Vulnerabilidades CVE

A continuación la lista de las últimas vulnerabilidades publicadas por el instituto NIST:

Borrar filtros
CVE ID Publicado Severidad CVSS Descripción
CVE-2025-54170 2026-02-11 N/A 0.0 An out-of-bounds read vulnerability has been reported to affect Qsync Central. If a remote attacker gains a user account, they can then exploit the vulnerability to obtain secret…
CVE-2025-54169 2026-02-11 N/A 0.0 An out-of-bounds read vulnerability has been reported to affect File Station 5. If a remote attacker gains a user account, they can then exploit the vulnerability to obtain…
CVE-2025-54163 2026-02-11 N/A 0.0 A NULL pointer dereference vulnerability has been reported to affect File Station 5. If a remote attacker gains an administrator account, they can then exploit the vulnerability to…
CVE-2025-54162 2026-02-11 N/A 0.0 A path traversal vulnerability has been reported to affect File Station 5. If a remote attacker gains an administrator account, they can then exploit the vulnerability to read…
CVE-2025-54161 2026-02-11 N/A 0.0 An allocation of resources without limits or throttling vulnerability has been reported to affect File Station 5. If a remote attacker gains an administrator account, they can then…
CVE-2025-54155 2026-02-11 N/A 0.0 An allocation of resources without limits or throttling vulnerability has been reported to affect File Station 5. If a remote attacker gains an administrator account, they can then…
CVE-2025-54152 2026-02-11 N/A 0.0 A use of out-of-range pointer offset vulnerability has been reported to affect Qsync Central. If a remote attacker gains a user account, they can then exploit the vulnerability…
CVE-2025-54151 2026-02-11 N/A 0.0 An uncontrolled resource consumption vulnerability has been reported to affect Qsync Central. If a local attacker gains a user account, they can then exploit the vulnerability to launch…
CVE-2025-54150 2026-02-11 N/A 0.0 An uncontrolled resource consumption vulnerability has been reported to affect Qsync Central. If a local attacker gains a user account, they can then exploit the vulnerability to launch…
CVE-2025-54149 2026-02-11 N/A 0.0 An uncontrolled resource consumption vulnerability has been reported to affect Qsync Central. If a local attacker gains a user account, they can then exploit the vulnerability to launch…
CVE-2025-54148 2026-02-11 N/A 0.0 A NULL pointer dereference vulnerability has been reported to affect Qsync Central. If a remote attacker gains a user account, they can then exploit the vulnerability to launch…
CVE-2025-54147 2026-02-11 N/A 0.0 A NULL pointer dereference vulnerability has been reported to affect Qsync Central. If a remote attacker gains a user account, they can then exploit the vulnerability to launch…
CVE-2025-54146 2026-02-11 N/A 0.0 A NULL pointer dereference vulnerability has been reported to affect Qsync Central. If a remote attacker gains a user account, they can then exploit the vulnerability to launch…
CVE-2025-53598 2026-02-11 N/A 0.0 A NULL pointer dereference vulnerability has been reported to affect Qsync Central. If a remote attacker gains a user account, they can then exploit the vulnerability to launch…
CVE-2025-52870 2026-02-11 N/A 0.0 A buffer overflow vulnerability has been reported to affect Qsync Central. If a remote attacker gains a user account, they can then exploit the vulnerability to modify memory…
CVE-2025-52869 2026-02-11 N/A 0.0 A buffer overflow vulnerability has been reported to affect Qsync Central. If a remote attacker gains a user account, they can then exploit the vulnerability to modify memory…
CVE-2025-47205 2026-02-11 N/A 0.0 A NULL pointer dereference vulnerability has been reported to affect several QNAP operating system versions. If a remote attacker gains an administrator account, they can then exploit the…
CVE-2024-56808 2026-02-11 N/A 0.0 A command injection vulnerability has been reported to affect Media Streaming add-on. If an attacker gains local network access who have also gained a user account, they can…
CVE-2024-56807 2026-02-11 N/A 0.0 An out-of-bounds read vulnerability has been reported to affect Media Streaming add-on. If an attacker gains local network access, they can then exploit the vulnerability to obtain secret…
CVE-2026-1458 2026-02-11 MEDIUM 6.5 GitLab has remediated an issue in GitLab CE/EE affecting all versions from 8.0 before 18.6.6, 18.7 before 18.7.4, and 18.8 before 18.8.4 that, under certain conditions could have…
CVE-2026-1456 2026-02-11 MEDIUM 6.5 GitLab has remediated an issue in GitLab CE/EE affecting all versions from 18.7 before 18.7.4, and 18.8 before 18.8.4 that could have allowed an unauthenticated user to cause…
CVE-2026-1387 2026-02-11 MEDIUM 6.5 GitLab has remediated an issue in GitLab EE affecting all versions from 15.6 before 18.6.6, 18.7 before 18.7.4, and 18.8 before 18.8.4 that could have allowed an authenticated…
CVE-2026-1282 2026-02-11 LOW 3.5 GitLab has remediated an issue in GitLab CE/EE affecting all versions from 18.6 before 18.6.6, 18.7 before 18.7.4, and 18.8 before 18.8.4 that could have allowed an authenticated…
CVE-2026-1094 2026-02-11 MEDIUM 4.6 GitLab has remediated an issue in GitLab CE/EE affecting all versions from 18.8 before 18.8.4 that could have allowed an authenticated developer to hide specially crafted file changes…
