Vulnerabilidades CVE

A continuación la lista de las últimas vulnerabilidades publicadas por el instituto NIST:

CVE ID Publicado Severidad CVSS Descripción
CVE-2025-7141 2025-07-07 LOW 2.4 A vulnerability classified as problematic was found in SourceCodester Best Salon Management System 1.0. Affected by this vulnerability is an…
CVE-2025-53478 2025-07-07 MEDIUM 5.4 The CheckUser extension’s Special:Investigate interface is vulnerable to reflected XSS due to improper escaping of certain internationalized system messages rendered…
CVE-2025-6771 2025-07-08 HIGH 7.2 OS command injection in Ivanti Endpoint Manager Mobile (EPMM) before version 12.5.0.2,12.4.0.3 and 12.3.0.3 allows a remote authenticated attacker with…
CVE-2025-5464 2025-07-08 MEDIUM 6.5 Insertion of sensitive information into a log file in Ivanti Connect Secure before version 22.7R2.8 allows a local authenticated attacker…
CVE-2025-43019 2025-07-08 N/A 0.0 A potential security vulnerability has been identified in the HP Support Assistant, which allows a local attacker to escalate privileges…
CVE-2025-0293 2025-07-08 MEDIUM 6.6 CLRF injection in Ivanti Connect Secure before version 22.7R2.8 and Ivanti Policy Secure before version 22.7R1.5 allows a remote authenticated…
CVE-2025-0292 2025-07-08 MEDIUM 5.5 SSRF in Ivanti Connect Secure before version 22.7R2.8 and Ivanti Policy Secure before version 22.7R1.5 allows a remote authenticated attacker…
CVE-2025-7326 2025-07-08 HIGH 7.0 Weak authentication in EOL ASP.NET Core allows an unauthorized attacker to elevate privileges over a network. NOTE: This CVE affects only…
CVE-2025-7183 2025-07-08 HIGH 7.3 A vulnerability was found in Campcodes Sales and Inventory System 1.0 and classified as critical. Affected by this issue is…
CVE-2025-7182 2025-07-08 MEDIUM 4.3 A vulnerability has been found in itsourcecode Student Transcript Processing System 1.0 and classified as problematic. Affected by this vulnerability…
CVE-2025-7037 2025-07-08 HIGH 7.2 SQL injection in Ivanti Endpoint Manager before version 2024 SU3 and 2022 SU8 Security Update 1 allows a remote authenticated…
CVE-2025-6996 2025-07-08 HIGH 8.4 Improper use of encryption in the agent of Ivanti Endpoint Manager before version 2024 SU3 and 2022 SU8 Security Update…
CVE-2025-6995 2025-07-08 HIGH 8.4 Improper use of encryption in the agent of Ivanti Endpoint Manager before version 2024 SU3 and 2022 SU8 Security Update…
CVE-2025-6770 2025-07-08 HIGH 7.2 OS command injection in Ivanti Endpoint Manager Mobile (EPMM) before version 12.5.0.2 allows a remote authenticated attacker with high privileges…
CVE-2025-5463 2025-07-08 MEDIUM 5.5 Insertion of sensitive information into a log file in Ivanti Connect Secure before version 22.7R2.8 and Ivanti Policy Secure before…
CVE-2025-5451 2025-07-08 MEDIUM 4.9 A stack-based buffer overflow in Ivanti Connect Secure before version 22.7R2.8 and Ivanti Policy Secure before version 22.7R1.5 allows a…
CVE-2025-5450 2025-07-08 MEDIUM 6.3 Improper access control in the certificate management component of Ivanti Connect Secure before version 22.7R2.8 and Ivanti Policy Secure before…
CVE-2025-53545 2025-07-08 N/A 0.0 Press, a Frappe custom app that runs Frappe Cloud, manages infrastructure, subscription, marketplace, and software-as-a-service (SaaS). Users can circumvent 2FA…
CVE-2025-53372 2025-07-08 HIGH 7.5 node-code-sandbox-mcp is a Node.js–based Model Context Protocol server that spins up disposable Docker containers to execute arbitrary JavaScript. Prior to…
CVE-2025-3630 2025-07-08 MEDIUM 6.4 IBM Sterling B2B Integrator 6.0.0.0 through 6.1.2.6, 6.2.0.0 through 6.2.0.4, IBM Sterling File Gateway 6.0.0.0 through 6.1.2.6, and 6.2.0.0 through…
CVE-2025-36600 2025-07-08 HIGH 8.2 Dell Client Platform BIOS contains an Improper Access Control Applied to Mirrored or Aliased Memory Regions vulnerability in an externally…
