Vulnerabilidades CVE

A continuación la lista de las últimas vulnerabilidades publicadas por el instituto NIST:

Borrar filtros
CVE ID Publicado Severidad CVSS Descripción
CVE-2025-46593 2025-05-06 MEDIUM 5.1 Process residence vulnerability in abnormal scenarios in the print module Impact: Successful exploitation of this vulnerability may affect availability.
CVE-2024-45567 2025-05-06 HIGH 7.8 Memory corruption while encoding JPEG format.
CVE-2024-45566 2025-05-06 HIGH 7.8 Memory corruption during concurrent buffer access due to modification of the reference count.
CVE-2024-45565 2025-05-06 HIGH 7.8 Memory corruption when blob structure is modified by user-space after kernel verification.
CVE-2024-45564 2025-05-06 HIGH 7.8 Memory corruption during concurrent access to server info object due to incorrect reference count update.
CVE-2024-45563 2025-05-06 MEDIUM 6.6 Memory corruption while handling schedule request in Camera Request Manager(CRM) due to invalid link count in the corresponding session.
CVE-2024-45562 2025-05-06 MEDIUM 6.6 Memory corruption during concurrent access to server info object due to unprotected critical field.
CVE-2024-45554 2025-05-06 HIGH 7.8 Memory corruption during concurrent SSR execution due to race condition on the global maps list.
CVE-2024-45568 2025-05-06 MEDIUM 6.7 Memory corruption due to improper bounds check while command handling in camera-kernel driver.
CVE-2024-45570 2025-05-06 MEDIUM 6.6 Memory corruption may occur during IO configuration processing when the IO port count is invalid.
CVE-2024-24142 2024-02-13 CRITICAL 9.8 Sourcecodester School Task Manager 1.0 allows SQL Injection via the 'subject' parameter.
CVE-2024-21491 2024-02-13 MEDIUM 5.9 Versions of the package svix before 1.17.0 are vulnerable to Authentication Bypass due to an issue in the verify function where signatures of different lengths are incorrectly compared.…
CVE-2024-22024 2024-02-13 HIGH 8.3 An XML external entity or XXE vulnerability in the SAML component of Ivanti Connect Secure (9.x, 22.x), Ivanti Policy Secure (9.x, 22.x) and ZTA gateways which allows an…
CVE-2023-52059 2024-02-13 MEDIUM 5.4 A cross-site scripting (XSS) vulnerability in Gestsup v3.2.46 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Description text field.
CVE-2022-3391 2022-10-25 MEDIUM 4.8 The Retain Live Chat WordPress plugin through 0.1 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform…
CVE-2022-3350 2022-10-25 MEDIUM 4.8 The Contact Bank WordPress plugin through 3.0.30 does not sanitise and escape some of its Form settings, which could allow high privilege users such as admin to perform…
CVE-2022-3335 2022-10-25 HIGH 7.2 The Kadence WooCommerce Email Designer WordPress plugin before 1.5.7 unserialises the content of an imported file, which could lead to PHP object injections issues when an admin import…
CVE-2022-3302 2022-10-25 HIGH 7.2 The Spam protection, AntiSpam, FireWall by CleanTalk WordPress plugin before 5.185.1 does not validate ids before using them in a SQL statement, which could lead to SQL injection…
CVE-2022-3300 2022-10-25 HIGH 7.2 The Form Maker by 10Web WordPress plugin before 1.15.6 does not properly sanitise and escape a parameter before using it in a SQL statement, leading to a SQL…
CVE-2022-3247 2022-10-25 MEDIUM 6.5 The Blog2Social: Social Media Auto Post & Scheduler WordPress plugin before 6.9.10 does not have authorisation in an AJAX action, and does not ensure that the URL to…
CVE-2022-34870 2022-10-25 MEDIUM 5.4 Apache Geode versions up to 1.15.0 are vulnerable to a Cross-Site Scripting (XSS) via data injection when using Pulse web application to view Region entries.
CVE-2022-33185 2022-10-25 HIGH 7.8 Several commands in Brocade Fabric OS before Brocade Fabric OS v.9.0.1e, and v9.1.0 use unsafe string functions to process user input. Authenticated local attackers could abuse these vulnerabilities…
CVE-2020-26629 2024-01-10 CRITICAL 9.8 A JQuery Unrestricted Arbitrary File Upload vulnerability was discovered in Hospital Management System V4.0 which allows an unauthenticated attacker to upload any file to the server.
