard55. The manipulation of the argument curTime leads to…
CVE-2025-4443 2025-05-09 MEDIUM 6.3 A vulnerability was found in D-Link DIR-605L 2.13B01. It has been rated as critical. This issue affects the function sub_454F2C. The manipulation of the argument sysCmd leads to…
CVE-2025-4445 2025-05-09 MEDIUM 6.3 A vulnerability classified as critical has been found in D-Link DIR-605L 2.13B01. Affected is the function wake_on_lan. The manipulation of the argument mac leads to command injection. It…
CVE-2025-4448 2025-05-09 HIGH 8.8 A vulnerability classified as critical was found in D-Link DIR-619L 2.04B04. This vulnerability affects the function formEasySetupWizard. The manipulation of the argument curTime leads to buffer overflow. The…
CVE-2025-4449 2025-05-09 HIGH 8.8 A vulnerability, which was classified as critical, has been found in D-Link DIR-619L 2.04B04. This issue affects the function formEasySetupWizard3. The manipulation of the argument wan_connected leads to…
CVE-2025-4300 2025-05-06 HIGH 7.3 A vulnerability classified as critical has been found in itsourcecode Content Management System 1.0. Affected is an unknown function of the file /search_list.php. The manipulation of the argument…
CVE-2025-4301 2025-05-06 HIGH 7.3 A vulnerability classified as critical was found in itsourcecode Content Management System 1.0. Affected by this vulnerability is an unknown functionality of the file /search-notice.php. The manipulation of…
CVE-2025-4310 2025-05-06 MEDIUM 4.7 A vulnerability classified as critical has been found in itsourcecode Content Management System 1.0. This affects an unknown part of the file /admin/add_topic.php?category=BBS. The manipulation of the argument…
CVE-2025-20954 2025-05-07 MEDIUM 5.5 Use of implicit intent for sensitive communication in EnrichedCall prior to SMR May-2025 Release 1 allows local attackers to access sensitive information. User interaction is required for triggering…
CVE-2025-20953 2025-05-07 MEDIUM 5.1 Improper access control in SmartManagerCN prior to SMR May-2025 Release 1 allows local attackers to launch activities within SmartManagerCN.
CVE-2025-20937 2025-05-07 MEDIUM 6.7 Out-of-bounds write in Keymaster trustlet prior to SMR May-2025 Release 1 allows local privileged attackers to write out-of-bounds memory.
CVE-2025-32405 2025-05-07 HIGH 7.5 An Out-of-bounds Write in RT-Labs P-Net version 1.0.1 or earlier allows an attacker to induce a crash in IO devices that use the library by sending a malicious…
CVE-2025-32404 2025-05-07 MEDIUM 4.8 An Out-of-bounds Write in RT-Labs P-Net version 1.0.1 or earlier allows an attacker to corrupt the memory of IO devices that use the library by sending a malicious…
CVE-2025-32403 2025-05-07 MEDIUM 4.8 An Out-of-bounds Write in RT-Labs P-Net version 1.0.1 or earlier allows an attacker to corrupt the memory of IO devices that use the library by sending a malicious…
CVE-2025-32402 2025-05-07 HIGH 7.5 An Out-of-bounds Write in RT-Labs P-Net version 1.0.1 or earlier allows an attacker to induce a crash in IO devices that use the library by sending a malicious…
CVE-2025-32401 2025-05-07 MEDIUM 4.8 An Heap-based Buffer Overflow in RT-Labs P-Net version 1.0.1 or earlier allows an attacker to corrupt the memory of IO devices that use the library by sending a…
CVE-2025-32400 2025-05-07 HIGH 7.5 An Heap-based Buffer Overflow in RT-Labs P-Net version 1.0.1 or earlier allows an attacker to induce a crash in IO devices that use the library by sending a…
CVE-2025-32399 2025-05-07 MEDIUM 5.3 An Unchecked Input for Loop Condition in RT-Labs P-Net version 1.0.1 or earlier allows an attacker to cause IO devices that use the library to enter an infinite…
CVE-2025-32398 2025-05-07 HIGH 7.5 A NULL Pointer Dereference in RT-Labs P-Net version 1.0.1 or earlier allows an attacker to induce a crash in IO devices that use the library by sending a…
