Vulnerabilidades CVE

A continuación la lista de las últimas vulnerabilidades publicadas por el instituto NIST:

CVE ID Publicado Severidad CVSS Descripción
CVE-2022-40854 2022-09-23 CRITICAL 9.8 Tenda AC18 router contained a stack overflow vulnerability in /goform/fast_setting_wifi_set
CVE-2022-40851 2022-09-23 CRITICAL 9.8 Tenda AC15 V15.03.05.19 contained a stack overflow via the function fromAddressNat.
CVE-2022-35246 2022-09-23 MEDIUM 4.3 A NoSQL-Injection information disclosure vulnerability vulnerability exists in Rocket.Chat
CVE-2022-32852 2022-09-23 HIGH 7.1 An out-of-bounds read issue was addressed with improved input validation. This issue is fixed in macOS Monterey 12.5. Processing a…
CVE-2022-35092 2022-09-23 MEDIUM 5.5 SWFTools commit 772e55a2 was discovered to contain a segmentation violation via convert_gfxline at /gfxpoly/convert.c.
CVE-2022-35091 2022-09-23 MEDIUM 5.5 SWFTools commit 772e55a2 was discovered to contain a floating point exception (FPE) via DCTStream::readMCURow() at /xpdf/Stream.cc.ow()
CVE-2022-34348 2022-09-23 HIGH 7.1 IBM Sterling Partner Engagement Manager 6.1 is vulnerable to an XML External Entity Injection (XXE) attack when processing XML data.…
CVE-2022-32817 2022-09-23 MEDIUM 5.5 An out-of-bounds read issue was addressed with improved bounds checking. This issue is fixed in watchOS 8.7, tvOS 15.6, iOS…
CVE-2022-32816 2022-09-23 MEDIUM 6.5 The issue was addressed with improved UI handling. This issue is fixed in watchOS 8.7, tvOS 15.6, iOS 15.6 and…
CVE-2022-32815 2022-09-23 HIGH 7.8 The issue was addressed with improved memory handling. This issue is fixed in iOS 15.6 and iPadOS 15.6, macOS Big…
CVE-2022-32797 2022-09-23 HIGH 7.1 This issue was addressed with improved checks. This issue is fixed in Security Update 2022-005 Catalina, macOS Big Sur 11.6.8,…
CVE-2022-32796 2022-09-23 HIGH 7.8 A memory corruption issue was addressed with improved state management. This issue is fixed in macOS Monterey 12.5. An app…
CVE-2022-32792 2022-09-23 HIGH 8.8 An out-of-bounds write issue was addressed with improved input validation. This issue is fixed in iOS 15.6 and iPadOS 15.6,…
CVE-2022-32790 2022-09-23 HIGH 7.5 This issue was addressed with improved checks. This issue is fixed in tvOS 15.5, watchOS 8.6, iOS 15.5 and iPadOS…
CVE-2022-32789 2022-09-23 MEDIUM 5.5 A logic issue was addressed with improved checks. This issue is fixed in macOS Monterey 12.5. An app may be…
CVE-2022-32787 2022-09-23 HIGH 8.8 An out-of-bounds write issue was addressed with improved bounds checking. This issue is fixed in iOS 15.6 and iPadOS 15.6,…
CVE-2022-32786 2022-09-23 MEDIUM 5.5 An issue in the handling of environment variables was addressed with improved validation. This issue is fixed in Security Update…
CVE-2022-32785 2022-09-23 MEDIUM 5.5 A null pointer dereference was addressed with improved validation. This issue is fixed in iOS 15.6 and iPadOS 15.6, Security…
CVE-2022-32783 2022-09-23 MEDIUM 5.5 A logic issue was addressed with improved checks. This issue is fixed in macOS Monterey 12.4. An app may gain…
CVE-2022-22423 2022-09-23 MEDIUM 5.5 IBM Common Cryptographic Architecture (CCA 5.x MTM for 4767 and CCA 7.x MTM for 4769) could allow a local user…
CVE-2020-27252 2020-12-14 HIGH 8.8 Medtronic MyCareLink Smart 25000 is vulnerable to a race condition in the MCL Smart Patient Reader software update system, which…
CVE-2020-25187 2020-12-14 HIGH 8.8 Medtronic MyCareLink Smart 25000 is  vulnerable when an authenticated attacker runs a debug command, which can be sent to the…
CVE-2020-25183 2020-12-14 HIGH 8.0 Medtronic MyCareLink Smart 25000 contains an authentication protocol vulnerability where the method used to authenticate between the MCL Smart Patient…
CVE-2003-5004 2025-05-22 N/A 0.0 Rejected reason: ** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. Reason: This candidate was issued in error. Notes: All…
CVE-2025-25500 2025-03-18 HIGH 7.5 An issue in CosmWasm prior to v2.2.0 allows attackers to bypass capability restrictions in blockchains by exploiting a lack of…
