Skip to content
Toggle Navigation
ISO/IEC 27001
Introducción a ISO 27001
Requisitos Normativos
ISO 27001 – GAP Analysis (Tool)
Concientización
Todos el contenido
Ciberseguridad
Introducción a la ciberseguridad
Defensa de sistemas informáticos
Amenazas y tendencias
Eventos de ciberseguridad
Glosario
Todos los artículos
Vulnerabilidades CVE
Desarrollo seguro (SDLC)
Desarrollo de software seguro
Normativa y Leyes
Leyes de protección de datos
Agencias nacionales de ciberseguridad
Contacto
Vulnerabilidades CVE
Vulnerabilidades CVE
drmunozcl
2025-06-04T18:44:58-04:00
Vulnerabilidades CVE
A continuación la lista de las últimas vulnerabilidades publicadas por el instituto NIST:
Filtrar por severidad:
Todas
NONE
LOW
MEDIUM
HIGH
CRITICAL
UNKNOWN
Filtrar
CVE ID
Publicado
Severidad
CVSS
Descripción
CVE-2024-22667
2024-02-05
HIGH
7.8
Vim before 9.0.2142 has a stack-based buffer overflow because did_set_langmap in map.c calls sprintf to write to the error buffer…
CVE-2024-22902
2024-02-02
CRITICAL
9.8
Vinchin Backup & Recovery v7.2 was discovered to be configured with default root credentials.
CVE-2024-22901
2024-02-02
CRITICAL
9.8
Vinchin Backup & Recovery v7.2 was discovered to use default MYSQL credentials.
CVE-2024-22239
2024-02-06
MEDIUM
5.3
Aria Operations for Networks contains a local privilege escalation vulnerability. A console user with access to Aria Operations for Networks may…
CVE-2024-22237
2024-02-06
HIGH
7.8
Aria Operations for Networks contains a local privilege escalation vulnerability. A console user with access to Aria Operations for Networks may…
CVE-2024-22107
2024-02-02
HIGH
7.2
An issue was discovered in GTB Central Console 15.17.1-30814.NG. The method systemSettingsDnsDataAction at /opt/webapp/src/AppBundle/Controller/React/SystemSettingsController.php is vulnerable to command injection via…
CVE-2024-21485
2024-02-02
MEDIUM
6.5
Versions of the package dash-core-components before 2.13.0; versions of the package dash-core-components before 2.0.0; versions of the package dash before…
CVE-2024-20904
2024-01-16
MEDIUM
5.0
Vulnerability in the Oracle Business Intelligence Enterprise Edition product of Oracle Analytics (component: Pod Admin). Supported versions that are affected…
CVE-2024-20813
2024-02-06
HIGH
8.4
Out-of-bounds Write in padmd_vld_qtbl of libpadm.so prior to SMR Feb-2024 Release 1 allows local attacker to execute arbitrary code.
CVE-2024-20812
2024-02-06
HIGH
8.4
Out-of-bounds Write in padmd_vld_htbl of libpadm.so prior to SMR Feb-2024 Release 1 allows local attacker to execute arbitrary code.
CVE-2024-20007
2024-02-05
HIGH
7.5
In mp3 decoder, there is a possible out of bounds write due to a race condition. This could lead to…
CVE-2024-20001
2024-02-05
MEDIUM
6.7
In TVAPI, there is a possible out of bounds write due to a missing bounds check. This could lead to…
CVE-2024-1110
2024-02-07
MEDIUM
5.3
The Podlove Podcast Publisher plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check…
CVE-2024-1284
2024-02-07
CRITICAL
9.8
Use after free in Mojo in Google Chrome prior to 121.0.6167.160 allowed a remote attacker to potentially exploit heap corruption…
CVE-2024-0797
2024-02-05
MEDIUM
4.3
The Active Products Tables for WooCommerce. Professional products tables for WooCommerce store plugin for WordPress is vulnerable to unauthorized access…
CVE-2024-0699
2024-02-05
MEDIUM
6.6
The AI Engine: Chatbots, Generators, Assistants, GPT 4 and more! plugin for WordPress is vulnerable to arbitrary file uploads due…
CVE-2024-0324
2024-02-05
HIGH
8.2
The User Profile Builder – Beautiful User Registration Forms, User Profiles & User Role Editor plugin for WordPress is vulnerable…
CVE-2023-6925
2024-02-05
HIGH
7.2
The Unlimited Addons for WPBakery Page Builder plugin for WordPress is vulnerable to arbitrary file uploads due to insufficient file…
CVE-2023-6635
2024-02-05
HIGH
7.2
The EditorsKit plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation on the 'import_styles'…
CVE-2023-7077
2024-02-05
CRITICAL
9.8
Sharp NEC Displays (P403, P463, P553, P703, P801, X554UN, X464UN, X554UNS, X464UNV, X474HB, X464UNS, X554UNV, X555UNS, X555UNV, X754HB, X554HB, E705,…
CVE-2023-50292
2024-02-09
HIGH
7.5
Incorrect Permission Assignment for Critical Resource, Improper Control of Dynamically-Managed Code Resources vulnerability in Apache Solr. This issue affects Apache…
CVE-2023-50291
2024-02-09
HIGH
7.5
Insufficiently Protected Credentials vulnerability in Apache Solr. This issue affects Apache Solr: from 6.0.0 through 8.11.2, from 9.0.0 before 9.3.0.…
CVE-2023-5643
2024-02-05
HIGH
7.8
Out-of-bounds Write vulnerability in Arm Ltd Bifrost GPU Kernel Driver, Arm Ltd Valhall GPU Kernel Driver, Arm Ltd Arm 5th…
CVE-2023-50026
2024-02-09
CRITICAL
9.8
SQL injection vulnerability in Presta Monster "Multi Accessories Pro" (hsmultiaccessoriespro) module for PrestaShop versions 5.1.1 and before, allows remote attackers…
CVE-2023-47354
2024-02-06
HIGH
7.8
An issue in the PowerOffWidgetReceiver function of Super Reboot (Root) Recovery v1.0.3 allows attackers to arbitrarily reset or power off…
CVE-2023-46045
2024-02-02
HIGH
7.8
Graphviz 2.36.0 through 9.x before 10.0.1 has an out-of-bounds read via a crafted config6a file. NOTE: exploitability may be uncommon…
CVE-2023-40266
2024-02-08
CRITICAL
9.8
An issue was discovered in Atos Unify OpenScape Xpressions WebAssistant V7 before V7R1 FR5 HF42 P911. It allows path traversal.
