Vulnerabilidades CVE

A continuación la lista de las últimas vulnerabilidades publicadas por el instituto NIST:

CVE ID Publicado Severidad CVSS Descripción
CVE-2025-54845 2025-08-01 N/A 0.0 Rejected reason: Not used
CVE-2025-54844 2025-08-01 N/A 0.0 Rejected reason: Not used
CVE-2025-54843 2025-08-01 N/A 0.0 Rejected reason: Not used
CVE-2025-54842 2025-08-01 N/A 0.0 Rejected reason: Not used
CVE-2025-54841 2025-08-01 N/A 0.0 Rejected reason: Not used
CVE-2025-54840 2025-08-01 N/A 0.0 Rejected reason: Not used
CVE-2025-54839 2025-08-01 N/A 0.0 Rejected reason: Not used
CVE-2025-54657 2025-08-01 N/A 0.0 Rejected reason: Not used
CVE-2025-53399 2025-08-01 N/A 0.0 In Sipwise rtpengine before 13.4.1.1, an origin-validation error in the endpoint-learning logic of the media-relay core allows remote attackers to…
CVE-2019-19145 2025-08-01 MEDIUM 5.8 Quantum SuperLoader 3 V94.0 005E.0h devices allow attackers to access the hardcoded fa account because there are only 65536 possible…
CVE-2025-5954 2025-08-01 CRITICAL 9.8 The Service Finder SMS System plugin for WordPress is vulnerable to privilege escalation via account takeover in all versions up…
CVE-2025-8431 2025-08-01 HIGH 7.3 A vulnerability has been found in PHPGurukul Boat Booking System 1.0 and classified as critical. This vulnerability affects unknown code…
CVE-2023-32251 2025-07-31 LOW 3.7 A vulnerability has been identified in the Linux kernel's ksmbd component (kernel SMB/CIFS server). A security control designed to prevent…
CVE-2025-48073 2025-07-31 N/A 0.0 OpenEXR provides the specification and reference implementation of the EXR file format, an image storage format for the motion picture…
CVE-2025-48072 2025-07-31 N/A 0.0 OpenEXR provides the specification and reference implementation of the EXR file format, an image storage format for the motion picture…
CVE-2025-50866 2025-07-31 MEDIUM 6.1 CloudClassroom-PHP-Project 1.0 contains a reflected Cross-site Scripting (XSS) vulnerability in the email parameter of the postquerypublic endpoint. Improper sanitization allows…
CVE-2025-48071 2025-07-31 N/A 0.0 OpenEXR provides the specification and reference implementation of the EXR file format, an image storage format for the motion picture…
CVE-2025-45768 2025-07-31 HIGH 7.0 pyjwt v2.10.1 was discovered to contain weak encryption.
CVE-2025-23289 2025-07-31 MEDIUM 5.5 NVIDIA Omniverse Launcher for Windows and Linux contains a vulnerability in the launcher logs, where a user could cause sensitive…
CVE-2025-45770 2025-07-31 HIGH 7.0 jwt v5.4.3 was discovered to contain weak encryption.
CVE-2025-45769 2025-07-31 HIGH 7.3 php-jwt v6.11.0 was discovered to contain weak encryption.
CVE-2025-8286 2025-07-31 CRITICAL 9.8 Güralp FMUS series seismic monitoring devices expose an unauthenticated Telnet-based command line interface that could allow an attacker to modify hardware…
CVE-2025-50867 2025-07-31 MEDIUM 6.5 A SQL Injection vulnerability exists in the takeassessment2.php endpoint of the CloudClassroom-PHP-Project 1.0, where the Q5 POST parameter is directly…
CVE-2025-50850 2025-07-31 HIGH 8.6 An issue was discovered in CS Cart 4.18.3 allows the vendor login functionality lacks essential security controls such as CAPTCHA…
CVE-2025-51569 2025-07-31 MEDIUM 6.1 A cross-site scripting (XSS) vulnerability exists in the LB-Link BL-CPE300M 01.01.02P42U14_06 router's web interface. The /goform/goform_get_cmd_process endpoint fails to sanitize…
CVE-2025-50572 2025-07-31 HIGH 8.8 An issue was discovered in Archer Technology RSA Archer 6.11.00204.10014 allowing attackers to execute arbitrary code via crafted system inputs…
CVE-2025-50848 2025-07-31 MEDIUM 6.1 A file upload vulnerability was discovered in CS Cart 4.18.3, allows attackers to execute arbitrary code. CS Cart 4.18.3 allows…