CVE-2026-1080 2026-02-11 MEDIUM 4.3 GitLab has remediated an issue in GitLab EE affecting all versions from 16.7 before 18.6.6, 18.7 before 18.7.4, and 18.8 before 18.8.4 that, under certain conditions could have…
CVE-2026-0958 2026-02-11 HIGH 7.5 GitLab has remediated an issue in GitLab CE/EE affecting all versions from 18.4 before 18.6.6, 18.7 before 18.7.4, and 18.8 before 18.8.4 that could have allowed an unauthenticated…
CVE-2026-0595 2026-02-11 HIGH 7.3 GitLab has remediated an issue in GitLab CE/EE affecting all versions from 13.9 before 18.6.6, 18.7 before 18.7.4, and 18.8 before 18.8.4 that, under certain conditions could have…
CVE-2025-8099 2026-02-11 HIGH 7.5 GitLab has remediated an issue in GitLab CE/EE affecting all versions from 10.8 before 18.6.6, 18.7 before 18.7.4, and 18.8 before 18.8.4 that, under certain conditions, could have…
CVE-2025-7659 2026-02-11 HIGH 8.0 GitLab has remediated an issue in GitLab CE/EE affecting all versions from 18.2 before 18.6.6, 18.7 before 18.7.4, and 18.8 before 18.8.4 that could have allowed an unauthenticated…
CVE-2025-14594 2026-02-11 LOW 3.5 GitLab has remediated an issue in GitLab CE/EE affecting all versions from 17.11 before 18.6.6, 18.7 before 18.7.4, and 18.8 before 18.8.4 that, under certain conditions could have…
CVE-2025-14592 2026-02-11 LOW 3.7 GitLab has remediated an issue in GitLab CE/EE affecting all versions from 18.6 before 18.6.6, 18.7 before 18.7.4, and 18.8 before 18.8.4 that, under certain conditions could have…
CVE-2025-14560 2026-02-11 HIGH 7.3 GitLab has remediated an issue in GitLab CE/EE affecting all versions from 17.1 before 18.6.6, 18.7 before 18.7.4, and 18.8 before 18.8.4 that, under certain conditions could have…
CVE-2025-12575 2026-02-11 MEDIUM 5.4 GitLab has remediated an issue in GitLab EE affecting all versions from 18.0 before 18.6.6, 18.7 before 18.7.4, and 18.8 before 18.8.4 that, under certain conditions could have…
CVE-2025-12073 2026-02-11 MEDIUM 4.3 GitLab has remediated an issue in GitLab CE/EE affecting all versions from 18.0 before 18.6.6, 18.7 before 18.7.4, and 18.8 before 18.8.4 that, under certain conditions, could have…
CVE-2025-10174 2026-02-11 HIGH 8.3 Cleartext Transmission of Sensitive Information vulnerability in Pan Software & Information Technologies Ltd. PanCafe Pro allows Flooding.This issue affects PanCafe Pro: from < 3.3.2 through 23092025.
CVE-2026-2295 2026-02-11 MEDIUM 5.3 The WPZOOM Addons for Elementor – Starter Templates & Widgets plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the…
CVE-2025-15096 2026-02-11 HIGH 8.8 The 'Videospirecore Theme Plugin' plugin for WordPress is vulnerable to privilege escalation via account takeover in all versions up to, and including, 1.0.6. This is due to the…
CVE-2026-1885 2026-02-11 MEDIUM 6.4 The Slideshow Wp plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'sswpid' attribute of the 'sswp-slide' shortcode in all versions up to, and including, 1.1.…
CVE-2026-1853 2026-02-11 MEDIUM 6.4 The BuddyHolis ListSearch plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'listsearch' shortcode in all versions up to, and including, 1.1 due to insufficient…
CVE-2026-1833 2026-02-11 MEDIUM 5.3 The WaMate Confirm – Order Confirmation plugin for WordPress is vulnerable to unauthorized access in all versions up to, and including, 2.0.1. This is due to the plugin…
CVE-2026-1827 2026-02-11 MEDIUM 6.4 The Flask Micro code-editor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's codeflask shortcode in all versions up to, and including, 1.0.0 due to…
CVE-2026-1826 2026-02-11 MEDIUM 6.4 The OpenPOS Lite – Point of Sale for WooCommerce plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'width' parameter of the order_qrcode shortcode in all…
CVE-2026-1821 2026-02-11 MEDIUM 6.4 The Microtango plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'restkey' parameter of the mt_reservation shortcode in all versions up to, and including, 0.9.29 due…
CVE-2026-1809 2026-02-11 MEDIUM 6.4 The HTML Tag Shortcodes plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's shortcodes in all versions up to, and including, 1.1 due to insufficient…
CVE-2026-1804 2026-02-11 MEDIUM 6.4 The WDES Responsive Popup plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'wdes-popup-title' shortcode in all versions up to, and including, 1.3.6 due to…
CVE-2026-1786 2026-02-11 MEDIUM 6.5 The Twitter posts to Blog plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the 'dg_tw_options' function in all versions…
CVE-2026-1748 2026-02-11 MEDIUM 4.3 The Invoct – PDF Invoices & Billing for WooCommerce plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on multiple functions…
CVE-2026-1560 2026-02-11 HIGH 8.8 The Custom Block Builder – Lazy Blocks plugin for WordPress is vulnerable to Remote Code Execution in all versions up to, and including, 4.2.0 via multiple functions in…
CVE-2026-1215 2026-02-11 MEDIUM 4.3 The MMA Call Tracking plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 2.3.15. This is due to missing nonce validation…
CVE-2026-0815 2026-02-11 MEDIUM 4.4 The Category Image plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'tag-image' parameter in all versions up to, and including, 2.0 due to insufficient input…
« Anterior Página 315 de 4236 Siguiente »