CVE-2023-42282
2024-02-08
CRITICAL
9.8
The ip package before 1.1.9 for Node.js might allow SSRF because some IP addresses (such as 0x7f.1) are improperly categorized…
CVE-2023-43183
2024-02-03
HIGH
8.8
Incorrect access control in Reprise License Management Software Reprise License Manager v15.1 allows read-only users to arbitrarily change the password…
CVE-2023-42871
2024-01-10
HIGH
7.8
The issue was addressed with improved memory handling. This issue is fixed in macOS Sonoma 14, iOS 17 and iPadOS…
CVE-2023-39683
2024-02-09
MEDIUM
6.1
Cross Site Scripting (XSS) vulnerability in EasyEmail v.4.12.2 and before allows a local attacker to execute arbitrary code via the…
CVE-2023-40263
2024-02-08
HIGH
8.8
An issue was discovered in Atos Unify OpenScape Voice Trace Manager V8 before V8 R0.9.11. It allows authenticated command injection…
CVE-2023-40265
2024-02-08
HIGH
8.8
An issue was discovered in Atos Unify OpenScape Xpressions WebAssistant V7 before V7R1 FR5 HF42 P911. It allows authenticated remote…
CVE-2023-38995
2024-02-07
CRITICAL
9.8
An issue in SCHUHFRIED v.8.22.00 allows remote attacker to obtain the database password via crafted curl command.
CVE-2022-38670
2022-10-14
HIGH
7.8
In soundrecorder service, there is a missing permission check. This could lead to elevation of privilege in contacts service with…
CVE-2022-35040
2022-10-14
MEDIUM
6.5
OTFCC commit 617837b was discovered to contain a heap buffer overflow via /release-x64/otfccdump+0x6b5567.
CVE-2025-3139
2025-04-03
MEDIUM
5.3
A vulnerability was found in code-projects Bus Reservation System 1.0 and classified as critical. Affected by this issue is the…
CVE-2025-3172
2025-04-03
HIGH
7.3
A vulnerability, which was classified as critical, has been found in Project Worlds Online Lawyer Management System 1.0. This issue…
CVE-2025-3175
2025-04-03
HIGH
7.3
A vulnerability was found in Project Worlds Online Lawyer Management System 1.0 and classified as critical. Affected by this issue…
CVE-2025-3176
2025-04-03
HIGH
7.3
A vulnerability was found in Project Worlds Online Lawyer Management System 1.0. It has been classified as critical. This affects…
CVE-2025-2299
2025-04-03
MEDIUM
6.1
The LuckyWP Table of Contents plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and…
CVE-2025-3198
2025-04-04
LOW
3.3
A vulnerability has been found in GNU Binutils 2.43/2.44 and classified as problematic. Affected by this vulnerability is the function…
CVE-2025-2734
2025-03-25
HIGH
7.3
A vulnerability, which was classified as critical, was found in PHPGurukul Old Age Home Management System 1.0. Affected is an…
CVE-2025-2735
2025-03-25
HIGH
7.3
A vulnerability has been found in PHPGurukul Old Age Home Management System 1.0 and classified as critical. Affected by this…
CVE-2025-2736
2025-03-25
HIGH
7.3
A vulnerability was found in PHPGurukul Old Age Home Management System 1.0 and classified as critical. Affected by this issue…
CVE-2024-10472
2025-03-25
MEDIUM
5.9
The Stylish Price List WordPress plugin before 7.1.12 does not sanitise and escape some of its settings, which could allow…
CVE-2024-10554
2025-03-25
LOW
3.5
The WordPress WP-Advanced-Search WordPress plugin before 3.3.9.3 does not sanitise and escape some of its settings, which could allow high…
CVE-2022-42080
2022-10-12
HIGH
7.5
Tenda AC1206 US_AC1206V1.0RTL_V15.03.06.23_multi_TD01 was discovered to contain a heap overflow via sched_start_time parameter.
CVE-2022-42079
2022-10-12
HIGH
7.5
Tenda AC1206 US_AC1206V1.0RTL_V15.03.06.23_multi_TD01 was discovered to contain a stack overflow via the function formWifiBasicSet.
CVE-2022-42078
2022-10-12
MEDIUM
6.5
Tenda AC1206 US_AC1206V1.0RTL_V15.03.06.23_multi_TD01 is vulnerable to Cross Site Request Forgery (CSRF) via function fromSysToolRestoreSet.
« Anterior
Página 439 de 3529
Siguiente »
Page load link
Go to Top