CVE-2025-50847 2025-07-31 MEDIUM 6.5 Cross Site Request Forgery (CSRF) vulnerability in CS Cart 4.18.3, allows attackers to add products to a user's comparison list…
CVE-2025-50270 2025-07-31 MEDIUM 6.1 A stored Cross Site Scripting (xss) vulnerability in the "content management" feature in AnQiCMS v.3.4.11 allows a remote attacker to…
CVE-2025-37112 2025-07-31 MEDIUM 6.0 A vulnerability was discovered in the storage policy for certain sets of encryption keys in the HPE Telco Network Function…
CVE-2025-37111 2025-07-31 MEDIUM 6.0 A vulnerability was discovered in the storage policy for certain sets of authentication keys in the HPE Telco Network Function…
CVE-2025-37110 2025-07-31 MEDIUM 6.0 A vulnerability was discovered in the storage policy for certain sets of sensitive credential information in the HPE Telco Network…
CVE-2025-37109 2025-07-31 LOW 3.5 Cross-site scripting vulnerability has been identified in HPE Telco Service Activator product
CVE-2025-37108 2025-07-31 LOW 3.5 Cross-site scripting vulnerability has been identified in HPE Telco Service Activator product
CVE-2025-29557 2025-07-31 MEDIUM 5.4 ExaGrid EX10 6.3 - 7.0.1.P08 is vulnerable to Incorrect Access Control in the MailConfiguration API endpoint, where users with operator-level…
CVE-2025-26064 2025-07-31 HIGH 7.3 A cross-site scripting (XSS) vulnerability in Intelbras RX1500 v2.2.9 and RX3000 v1.0.11 allows attackers to execute arbitrary web scripts or…
CVE-2025-26063 2025-07-31 CRITICAL 9.8 An issue in Intelbras RX1500 v2.2.9 and RX3000 v1.0.11 allows unauthenticated attackers to execute arbitrary code via injecting a crafted…
CVE-2025-26062 2025-07-31 CRITICAL 9.8 An access control issue in Intelbras RX1500 v2.2.9 and RX3000 v1.0.11 allows unauthenticated attackers to access the router's settings file…
CVE-2025-29556 2025-07-31 HIGH 7.3 ExaGrid EX10 6.3 - 7.0.1.P08 is vulnerable to Incorrect Access Control. Since version 6.3, ExaGrid enforces restrictions preventing users with…
CVE-2024-34328 2025-07-31 MEDIUM 6.3 An open redirect in Sielox AnyWare v2.1.2 allows attackers to execute a man-in-the-middle attack via a crafted URL.
CVE-2024-34327 2025-07-31 MEDIUM 6.5 Sielox AnyWare v2.1.2 was discovered to contain a SQL injection vulnerability via the email address field of the password reset…
CVE-2025-51503 2025-07-31 HIGH 7.6 A Stored Cross-Site Scripting (XSS) vulnerability in Microweber CMS 2.0 allows attackers to inject malicious scripts into user profile fields,…
CVE-2025-51385 2025-07-31 LOW 3.5 D-LINK DI-8200 16.07.26A1 is vulnerable to Buffer Overflow in the yyxz_dlink_asp function via the id parameter.
CVE-2025-51384 2025-07-31 LOW 3.5 D-LINK DI-8200 16.07.26A1 is vulnerable to Buffer Overflow in the ipsec_net_asp function via the remot_ip parameter.
CVE-2025-51383 2025-07-31 LOW 3.5 D-LINK DI-8200 16.07.26A1 is vulnerable to Buffer Overflow in the ipsec_road_asp function via the host_ip parameter.
CVE-2025-8426 2025-07-31 CRITICAL 9.4 Marvell QConvergeConsole compressConfigFiles Directory Traversal Information Disclosure and Denial-of-Service Vulnerability. This vulnerability allows remote attackers to disclose sensitive information or…
CVE-2025-54834 2025-07-31 MEDIUM 5.3 OPEXUS FOIAXpress Public Access Link (PAL) version v11.1.0 allows an unauthenticated, remote attacker to query the /App/CreateRequest.aspx endpoint to check…
CVE-2025-54833 2025-07-31 MEDIUM 5.3 OPEXUS FOIAXpress Public Access Link (PAL) version v11.1.0 allows attackers to bypass account-lockout and CAPTCHA protections. Unauthenticated remote attackers can…
CVE-2025-54832 2025-07-31 MEDIUM 4.3 OPEXUS FOIAXpress Public Access Link (PAL), version v11.1.0, allows an authenticated user to add entries to the list of states…
CVE-2025-8409 2025-07-31 HIGH 7.3 A vulnerability has been found in code-projects Vehicle Management 1.0 and classified as critical. Affected by this vulnerability is an…
« Anterior Página 4 de 3360 Siguiente »