Vulnerabilidades CVE

A continuación la lista de las últimas vulnerabilidades publicadas por el instituto NIST:

CVE ID	Publicado	Severidad	CVSS	Descripción
CVE-2022-36934	2022-09-22	CRITICAL	9.8	An integer overflow in WhatsApp could result in remote code execution in an established video call.
CVE-2022-40447	2022-09-22	HIGH	7.2	ZZCMS 2022 was discovered to contain a SQL injection vulnerability via the keyword parameter at /admin/baojia_list.php.
CVE-2022-40446	2022-09-22	HIGH	7.2	ZZCMS 2022 was discovered to contain a SQL injection vulnerability via the component /admin/sendmailto.php?tomail=&groupid=.
CVE-2022-35039	2022-09-22	MEDIUM	6.5	OTFCC commit 617837b was discovered to contain a heap buffer overflow via /release-x64/otfccdump+0x6e20a0.
CVE-2022-35038	2022-09-22	MEDIUM	6.5	OTFCC commit 617837b was discovered to contain a heap buffer overflow via /release-x64/otfccdump+0x6b064d.
CVE-2022-35037	2022-09-22	MEDIUM	6.5	OTFCC commit 617837b was discovered to contain a heap buffer overflow via /release-x64/otfccdump+0x6adb1e.
CVE-2022-35408	2022-09-22	HIGH	8.2	An issue was discovered in Insyde InsydeH2O with kernel 5.0 through 5.5. An SMM callout vulnerability in the SMM driver…
CVE-2022-35036	2022-09-22	MEDIUM	6.5	OTFCC commit 617837b was discovered to contain a heap buffer overflow via /release-x64/otfccdump+0x6e1fc8.
CVE-2022-35035	2022-09-22	MEDIUM	6.5	OTFCC commit 617837b was discovered to contain a heap buffer overflow via /release-x64/otfccdump+0x6b559f.
CVE-2022-35034	2022-09-22	MEDIUM	6.5	OTFCC commit 617837b was discovered to contain a heap buffer overflow via /release-x64/otfccdump+0x6e7e3d.
CVE-2022-35031	2022-09-22	MEDIUM	6.5	OTFCC commit 617837b was discovered to contain a segmentation violation via /release-x64/otfccdump+0x703969.
CVE-2022-35030	2022-09-22	MEDIUM	6.5	OTFCC commit 617837b was discovered to contain a segmentation violation via /release-x64/otfccdump+0x4fe954.
CVE-2022-35029	2022-09-22	MEDIUM	6.5	OTFCC commit 617837b was discovered to contain a segmentation violation via /release-x64/otfccdump+0x6babea.
CVE-2022-35028	2022-09-22	MEDIUM	6.5	OTFCC commit 617837b was discovered to contain a segmentation violation via /release-x64/otfccdump+0x4fbbb6.
CVE-2022-35027	2022-09-22	MEDIUM	6.5	OTFCC commit 617837b was discovered to contain a segmentation violation via /release-x64/otfccdump+0x4fe9a7.
CVE-2022-35026	2022-09-22	MEDIUM	6.5	OTFCC commit 617837b was discovered to contain a segmentation violation via /release-x64/otfccdump+0x4fbc0b.
CVE-2022-35025	2022-09-22	MEDIUM	6.5	OTFCC commit 617837b was discovered to contain a segmentation violation via /release-x64/otfccdump+0x5266a8.
CVE-2022-35023	2022-09-22	MEDIUM	6.5	OTFCC commit 617837b was discovered to contain a segmentation violation via /lib/x86_64-linux-gnu/libc.so.6+0xbb384.
CVE-2022-35022	2022-09-22	MEDIUM	6.5	OTFCC commit 617837b was discovered to contain a segmentation violation via /release-x64/otfccdump+0x6badae.
CVE-2022-35021	2022-09-22	MEDIUM	6.5	OTFCC commit 617837b was discovered to contain a global buffer overflow via /release-x64/otfccdump+0x718693.
CVE-2022-21138	2025-05-27	N/A	0.0	Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority because it is Unused
CVE-2022-0003	2025-05-27	N/A	0.0	Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority because it is Unused
CVE-2022-30426	2022-09-23	HIGH	7.8	There is a stack buffer overflow vulnerability, which could lead to arbitrary code execution in UEFI DXE driver on some…
CVE-2022-28977	2022-09-22	MEDIUM	6.1	HtmlUtil.escapeRedirect in Liferay Portal 7.3.1 through 7.4.2, and Liferay DXP 7.0 fix pack 91 through 101, 7.1 fix pack 17…
CVE-2021-41803	2022-09-23	HIGH	7.1	HashiCorp Consul 1.8.1 up to 1.11.8, 1.12.4, and 1.13.1 do not properly validate the node or segment names prior to…
