Vulnerabilidades CVE

A continuación la lista de las últimas vulnerabilidades publicadas por el instituto NIST:

CVE ID Publicado Severidad CVSS Descripción
CVE-2025-32466 2025-06-11 N/A 0.0 A SQL injection vulnerability in RSMediaGallery! component 1.7.4 - 2.1.7 for Joomla was discovered. The issue occurs within the dashboard…
CVE-2025-32465 2025-06-11 N/A 0.0 A stored XSS vulnerability in RSTickets! component 1.9.12 - 3.3.0 for Joomla was discovered. It allows attackers to perform cross-site…
CVE-2025-30085 2025-06-11 N/A 0.0 Remote code execution vulnerability in RSForm!pro component 3.0.0 - 3.3.14 for Joomla was discovered. The issue occurs within the submission…
CVE-2024-35295 2025-06-11 MEDIUM 6.1 A vulnerability has been identified in Perfect Harmony GH180 (All versions >= V8.0 < V8.3.3 with NXGPro+ controller manufactured between…
CVE-2025-49822 2025-06-12 N/A 0.0 Rejected reason: Not used
CVE-2025-49821 2025-06-12 N/A 0.0 Rejected reason: Not used
CVE-2025-49820 2025-06-12 N/A 0.0 Rejected reason: Not used
CVE-2025-49819 2025-06-12 N/A 0.0 Rejected reason: Not used
CVE-2025-49818 2025-06-12 N/A 0.0 Rejected reason: Not used
CVE-2025-49817 2025-06-12 N/A 0.0 Rejected reason: Not used
CVE-2025-49816 2025-06-12 N/A 0.0 Rejected reason: Not used
CVE-2025-49815 2025-06-12 N/A 0.0 Rejected reason: Not used
CVE-2025-49814 2025-06-12 N/A 0.0 Rejected reason: Not used
CVE-2023-36636 2025-06-12 N/A 0.0 Rejected reason: Not used
CVE-2025-40912 2025-06-11 CRITICAL 9.8 CryptX for Perl before version 0.065 contains a dependency that may be susceptible to malformed unicode. CryptX embeds the tomcrypt…
CVE-2025-4673 2025-06-11 MEDIUM 6.8 Proxy-Authorization and Proxy-Authenticate headers persisted on cross-origin redirects potentially leaking sensitive information.
CVE-2025-49150 2025-06-11 MEDIUM 5.9 Cursor is a code editor built for programming with AI. Prior to 0.51.0, by default, the setting json.schemaDownload.enable was set…
CVE-2025-25032 2025-06-11 HIGH 7.5 IBM Cognos Analytics 11.2.0, 11.2.1, 11.2.2, 11.2.3, 11.2.4, 12.0.0, 12.0.1, 12.0.2, 12.0.3, and 12.0.4 could allow an authenticated user to…
CVE-2025-40915 2025-06-11 HIGH 7.0 Mojolicious::Plugin::CSRF 1.03 for Perl uses a weak random number source for generating CSRF tokens. That version of the module generates…
CVE-2025-22874 2025-06-11 HIGH 7.5 Calling Verify with a VerifyOptions.KeyUsages that contains ExtKeyUsageAny unintentionally disabledpolicy validation. This only affected certificate chains which contain policy graphs,…
CVE-2025-0923 2025-06-11 MEDIUM 5.3 IBM Cognos Analytics 11.2.0, 11.2.1, 11.2.2, 11.2.3, 11.2.4, 12.0.0, 12.0.1, 12.0.2, 12.0.3, and 12.0.4 stores source code on the web…
CVE-2025-0917 2025-06-11 MEDIUM 5.5 IBM Cognos Analytics 11.2.0, 11.2.1, 11.2.2, 11.2.3, 11.2.4, 12.0.0, 12.0.1, 12.0.2, 12.0.3, and 12.0.4 is vulnerable to stored cross-site scripting.…
CVE-2025-0913 2025-06-11 MEDIUM 5.5 os.OpenFile(path, os.O_CREATE|O_EXCL) behaved differently on Unix and Windows systems when the target path was a dangling symlink. On Unix systems,…
CVE-2025-6002 2025-06-11 HIGH 7.2 An unrestricted file upload vulnerability exists in the Product Image section of the VirtueMart backend. Authenticated attackers can upload files…
CVE-2025-6001 2025-06-11 HIGH 8.3 A Cross-Site Request Forgery (CSRF) vulnerability exists in the product image upload function of VirtueMart that bypasses the CSRF protection…
CVE-2025-1699 2025-06-11 LOW 2.8 An incorrect default permissions vulnerability was reported in the MotoSignature application that could result in unauthorized access.
