Vulnerabilidades CVE

A continuación la lista de las últimas vulnerabilidades publicadas por el instituto NIST:

CVE ID Publicado Severidad CVSS Descripción
CVE-2025-5268 2025-05-27 MEDIUM 6.5 Memory safety bugs present in Firefox 138, Thunderbird 138, Firefox ESR 128.10, and Thunderbird 128.10. Some of these bugs showed…
CVE-2025-5269 2025-05-27 MEDIUM 6.5 Memory safety bug present in Firefox ESR 128.10, and Thunderbird 128.10. This bug showed evidence of memory corruption and we…
CVE-2021-29505 2021-05-28 HIGH 7.5 XStream is software for serializing Java objects to XML and back again. A vulnerability in XStream versions prior to 1.4.17…
CVE-2021-21265 2021-03-10 MEDIUM 6.8 October is a free, open-source, self-hosted CMS platform based on the Laravel PHP Framework. In October before version 1.1.2, when…
CVE-2025-47497 2025-05-07 MEDIUM 6.5 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in themepoints Logo Showcase allows DOM-Based XSS. This issue…
CVE-2020-15187 2020-09-17 LOW 3.0 In Helm before versions 2.16.11 and 3.3.2, a Helm plugin can contain duplicates of the same entry, with the last…
CVE-2025-30224 2025-04-01 N/A 0.0 MyDumper is a MySQL Logical Backup Tool. The MySQL C client library (libmysqlclient) allows authenticated remote actors to read arbitrary…
CVE-2025-39349 2025-05-19 CRITICAL 9.8 Deserialization of Untrusted Data vulnerability in Potenzaglobalsolutions CiyaShop allows Object Injection.This issue affects CiyaShop: from n/a through 4.18.0.
CVE-2025-39348 2025-05-19 CRITICAL 9.8 Deserialization of Untrusted Data vulnerability in ThemeGoods Grand Restaurant WordPress allows Object Injection.This issue affects Grand Restaurant WordPress: from n/a…
CVE-2022-34715 2022-08-09 CRITICAL 9.8 Windows Network File System Remote Code Execution Vulnerability
CVE-2022-34714 2022-08-09 HIGH 8.1 Windows Secure Socket Tunneling Protocol (SSTP) Remote Code Execution Vulnerability
CVE-2022-34712 2022-08-09 MEDIUM 5.5 Windows Defender Credential Guard Information Disclosure Vulnerability
CVE-2022-34710 2022-08-09 MEDIUM 5.5 Windows Defender Credential Guard Information Disclosure Vulnerability
CVE-2022-34709 2022-08-09 MEDIUM 6.0 Windows Defender Credential Guard Security Feature Bypass Vulnerability
CVE-2022-34708 2022-08-09 MEDIUM 5.5 Windows Kernel Information Disclosure Vulnerability
CVE-2025-32928 2025-05-19 CRITICAL 9.8 Deserialization of Untrusted Data vulnerability in ThemeGoods Altair allows Object Injection.This issue affects Altair: from n/a through 5.2.2.
CVE-2025-32927 2025-05-19 CRITICAL 9.8 Deserialization of Untrusted Data vulnerability in Chimpstudio FoodBakery allows Object Injection.This issue affects FoodBakery: from n/a through 3.3.
CVE-2025-48256 2025-05-19 MEDIUM 6.5 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Xylus Themes Import Social Events allows Stored XSS.…
CVE-2025-48255 2025-05-19 MEDIUM 4.3 Cross-Site Request Forgery (CSRF) vulnerability in videowhisper Broadcast Live Video – Live Streaming : WebRTC, HLS, RTSP, RTMP allows Cross…
CVE-2025-48254 2025-05-19 MEDIUM 6.5 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in WPFactory Change Add to Cart Button Text for…
CVE-2025-48253 2025-05-19 MEDIUM 6.5 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in WPFactory Free Shipping Bar: Amount Left for Free…
CVE-2023-48324 2024-12-09 MEDIUM 5.4 Missing Authorization vulnerability in Awesome Support Team Awesome Support allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Awesome…
CVE-2023-49757 2024-12-09 MEDIUM 5.4 Missing Authorization vulnerability in Awesome Support Team Awesome Support allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Awesome…
CVE-2023-49857 2024-12-09 MEDIUM 6.5 Missing Authorization vulnerability in Awesome Support Team Awesome Support allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Awesome…
CVE-2023-51356 2024-05-17 HIGH 8.8 Improper Privilege Management vulnerability in Repute Infosystems ARMember allows Privilege Escalation.This issue affects ARMember: from n/a through 4.0.10.
