Vulnerabilidades CVE

A continuación la lista de las últimas vulnerabilidades publicadas por el instituto NIST:

Borrar filtros
CVE ID Publicado Severidad CVSS Descripción
CVE-2026-26085 2026-02-12 N/A 0.0 Rejected reason: Not used
CVE-2025-52868 2026-02-11 HIGH 8.1 A buffer overflow vulnerability has been reported to affect Qsync Central. If a remote attacker gains a user account, they can then exploit the vulnerability to modify memory…
CVE-2025-48725 2026-02-11 HIGH 8.1 A buffer overflow vulnerability has been reported to affect several QNAP operating system versions. If a remote attacker gains a user account, they can then exploit the vulnerability…
CVE-2025-48724 2026-02-11 HIGH 8.1 A buffer overflow vulnerability has been reported to affect Qsync Central. If a remote attacker gains a user account, they can then exploit the vulnerability to modify memory…
CVE-2025-48723 2026-02-11 HIGH 8.1 A buffer overflow vulnerability has been reported to affect Qsync Central. If a remote attacker gains a user account, they can then exploit the vulnerability to modify memory…
CVE-2025-48722 2026-02-11 MEDIUM 6.5 A NULL pointer dereference vulnerability has been reported to affect Qsync Central. If a remote attacker gains a user account, they can then exploit the vulnerability to launch…
CVE-2025-47209 2026-02-11 MEDIUM 6.5 A NULL pointer dereference vulnerability has been reported to affect Qsync Central. If a remote attacker gains a user account, they can then exploit the vulnerability to launch…
CVE-2025-30276 2026-02-11 HIGH 8.8 An out-of-bounds write vulnerability has been reported to affect Qsync Central. If a remote attacker gains a user account, they can then exploit the vulnerability to modify or…
CVE-2025-30269 2026-02-11 HIGH 8.1 A use of externally-controlled format string vulnerability has been reported to affect Qsync Central. If a remote attacker gains a user account, they can then exploit the vulnerability…
CVE-2025-30266 2026-02-11 MEDIUM 6.5 A NULL pointer dereference vulnerability has been reported to affect Qsync Central. If a remote attacker gains a user account, they can then exploit the vulnerability to launch…
CVE-2026-1837 2026-02-11 N/A 0.0 A specially-crafted file can cause libjxl's decoder to write pixel data to uninitialized unallocated memory. Soon after that data from another uninitialized unallocated region is copied to pixel…
CVE-2026-25084 2026-02-11 CRITICAL 9.8 Authentication for ZLAN5143D can be bypassed by directly accessing internal URLs.
CVE-2026-24789 2026-02-11 CRITICAL 9.8 An unprotected API endpoint allows an attacker to remotely change the device password without providing authentication.
CVE-2025-65127 2026-02-11 N/A 0.0 A lack of session validation in the web API component of Shenzhen Zhibotong Electronics ZBT WE2001 23.09.27 allows remote unauthenticated attackers to access administrative information-retrieval functions intended for…
CVE-2025-13391 2026-02-11 MEDIUM 5.8 The Product Options and Price Calculation Formulas for WooCommerce – Uni CPO (Premium) plugin for WordPress is vulnerable to unauthorized loss of data due to a missing capability…
CVE-2026-25869 2026-02-11 N/A 0.0 MiniGal Nano versions 0.3.5 and prior contain a path traversal vulnerability in index.php via the dir parameter. The application appends user-controlled input to the photos directory and attempts…
CVE-2026-25868 2026-02-11 N/A 0.0 MiniGal Nano version 0.3.5 and prior contain a reflected cross-site scripting (XSS) vulnerability in index.php via the dir parameter. The application constructs $currentdir from user-controlled input and embeds…
CVE-2025-64075 2026-02-11 CRITICAL 10.0 A path traversal vulnerability in the check_token function of Shenzhen Zhibotong Electronics ZBT WE2001 23.09.27 allows remote attackers to bypass authentication and perform administrative actions by supplying a…
CVE-2025-12474 2026-02-11 N/A 0.0 A specially-crafted file can cause libjxl's decoder to read pixel data from uninitialized (but allocated) memory. This can be done by causing the decoder to reference an outside-image-bound…
CVE-2026-21329 2026-02-10 HIGH 7.8 After Effects versions 25.6 and earlier are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user.…
CVE-2026-21330 2026-02-10 HIGH 7.8 After Effects versions 25.6 and earlier are affected by an Access of Resource Using Incompatible Type ('Type Confusion') vulnerability that could result in arbitrary code execution in the…
CVE-2026-21318 2026-02-10 HIGH 7.8 After Effects versions 25.6 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation…
CVE-2026-21319 2026-02-10 MEDIUM 5.5 After Effects versions 25.6 and earlier are affected by an Out-of-bounds Read vulnerability that could lead to memory exposure. An attacker could leverage this vulnerability to access sensitive…
CVE-2026-21320 2026-02-10 HIGH 7.8 After Effects versions 25.6 and earlier are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user.…