CVE-2025-2827 2025-07-08 MEDIUM 4.3 IBM Sterling File Gateway 6.0.0.0 through 6.1.2.6, and 6.2.0.0 through 6.2.0.4 could disclose sensitive installation directory information to an authenticated…
CVE-2025-2793 2025-07-08 MEDIUM 5.4 IBM Sterling B2B Integrator 6.0.0.0 through 6.1.2.6, 6.2.0.0 through 6.2.0.4, IBM Sterling File Gateway 6.0.0.0 through 6.1.2.6, and 6.2.0.0 through…
CVE-2025-24474 2025-07-08 LOW 2.7 An Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability [CWE-89] in FortiManager 7.6.0 through 7.6.1,…
CVE-2024-55599 2025-07-08 MEDIUM 5.3 An Improperly Implemented Security Check for Standard vulnerability [CWE-358] in FortiOS version 7.6.0, version 7.4.7 and below, 7.0 all versions,…
CVE-2024-52965 2025-07-08 HIGH 7.2 A missing critical step in authentication vulnerability [CWE-304] in Fortinet FortiOS version 7.6.0 through 7.6.1, 7.4.0 through 7.4.5, 7.2.0 through…
CVE-2025-50130 2025-07-08 HIGH 7.8 A heap-based buffer overflow vulnerability exists in VS6Sim.exe contained in V-SFT and TELLUS provided by FUJI ELECTRIC CO., LTD. Opening…
CVE-2025-27061 2025-07-08 HIGH 7.8 Memory corruption whhile handling the subsystem failure memory during the parsing of video packets received from the video firmware.
CVE-2025-27058 2025-07-08 HIGH 7.8 Memory corruption while processing packet data with exceedingly large packet.
CVE-2025-27057 2025-07-08 HIGH 7.5 Transient DOS while handling beacon frames with invalid IE header length.
CVE-2025-27056 2025-07-08 HIGH 7.8 Memory corruption during sub-system restart while processing clean-up to free up resources.
CVE-2025-27055 2025-07-08 HIGH 7.8 Memory corruption during the image encoding process.
CVE-2025-27052 2025-07-08 HIGH 7.8 Memory corruption while processing data packets in diag received from Unix clients.
CVE-2025-27051 2025-07-08 HIGH 7.8 Memory corruption while processing command message in WLAN Host.
CVE-2025-27050 2025-07-08 HIGH 7.8 Memory corruption while processing event close when client process terminates abruptly.
CVE-2025-27047 2025-07-08 HIGH 7.8 Memory corruption while processing the TESTPATTERNCONFIG escape path.
CVE-2025-27046 2025-07-08 HIGH 7.8 Memory corruption while processing multiple simultaneous escape calls.
CVE-2025-27044 2025-07-08 HIGH 7.8 Memory corruption while executing timestamp video decode command with large input values.
CVE-2025-27043 2025-07-08 HIGH 7.8 Memory corruption while processing manipulated payload in video firmware.
CVE-2025-27042 2025-07-08 HIGH 7.8 Memory corruption while processing video packets received from video firmware.
CVE-2025-21466 2025-07-08 HIGH 7.8 Memory corruption while processing a private escape command in an event trigger.
CVE-2025-21454 2025-07-08 HIGH 7.5 Transient DOS while processing received beacon frame.
CVE-2025-21450 2025-07-08 CRITICAL 9.1 Cryptographic issue occurs due to use of insecure connection method while downloading.
CVE-2025-21449 2025-07-08 HIGH 7.5 Transient DOS may occur while processing malformed length field in SSID IEs.
CVE-2025-21446 2025-07-08 HIGH 7.5 Transient DOS may occur when processing vendor-specific information elements while parsing a WLAN frame for BTM requests.
CVE-2025-21445 2025-07-08 HIGH 7.8 Memory corruption while copying the result to the transmission queue which is shared between the virtual machine and the host.
CVE-2025-21444 2025-07-08 HIGH 7.8 Memory corruption while copying the result to the transmission queue in EMAC.
CVE-2025-21433 2025-07-08 MEDIUM 6.2 Transient DOS when importing a PKCS#8-encoded RSA private key with a zero-sized modulus.
CVE-2025-21432 2025-07-08 HIGH 7.8 Memory corruption while retrieving the CBOR data from TA.
CVE-2025-21427 2025-07-08 HIGH 8.2 Information disclosure while decoding this RTP packet Payload when UE receives the RTP packet from the network.
« Anterior Página 187 de 3483 Siguiente »