Vulnerabilidades CVE

A continuación la lista de las últimas vulnerabilidades publicadas por el instituto NIST:

CVE ID Publicado Severidad CVSS Descripción
CVE-2025-53645 2025-07-09 HIGH 7.5 Zimbra Collaboration Suite (ZCS) before 9.0.0 Patch 46, 10.0.x before 10.0.15, and 10.1.x before 10.1.9 is vulnerable to a denial…
CVE-2025-44525 2025-07-09 MEDIUM 6.5 Texas Instruments CC2652RB LaunchPad SimpleLink CC13XX CC26XX SDK 7.41.00.17 was discovered to utilize insufficient permission checks on critical fields within…
CVE-2025-7381 2025-07-09 MEDIUM 5.3 ImpactThis is an information disclosure vulnerability originating from PHP's base image. This vulnerability exposes the PHP version through an X-Powered-By…
CVE-2025-53743 2025-07-09 MEDIUM 5.3 Jenkins Applitools Eyes Plugin 1.16.5 and earlier does not mask Applitools API keys displayed on the job configuration form, increasing…
CVE-2025-53742 2025-07-09 MEDIUM 6.5 Jenkins Applitools Eyes Plugin 1.16.5 and earlier stores Applitools API keys unencrypted in job config.xml files on the Jenkins controller,…
CVE-2025-53678 2025-07-09 MEDIUM 6.5 Jenkins User1st uTester Plugin 1.1 and earlier stores the uTester JWT token unencrypted in its global configuration file on the…
CVE-2025-53677 2025-07-09 MEDIUM 5.3 Jenkins Xooa Plugin 0.0.7 and earlier does not mask the Xooa Deployment Token on the global configuration form, increasing the…
CVE-2025-53676 2025-07-09 MEDIUM 6.5 Jenkins Xooa Plugin 0.0.7 and earlier stores the Xooa Deployment Token unencrypted in its global configuration file on the Jenkins…
CVE-2025-53675 2025-07-09 MEDIUM 6.5 Jenkins Warrior Framework Plugin 1.2 and earlier stores passwords unencrypted in job config.xml files on the Jenkins controller, where they…
CVE-2025-53674 2025-07-09 MEDIUM 5.3 Jenkins Sensedia Api Platform tools Plugin 1.0 does not mask the Sensedia API Manager integration token on the global configuration…
CVE-2025-53673 2025-07-09 MEDIUM 6.5 Jenkins Sensedia Api Platform tools Plugin 1.0 stores the Sensedia API Manager integration token unencrypted in its global configuration file…
CVE-2025-53672 2025-07-09 MEDIUM 6.5 Jenkins Kryptowire Plugin 0.2 and earlier stores the Kryptowire API key unencrypted in its global configuration file on the Jenkins…
CVE-2025-53671 2025-07-09 MEDIUM 6.5 Jenkins Nouvola DiveCloud Plugin 1.08 and earlier does not mask DiveCloud API Keys and Credentials Encryption Keys displayed on the…
CVE-2025-53670 2025-07-09 MEDIUM 6.5 Jenkins Nouvola DiveCloud Plugin 1.08 and earlier stores DiveCloud API Keys and Credentials Encryption Keys unencrypted in job config.xml files…
CVE-2025-53669 2025-07-09 MEDIUM 4.3 Jenkins VAddy Plugin 1.2.8 and earlier does not mask Vaddy API Auth Keys displayed on the job configuration form, increasing…
CVE-2025-53668 2025-07-09 MEDIUM 6.5 Jenkins VAddy Plugin 1.2.8 and earlier stores Vaddy API Auth Keys unencrypted in job config.xml files on the Jenkins controller,…
CVE-2025-53667 2025-07-09 MEDIUM 5.3 Jenkins Dead Man's Snitch Plugin 0.1 does not mask Dead Man's Snitch tokens displayed on the job configuration form, increasing…
CVE-2025-53666 2025-07-09 MEDIUM 6.5 Jenkins Dead Man's Snitch Plugin 0.1 stores Dead Man's Snitch tokens unencrypted in job config.xml files on the Jenkins controller,…
CVE-2025-53665 2025-07-09 MEDIUM 4.3 Jenkins Apica Loadtest Plugin 1.10 and earlier does not mask Apica Loadtest LTP authentication tokens displayed on the job configuration…
CVE-2025-53664 2025-07-09 MEDIUM 6.5 Jenkins Apica Loadtest Plugin 1.10 and earlier stores Apica Loadtest LTP authentication tokens unencrypted in job config.xml files on the…
CVE-2025-53663 2025-07-09 MEDIUM 6.5 Jenkins IBM Cloud DevOps Plugin 2.0.16 and earlier stores SonarQube authentication tokens unencrypted in job config.xml files on the Jenkins…
CVE-2025-53662 2025-07-09 MEDIUM 6.5 Jenkins IFTTT Build Notifier Plugin 1.2 and earlier stores IFTTT Maker Channel Keys unencrypted in job config.xml files on the…