CVE-2026-21321 2026-02-10 HIGH 7.8 After Effects versions 25.6 and earlier are affected by an Integer Overflow or Wraparound vulnerability that could result in arbitrary code execution in the context of the current…
CVE-2026-21322 2026-02-10 HIGH 7.8 After Effects versions 25.6 and earlier are affected by an out-of-bounds read vulnerability when parsing a crafted file, which could result in a read past the end of…
CVE-2026-21323 2026-02-10 HIGH 7.8 After Effects versions 25.6 and earlier are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user.…
CVE-2026-21324 2026-02-10 HIGH 7.8 After Effects versions 25.6 and earlier are affected by an out-of-bounds read vulnerability when parsing a crafted file, which could result in a read past the end of…
CVE-2026-21325 2026-02-10 HIGH 7.8 After Effects versions 25.6 and earlier are affected by an out-of-bounds read vulnerability when parsing a crafted file, which could result in a read past the end of…
CVE-2026-21326 2026-02-10 HIGH 7.8 After Effects versions 25.6 and earlier are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user.…
CVE-2026-21327 2026-02-10 HIGH 7.8 After Effects versions 25.6 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation…
CVE-2026-21328 2026-02-10 HIGH 7.8 After Effects versions 25.6 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation…
CVE-2026-21334 2026-02-10 HIGH 7.8 Substance3D - Designer versions 15.1.0 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user.…
CVE-2026-21335 2026-02-10 HIGH 7.8 Substance3D - Designer versions 15.1.0 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user.…
CVE-2026-21336 2026-02-10 MEDIUM 5.5 Substance3D - Designer versions 15.1.0 and earlier are affected by a NULL Pointer Dereference vulnerability that could lead to application denial-of-service. An attacker could exploit this vulnerability to…
CVE-2026-21337 2026-02-10 MEDIUM 5.5 Substance3D - Designer versions 15.1.0 and earlier are affected by an Out-of-bounds Read vulnerability that could lead to memory exposure. An attacker could leverage this vulnerability to access…
CVE-2026-21338 2026-02-10 MEDIUM 5.5 Substance3D - Designer versions 15.1.0 and earlier are affected by a NULL Pointer Dereference vulnerability that could lead to application denial-of-service. An attacker could exploit this vulnerability to…
CVE-2026-21339 2026-02-10 MEDIUM 5.5 Substance3D - Designer versions 15.1.0 and earlier are affected by an out-of-bounds read vulnerability that could lead to memory exposure. An attacker could leverage this vulnerability to disclose…
CVE-2026-21340 2026-02-10 MEDIUM 5.5 Substance3D - Designer versions 15.1.0 and earlier are affected by an out-of-bounds read vulnerability that could lead to memory exposure. An attacker could leverage this vulnerability to disclose…
CVE-2026-21350 2026-02-10 MEDIUM 5.5 After Effects versions 25.6 and earlier are affected by a NULL Pointer Dereference vulnerability that could lead to application denial-of-service. An attacker could exploit this vulnerability to crash…
CVE-2026-21351 2026-02-10 HIGH 7.8 After Effects versions 25.6 and earlier are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user.…
CVE-2025-15400 2026-02-11 MEDIUM 6.5 The Pix para Woocommerce WordPress plugin through 2.13.3 allows any authenticated user to trigger AJAX actions that reset payment gateway configuration options without capability or nonce checks. This…
CVE-2026-21343 2026-02-10 HIGH 7.8 Substance3D - Stager versions 3.1.6 and earlier are affected by an out-of-bounds read vulnerability when parsing a crafted file, which could result in a read past the end…
CVE-2026-21344 2026-02-10 HIGH 7.8 Substance3D - Stager versions 3.1.6 and earlier are affected by an out-of-bounds read vulnerability when parsing a crafted file, which could result in a read past the end…
CVE-2026-21345 2026-02-10 HIGH 7.8 Substance3D - Stager versions 3.1.6 and earlier are affected by an out-of-bounds read vulnerability when parsing a crafted file, which could result in a read past the end…
CVE-2026-21346 2026-02-10 HIGH 7.8 Bridge versions 15.1.3, 16.0.1 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation…
CVE-2026-21347 2026-02-10 HIGH 7.8 Bridge versions 15.1.3, 16.0.1 and earlier are affected by an Integer Overflow or Wraparound vulnerability that could result in arbitrary code execution in the context of the current…
CVE-2026-21342 2026-02-10 HIGH 7.8 Substance3D - Stager versions 3.1.6 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user.…
CVE-2026-21341 2026-02-10 HIGH 7.8 Substance3D - Stager versions 3.1.6 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user.…
CVE-2026-25728 2026-02-10 N/A 0.0 ClipBucket v5 is an open source video sharing platform. Prior to 5.5.3 - #40, a Time-of-Check to Time-of-Use (TOCTOU) race condition vulnerability exists in ClipBucket's avatar and background…
« Anterior Página 309 de 4232 Siguiente »