CVE-2021-41136	2021-10-12	LOW	3.7	Puma is a HTTP 1.1 server for Ruby/Rack applications. Prior to versions 5.5.1 and 4.3.9, using `puma` with a proxy…
CVE-2020-26272	2021-01-28	MEDIUM	5.4	The Electron framework lets users write cross-platform desktop applications using JavaScript, HTML and CSS. In versions of Electron IPC prior…
CVE-2024-1310	2024-04-15	MEDIUM	4.9	The WooCommerce WordPress plugin before 8.6 does not prevent users with at least the contributor role from leaking products they…
CVE-2024-29461	2024-04-12	MEDIUM	6.3	An issue in Floodlight SDN OpenFlow Controller v.1.2 allows a remote attacker to cause a denial of service via the…
CVE-2023-40486	2024-05-03	HIGH	7.8	Maxon Cinema 4D SKP File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute…
CVE-2023-40482	2024-05-03	HIGH	7.8	Maxon Cinema 4D SKP File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary…
CVE-2023-40483	2024-05-03	HIGH	7.8	Maxon Cinema 4D SKP File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary…
CVE-2023-40484	2024-05-03	HIGH	7.8	Maxon Cinema 4D SKP File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute…
CVE-2023-40485	2024-05-03	HIGH	7.8	Maxon Cinema 4D SKP File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute…
CVE-2023-40487	2024-05-03	HIGH	7.8	Maxon Cinema 4D SKP File Parsing Use-After-Free Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code…
CVE-2023-40488	2024-05-03	HIGH	7.8	Maxon Cinema 4D SKP File Parsing Use-After-Free Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code…
CVE-2023-40489	2024-05-03	HIGH	7.8	Maxon Cinema 4D SKP File Parsing Use-After-Free Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code…
CVE-2024-31268	2024-04-12	MEDIUM	4.3	Cross-Site Request Forgery (CSRF) vulnerability in AppPresser Team AppPresser.This issue affects AppPresser: from n/a through 4.3.0.
CVE-2023-44856	2024-04-12	MEDIUM	6.1	Cross Site Scripting (XSS) vulnerability in Cobham SAILOR VSAT Ku v.164B019, allows a remote attacker to execute arbitrary code via…
CVE-2025-4891	2025-05-18	MEDIUM	5.3	A vulnerability was found in code-projects Police Station Management System 1.0. It has been classified as critical. Affected is the…
CVE-2025-5108	2025-05-23	MEDIUM	6.3	A vulnerability was found in zongzhige ShopXO 6.5.0. It has been rated as critical. This issue affects the function Upload…
CVE-2025-5107	2025-05-23	MEDIUM	6.3	A vulnerability was found in Fujian Kelixun 1.0. It has been declared as critical. This vulnerability affects unknown code of…
CVE-2023-5907	2023-12-11	MEDIUM	6.5	The File Manager WordPress plugin before 6.3 does not restrict the file managers root directory, allowing an administrator to set…
CVE-2023-49417	2023-12-11	CRITICAL	9.8	TOTOLink A7000R V9.1.0u.6115_B20201022 has a stack overflow vulnerability via setOpModeCfg.
CVE-2023-48425	2023-12-11	CRITICAL	9.8	U-Boot vulnerability resulting in persistent Code Execution
CVE-2023-41117	2023-12-12	HIGH	8.8	An issue was discovered in EnterpriseDB Postgres Advanced Server (EPAS) before 11.21.32, 12.x before 12.16.20, 13.x before 13.12.16, 14.x before…
CVE-2023-42908	2023-12-12	HIGH	7.8	Multiple memory corruption issues were addressed with improved input validation. This issue is fixed in macOS Sonoma 14.2. Processing a…
CVE-2023-42884	2023-12-12	MEDIUM	5.5	This issue was addressed with improved redaction of sensitive information. This issue is fixed in macOS Sonoma 14.2, iOS 17.2…
CVE-2023-36652	2023-12-12	MEDIUM	4.3	A SQL Injection in the users searching REST API endpoint in ProLion CryptoSpike 3.0.15P2 allows remote authenticated attackers to read…
CVE-2023-28465	2023-12-12	HIGH	7.5	The package-decompression feature in HL7 (Health Level 7) FHIR Core Libraries before 5.6.106 allows attackers to copy arbitrary files to…

« Anterior Página 368 de 3517 Siguiente »