CVE-2025-1698 2025-06-11 LOW 2.8 Null pointer exception vulnerabilities were reported in the fingerprint sensor service that could allow a local attacker to cause a…
CVE-2025-48448 2025-06-11 MEDIUM 6.5 Allocation of Resources Without Limits or Throttling vulnerability in Drupal Admin Audit Trail allows Excessive Allocation.This issue affects Admin Audit…
CVE-2025-48447 2025-06-11 HIGH 7.1 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Drupal Lightgallery allows Cross-Site Scripting (XSS).This issue affects…
CVE-2025-48446 2025-06-11 HIGH 8.8 Incorrect Authorization vulnerability in Drupal Commerce Alphabank Redirect allows Functionality Misuse.This issue affects Commerce Alphabank Redirect: from 0.0.0 before 1.0.3.
CVE-2025-48445 2025-06-11 HIGH 8.8 Incorrect Authorization vulnerability in Drupal Commerce Eurobank (Redirect) allows Functionality Misuse.This issue affects Commerce Eurobank (Redirect): from 0.0.0 before 2.1.1.
CVE-2025-48444 2025-06-11 MEDIUM 5.3 Missing Authorization vulnerability in Drupal Quick Node Block allows Forceful Browsing.This issue affects Quick Node Block: from 0.0.0 before 2.0.0.
CVE-2025-48013 2025-06-11 MEDIUM 5.3 Missing Authorization vulnerability in Drupal Quick Node Block allows Forceful Browsing.This issue affects Quick Node Block: from 0.0.0 before 2.0.0.
CVE-2025-43578 2025-06-10 MEDIUM 5.5 Acrobat Reader versions 24.001.30235, 20.005.30763, 25.001.20521 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure…
CVE-2025-43576 2025-06-10 HIGH 7.8 Acrobat Reader versions 24.001.30235, 20.005.30763, 25.001.20521 and earlier are affected by a Use After Free vulnerability that could result in…
CVE-2025-26383 2025-06-11 N/A 0.0 The iSTAR Configuration Utility (ICU) tool leaks memory, which could result in the unintended exposure of unauthorized data from the…
CVE-2025-49148 2025-06-11 HIGH 7.3 ClipShare is a lightweight and cross-platform tool for clipboard sharing. Prior to 3.8.5, ClipShare Server for Windows uses the default…
CVE-2025-49146 2025-06-11 HIGH 8.2 pgjdbc is an open source postgresql JDBC Driver. From 42.7.4 and until 42.7.7, when the PostgreSQL JDBC driver is configured…
CVE-2025-3473 2025-06-11 MEDIUM 6.7 IBM Security Guardium 12.1 could allow a local privileged user to escalate their privileges to root due to insecure inherited…
CVE-2025-0163 2025-06-11 MEDIUM 5.3 IBM Security Verify Access Appliance and Docker 10.0 through 10.0.8 could allow a remote attacker to enumerate usernames due to…
CVE-2025-40914 2025-06-11 CRITICAL 9.8 Perl CryptX before version 0.087 contains a dependency that may be susceptible to an integer overflow. CryptX embeds a version…
CVE-2025-2884 2025-06-10 CRITICAL 9.8 TCG TPM2.0 Reference implementation's CryptHmacSign helper function is vulnerable to Out-of-Bounds read due to the lack of validation the signature…
CVE-2024-1243 2025-06-11 N/A 0.0 Improper input validation in the Wazuh agent for Windows prior to version 4.8.0 allows an attacker with control over the…
CVE-2024-37396 2025-06-10 MEDIUM 5.4 A stored cross-site scripting (XSS) vulnerability in the Calendar function of REDCap 13.1.9 allows authenticated users to execute arbitrary web…
CVE-2024-37395 2025-06-10 MEDIUM 5.4 A stored cross-site scripting (XSS) vulnerability in the Public Survey function of REDCap 13.1.9 allows authenticated users to execute arbitrary…
CVE-2024-37394 2025-06-10 MEDIUM 5.4 A stored cross-site scripting (XSS) vulnerability in the Project Dashboards of REDCap 13.1.9 allows authenticated users to execute arbitrary web…
CVE-2025-5986 2025-06-11 MEDIUM 6.5 A crafted HTML email using mailbox:/// links can trigger automatic, unsolicited downloads of .pdf files to the user's desktop or…
CVE-2025-5959 2025-06-11 HIGH 8.8 Type Confusion in V8 in Google Chrome prior to 137.0.7151.103 allowed a remote attacker to execute arbitrary code inside a…
CVE-2025-5980 2025-06-10 HIGH 7.3 A vulnerability classified as critical was found in code-projects Restaurant Order System 1.0. This vulnerability affects unknown code of the…
CVE-2025-5979 2025-06-10 HIGH 7.3 A vulnerability classified as critical has been found in code-projects School Fees Payment System 1.0. This affects an unknown part…
« Anterior Página 261 de 3495 Siguiente »