CVE-2025-53661 2025-07-09 MEDIUM 4.3 Jenkins Testsigma Test Plan run Plugin 1.6 and earlier does not mask Testsigma API keys displayed on the job configuration…
CVE-2025-53660 2025-07-09 MEDIUM 4.3 Jenkins QMetry Test Management Plugin 1.13 and earlier does not mask Qmetry Automation API Keys displayed on the job configuration…
CVE-2025-53659 2025-07-09 MEDIUM 6.5 Jenkins QMetry Test Management Plugin 1.13 and earlier stores Qmetry Automation API Keys unencrypted in job config.xml files on the…
CVE-2025-53658 2025-07-09 MEDIUM 5.4 Jenkins Applitools Eyes Plugin 1.16.5 and earlier does not escape the Applitools URL on the build page, resulting in a…
CVE-2025-53657 2025-07-09 MEDIUM 4.3 Jenkins ReadyAPI Functional Testing Plugin 1.11 and earlier does not mask SLM License Access Keys, client secrets, and passwords displayed…
CVE-2025-53656 2025-07-09 MEDIUM 6.5 Jenkins ReadyAPI Functional Testing Plugin 1.11 and earlier stores SLM License Access Keys, client secrets, and passwords unencrypted in job…
CVE-2025-53655 2025-07-09 MEDIUM 5.3 Jenkins Statistics Gatherer Plugin 2.0.3 and earlier does not mask the AWS Secret Key on the global configuration form, increasing…
CVE-2025-53654 2025-07-09 MEDIUM 6.5 Jenkins Statistics Gatherer Plugin 2.0.3 and earlier stores the AWS Secret Key unencrypted in its global configuration file on the…
CVE-2025-53653 2025-07-09 MEDIUM 4.3 Jenkins Aqua Security Scanner Plugin 3.2.8 and earlier stores Scanner Tokens for Aqua API unencrypted in job config.xml files on…
CVE-2025-53652 2025-07-09 HIGH 8.2 Jenkins Git Parameter Plugin 439.vb_0e46ca_14534 and earlier does not validate that the Git parameter value submitted to the build matches…
CVE-2025-53651 2025-07-09 MEDIUM 6.3 Jenkins HTML Publisher Plugin 425 and earlier displays log messages that include the absolute paths of files archived during the…
CVE-2025-53650 2025-07-09 HIGH 7.3 Jenkins Credentials Binding Plugin 687.v619cb_15e923f and earlier does not properly mask (i.e., replace with asterisks) credentials present in exception error…
CVE-2025-49604 2025-07-09 MEDIUM 5.4 For Realtek AmebaD devices, a heap-based buffer overflow was discovered in Ameba-AIoT ameba-arduino-d before version 3.1.9 and ameba-rtos-d before commit…
CVE-2025-44526 2025-07-09 MEDIUM 6.5 Realtek RTL8762EKF-EVB RTL8762E SDK V1.4.0 was discovered to utilize insufficient permission checks on critical fields within Bluetooth Low Energy (BLE)…
CVE-2025-44177 2025-07-09 HIGH 8.2 A directory traversal vulnerability was discovered in White Star Software Protop version 4.4.2-2024-11-27, specifically in the /pt3upd/ endpoint. An unauthenticated…
CVE-2025-7204 2025-07-09 MEDIUM 6.5 In ConnectWise PSA versions older than 2025.9, a vulnerability exists where authenticated users could gain access to sensitive user information.…
CVE-2025-53753 2025-07-10 N/A 0.0 Rejected reason: Not used
CVE-2025-53752 2025-07-10 N/A 0.0 Rejected reason: Not used
CVE-2025-53751 2025-07-10 N/A 0.0 Rejected reason: Not used
CVE-2025-53750 2025-07-10 N/A 0.0 Rejected reason: Not used
CVE-2025-53749 2025-07-10 N/A 0.0 Rejected reason: Not used
CVE-2025-53748 2025-07-10 N/A 0.0 Rejected reason: Not used
CVE-2025-53747 2025-07-10 N/A 0.0 Rejected reason: Not used
CVE-2025-53746 2025-07-10 N/A 0.0 Rejected reason: Not used
CVE-2025-0646 2025-07-09 N/A 0.0 Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.
CVE-2024-10391 2025-07-09 N/A 0.0 Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.
CVE-2025-52364 2025-07-09 HIGH 7.5 Insecure Permissions vulnerability in Tenda CP3 Pro Firmware V22.5.4.93 allows the telnet service (telnetd) by default at boot via the…
CVE-2025-53547 2025-07-08 HIGH 8.5 Helm is a package manager for Charts for Kubernetes. Prior to 3.18.4, a specially crafted Chart.yaml file along with a…
« Anterior Página 165 de 3469 Siguiente »