CVE-2024-45574 2025-05-06 HIGH 7.8 Memory corruption during array access in Camera kernel due to invalid index from invalid command data.
CVE-2024-45575 2025-05-06 HIGH 7.8 Memory corruption Camera kernel when large number of devices are attached through userspace.
CVE-2024-45576 2025-05-06 HIGH 7.8 Memory corruption while prociesing command buffer buffer in OPE module.
CVE-2024-45577 2025-05-06 HIGH 7.8 Memory corruption while invoking IOCTL calls from userspace to camera kernel driver to dump request information.
CVE-2025-27132 2025-05-06 LOW 3.8 in OpenHarmony v5.0.3 and prior versions allow a local attacker arbitrary code execution in pre-installed apps through out-of-bounds write. This vulnerability can be exploited only in restricted scenarios.
CVE-2025-27241 2025-05-06 LOW 3.3 in OpenHarmony v5.0.3 and prior versions allow a local attacker case DOS through NULL pointer dereference.
CVE-2025-27248 2025-05-06 LOW 3.3 in OpenHarmony v5.0.3 and prior versions allow a local attacker case DOS through NULL pointer dereference.
CVE-2024-49830 2025-05-06 MEDIUM 6.6 Memory corruption while processing an IOCTL call to set mixer controls.
CVE-2024-49829 2025-05-06 MEDIUM 6.7 Memory corruption can occur during context user dumps due to inadequate checks on buffer length.
CVE-2024-45583 2025-05-06 MEDIUM 6.6 Memory corruption while handling multiple IOCTL calls from userspace to operate DMA operations.
CVE-2024-45581 2025-05-06 MEDIUM 6.6 Memory corruption while sound model registration for voice activation with audio kernel driver.
CVE-2024-45579 2025-05-06 HIGH 7.8 Memory corruption may occur when invoking IOCTL calls from userspace to the camera kernel driver to dump request information, due to a missing memory requirement check.
CVE-2024-45578 2025-05-06 HIGH 7.8 Memory corruption while acquire and update IOCTLs during IFE output resource ID validation.
CVE-2024-49841 2025-05-06 HIGH 7.8 Memory corruption during memory assignment to headless peripheral VM due to incorrect error code handling.
CVE-2024-49835 2025-05-06 HIGH 7.8 Memory corruption while reading secure file.
CVE-2024-49842 2025-05-06 HIGH 7.8 Memory corruption during memory mapping into protected VM address space due to incorrect API restrictions.
CVE-2024-49844 2025-05-06 HIGH 7.8 Memory corruption while triggering commands in the PlayReady Trusted application.
CVE-2024-49845 2025-05-06 HIGH 7.8 Memory corruption during the FRS UDS generation process.
CVE-2024-49846 2025-05-06 HIGH 8.2 Memory corruption while decoding of OTA messages from T3448 IE.
CVE-2024-49847 2025-05-06 HIGH 7.5 Transient DOS while processing of a registration acceptance OTA due to incorrect ciphering key data IE.
CVE-2025-21453 2025-05-06 HIGH 7.8 Memory corruption while processing a data structure, when an iterator is accessed after it has been removed, potential failures occur.
CVE-2025-21459 2025-05-06 HIGH 7.5 Transient DOS while parsing per STA profile in ML IE.
CVE-2025-21460 2025-05-06 HIGH 7.8 Memory corruption while processing a message, when the buffer is controlled by a Guest VM, the value can be changed continuously.
CVE-2025-21462 2025-05-06 HIGH 7.8 Memory corruption while processing an IOCTL request, when buffer significantly exceeds the command argument limit.
CVE-2025-21467 2025-05-06 HIGH 7.8 Memory corruption while reading the FW response from the shared queue.
CVE-2025-21468 2025-05-06 HIGH 7.8 Memory corruption while reading response from FW, when buffer size is changed by FW while driver is using this size to write null character at the end of…
CVE-2025-21469 2025-05-06 HIGH 7.8 Memory corruption while processing image encoding, when input buffer length is 0 in IOCTL call.
« Anterior Página 1255 de 4311 Siguiente »