CVE-2025-30113 2025-03-18 CRITICAL 9.8 An issue was discovered on the Forvia Hella HELLA Driving Recorder DR 820. Hardcoded Credentials exist in the APK for…
CVE-2025-30114 2025-03-18 CRITICAL 9.1 An issue was discovered on the Forvia Hella HELLA Driving Recorder DR 820. Bypassing of Device Pairing can occur. The…
CVE-2025-30115 2025-03-18 CRITICAL 9.8 An issue was discovered on the Forvia Hella HELLA Driving Recorder DR 820. Default Credentials Cannot Be Changed. It uses…
CVE-2025-30116 2025-03-18 HIGH 7.5 An issue was discovered on the Forvia Hella HELLA Driving Recorder DR 820. Remotely Dumping of Video Footage and the…
CVE-2025-30117 2025-03-18 HIGH 7.3 An issue was discovered on the Forvia Hella HELLA Driving Recorder DR 820. Managing Settings and Obtaining Sensitive Data and…
CVE-2023-6270 2024-01-04 HIGH 7.0 A flaw was found in the ATA over Ethernet (AoE) driver in the Linux kernel. The aoecmd_cfg_pkts() function improperly updates…
CVE-2025-45752 2025-05-21 HIGH 7.2 A vulnerability in SeedDMS 6.0.32 allows an attacker with admin privileges to execute arbitrary PHP code by exploiting the zip…
CVE-2025-27558 2025-05-21 CRITICAL 9.1 IEEE P802.11-REVme D1.1 through D7.0 allows FragAttacks against mesh networks. In mesh networks using Wi-Fi Protected Access (WPA, WPA2, or…
CVE-2024-57529 2025-05-21 MEDIUM 6.1 Cross Site Scripting vulnerability in Jeppesen JetPlanner Pro v.1.6.2.20 allows a remote attacker to execute arbitrary code.
CVE-2024-23687 2024-01-19 CRITICAL 9.1 Hard-coded credentials in FOLIO mod-data-export-spring versions before 1.5.4 and from 2.0.0 to 2.0.2 allows unauthenticated users to access critical APIs,…
CVE-2023-50777 2023-12-13 MEDIUM 4.3 Jenkins PaaSLane Estimate Plugin 1.0.4 and earlier does not mask PaaSLane authentication tokens displayed on the job configuration form, increasing…
CVE-2023-50768 2023-12-13 HIGH 8.8 A cross-site request forgery (CSRF) vulnerability in Jenkins Nexus Platform Plugin 3.18.0-03 and earlier allows attackers to connect to an…
CVE-2023-47325 2023-12-13 MEDIUM 5.4 Silverpeas Core 6.3.1 administrative "Bin" feature is affected by broken access control. A user with low privileges is able to…
CVE-2023-47320 2023-12-13 HIGH 8.1 Silverpeas Core 6.3.1 is vulnerable to Incorrect Access Control. An attacker with low privileges is able to execute the administrator-only…
CVE-2023-45864 2023-12-13 MEDIUM 4.0 A race condition issue discovered in Samsung Mobile Processor Exynos 9820, 980, 1080, 2100, 2200, 1280, and 1380 allows unintended…
CVE-2023-35622 2023-12-12 HIGH 7.5 Windows DNS Spoofing Vulnerability
CVE-2022-40358 2022-09-23 MEDIUM 5.4 An issue was discovered in AjaXplorer 4.2.3, allows attackers to cause cross site scripting vulnerabilities via a crafted svg file…
CVE-2022-40105 2022-09-23 HIGH 7.5 Tenda i9 v1.0.0.8(3828) was discovered to contain a buffer overflow via the formWifiMacFilterGet function. This vulnerability allows attackers to cause…
CVE-2022-40104 2022-09-23 HIGH 7.5 Tenda i9 v1.0.0.8(3828) was discovered to contain a buffer overflow via the formwrlSSIDget function. This vulnerability allows attackers to cause…
CVE-2022-35251 2022-09-23 MEDIUM 5.4 A cross-site scripting vulnerability exists in Rocket.chat
CVE-2022-35721 2022-09-23 MEDIUM 5.4 IBM Jazz for Service Management 1.1.3 is vulnerable to stored cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript…
CVE-2022-35250 2022-09-23 MEDIUM 4.3 A privilege escalation vulnerability exists in Rocket.chat
CVE-2022-35249 2022-09-23 MEDIUM 4.3 A information disclosure vulnerability exists in Rocket.Chat
CVE-2022-35099 2022-09-23 MEDIUM 5.5 SWFTools commit 772e55a2 was discovered to contain a stack overflow via ImageStream::getPixel(unsigned char*) at /xpdf/Stream.cc.
CVE-2022-35098 2022-09-23 MEDIUM 5.5 SWFTools commit 772e55a2 was discovered to contain a heap-buffer overflow via GfxICCBasedColorSpace::getDefaultColor(GfxColor*) at /xpdf/GfxState.cc.
« Anterior Página 383 de 3519 Siguiente »