CVE-2025-32397 2025-05-07 HIGH 7.5 An Heap-based Buffer Overflow in RT-Labs P-Net version 1.0.1 or earlier allows an attacker to induce a crash in IO devices that use the library by sending a…
CVE-2025-32396 2025-05-07 HIGH 7.5 An Heap-based Buffer Overflow in RT-Labs P-Net version 1.0.1 or earlier allows an attacker to induce a crash in IO devices that use the library by sending a…
CVE-2025-4368 2025-05-06 HIGH 8.8 A vulnerability, which was classified as critical, was found in Tenda AC8 16.03.34.06. Affected is the function formGetRouterStatus of the file /goform/MtuSetMacWan. The manipulation of the argument shareSpeed…
CVE-2025-4363 2025-05-06 HIGH 7.3 A vulnerability, which was classified as critical, has been found in itsourcecode Gym Management System 1.0. This issue affects some unknown processing of the file /ajax.php?action=end_membership. The manipulation…
CVE-2025-45492 2025-05-06 CRITICAL 9.8 Netgear EX8000 V1.0.0.126 is vulnerable to Command Injection via the Iface parameter in the action_wireless function.
CVE-2025-45491 2025-05-06 CRITICAL 9.8 Linksys E5600 v1.1.0.26 was discovered to contain a command injection vulnerability in the runtime.ddnsStatus DynDNS function via the username parameter.
CVE-2025-45490 2025-05-06 CRITICAL 9.8 Linksys E5600 v1.1.0.26 was discovered to contain a command injection vulnerability in the runtime.ddnsStatus DynDNS function via the password parameter.
CVE-2025-45489 2025-05-06 CRITICAL 9.8 Linksys E5600 v1.1.0.26 was discovered to contain a command injection vulnerability in the runtime.ddnsStatus DynDNS function via the hostname parameter.
CVE-2025-45488 2025-05-06 CRITICAL 9.8 Linksys E5600 v1.1.0.26 was discovered to contain a command injection vulnerability in the runtime.ddnsStatus DynDNS function via the mailex parameter.
CVE-2025-45487 2025-05-06 CRITICAL 9.8 Linksys E5600 v1.1.0.26 was discovered to contain a command injection vulnerability in the runtime.InternetConnection function.
CVE-2025-23379 2025-05-06 LOW 3.5 Dell Storage Center - Dell Storage Manager, version(s) 21.0.20, contain(s) an Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability. An unauthenticated attacker with adjacent network…
CVE-2025-2657 2025-03-23 HIGH 7.3 A vulnerability classified as critical was found in projectworlds Apartment Visitors Management System 1.0. Affected by this vulnerability is an unknown functionality of the file /front.php. The manipulation…
CVE-2025-22479 2025-05-06 LOW 3.5 Dell Storage Center - Dell Storage Manager, version(s) 20.0.21, contain(s) an Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability. An unauthenticated attacker with adjacent…
CVE-2025-22478 2025-05-06 HIGH 8.1 Dell Storage Center - Dell Storage Manager, version(s) 20.1.20, contain(s) an Improper Restriction of XML External Entity Reference vulnerability. An unauthenticated attacker with adjacent network access could potentially…
CVE-2025-22477 2025-05-06 HIGH 8.3 Dell Storage Center - Dell Storage Manager, version(s) 20.1.20, contain(s) an Improper Authentication vulnerability. An unauthenticated attacker with adjacent network access could potentially exploit this vulnerability, leading to…
CVE-2025-46721 2025-05-13 N/A 0.0 nosurf is cross-site request forgery (CSRF) protection middleware for Go. A vulnerability in versions prior to 1.2.0 allows an attacker who controls content on the target site, or…
CVE-2025-46392 2025-05-09 MEDIUM 6.5 Uncontrolled Resource Consumption vulnerability in Apache Commons Configuration 1.x. There are a number of issues in Apache Commons Configuration 1.x that allow excessive resource consumption when loading untrusted…
« Anterior Página 1233 de 4311 Siguiente »