CVE-2023-47837 2024-06-04 HIGH 8.3 Improper Privilege Management vulnerability in Repute Infosystems ARMember allows Privilege Escalation.This issue affects ARMember: from n/a through 4.0.10.
CVE-2023-45760 2025-01-02 MEDIUM 4.3 Missing Authorization vulnerability in gVectors Team wpDiscuz allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects wpDiscuz: from n/a…
CVE-2024-30222 2024-03-28 HIGH 8.5 Deserialization of Untrusted Data vulnerability in Repute Infosystems ARMember.This issue affects ARMember: from n/a through 4.0.26.
CVE-2024-30223 2024-03-28 CRITICAL 9.0 Deserialization of Untrusted Data vulnerability in Repute Infosystems ARMember.This issue affects ARMember: from n/a through 4.0.26.
CVE-2024-35283 2024-05-29 MEDIUM 6.1 A vulnerability in the Ignite component of Mitel MiContact Center Business through 10.0.0.4 could allow an unauthenticated attacker to conduct…
CVE-2024-35284 2024-05-29 MEDIUM 5.4 A vulnerability in the legacy chat component of Mitel MiContact Center Business through 10.0.0.4 could allow an unauthenticated attacker to…
CVE-2024-36042 2024-06-03 CRITICAL 9.8 Silverpeas before 6.3.5 allows authentication bypass by omitting the Password field to AuthenticationServlet, often providing an unauthenticated user with superadmin…
CVE-2024-4180 2024-06-04 CRITICAL 9.1 The Events Calendar WordPress plugin before 6.4.0.1 does not properly sanitize user-submitted content when rendering some views via AJAX.
CVE-2024-4274 2024-06-04 MEDIUM 4.3 The Essential Real Estate plugin for WordPress is vulnerable to unauthorized loss of data due to insufficient validation on the…
CVE-2023-46310 2024-06-04 MEDIUM 5.3 Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS) vulnerability in gVectors Team wpDiscuz allows Code Injection.This…
CVE-2024-4273 2024-06-04 MEDIUM 6.4 The Essential Real Estate plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'ere_property_map' shortcode in all…
CVE-2023-51667 2024-06-04 MEDIUM 5.3 Authentication Bypass by Spoofing vulnerability in FeedbackWP Rate my Post – WP Rating System allows Accessing Functionality Not Properly Constrained…
CVE-2024-32715 2024-06-09 MEDIUM 5.3 Missing Authorization vulnerability in Olive Themes Olive One Click Demo Import.This issue affects Olive One Click Demo Import: from n/a…
CVE-2024-36302 2024-06-10 HIGH 7.8 An origin validation vulnerability in the Trend Micro Apex One security agent could allow a local attacker to escalate privileges…
CVE-2023-46309 2025-01-02 MEDIUM 5.3 Missing Authorization vulnerability in gVectors Team wpDiscuz allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects wpDiscuz: from n/a…
CVE-2022-35772 2022-08-09 HIGH 7.2 Azure Site Recovery Remote Code Execution Vulnerability
CVE-2022-35771 2022-08-09 HIGH 7.8 Windows Defender Credential Guard Elevation of Privilege Vulnerability
CVE-2022-35769 2022-08-09 HIGH 7.5 Windows Point-to-Point Protocol (PPP) Denial of Service Vulnerability
CVE-2022-35768 2022-08-09 HIGH 7.8 Windows Kernel Elevation of Privilege Vulnerability
CVE-2022-35767 2022-08-09 HIGH 8.1 Windows Secure Socket Tunneling Protocol (SSTP) Remote Code Execution Vulnerability
CVE-2022-35766 2022-08-09 HIGH 8.1 Windows Secure Socket Tunneling Protocol (SSTP) Remote Code Execution Vulnerability
CVE-2022-35765 2022-08-09 HIGH 7.8 Storage Spaces Direct Elevation of Privilege Vulnerability
CVE-2022-35764 2022-08-09 HIGH 7.8 Storage Spaces Direct Elevation of Privilege Vulnerability
CVE-2022-35763 2022-08-09 HIGH 7.8 Storage Spaces Direct Elevation of Privilege Vulnerability
CVE-2022-35762 2022-08-09 HIGH 7.8 Storage Spaces Direct Elevation of Privilege Vulnerability
« Anterior Página 339 de 3515 Siguiente »