Skip to content
Toggle Navigation
ISO/IEC 27001
Introducción a ISO 27001
Requisitos Normativos
ISO 27001 – GAP Analysis (Tool)
Concientización
Todos el contenido
Ciberseguridad
Introducción a la ciberseguridad
Defensa de sistemas informáticos
Amenazas y tendencias
Eventos de ciberseguridad
Glosario
Todos los artículos
Vulnerabilidades CVE
Desarrollo seguro (SDLC)
Desarrollo de software seguro
Normativa y Leyes
Leyes de protección de datos
Agencias nacionales de ciberseguridad
Contacto
Vulnerabilidades CVE
Vulnerabilidades CVE
drmunozcl
2025-06-04T18:44:58-04:00
Vulnerabilidades CVE
A continuación la lista de las últimas vulnerabilidades publicadas por el instituto NIST:
Filtrar por severidad:
Todas
NONE
LOW
MEDIUM
HIGH
CRITICAL
UNKNOWN
Filtrar
CVE ID
Publicado
Severidad
CVSS
Descripción
CVE-2022-42070
2022-10-14
HIGH
8.8
Online Birth Certificate Management System version 1.0 is vulnerable to Cross Site Request Forgery (CSRF).
CVE-2022-42069
2022-10-14
MEDIUM
5.4
Online Birth Certificate Management System version 1.0 suffers from a persistent Cross Site Scripting (XSS) vulnerability.
CVE-2022-42066
2022-10-14
MEDIUM
6.1
Online Examination System version 1.0 suffers from a cross site scripting vulnerability via index.php.
CVE-2022-42064
2022-10-14
CRITICAL
9.8
Online Diagnostic Lab Management System version 1.0 remote exploit that bypasses login with SQL injection and then uploads a shell.
CVE-2022-41598
2022-10-14
LOW
3.4
The phones have the heap overflow, out-of-bounds read, and null pointer vulnerabilities in the fingerprint trusted application (TA).Successful exploitation of…
CVE-2022-41589
2022-10-14
HIGH
7.5
The DFX unwind stack module of the ArkCompiler has a vulnerability in interface calling.Successful exploitation of this vulnerability affects system…
CVE-2022-41536
2022-10-14
HIGH
7.2
Open Source SACCO Management System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /sacco_shield/manage_user.php.
CVE-2022-41538
2022-10-14
HIGH
8.8
Wedding Planner v1.0 was discovered to contain an arbitrary file upload vulnerability in the component /Wedding-Management-PHP/admin/photos_add.php. This vulnerability allows attackers…
CVE-2022-41436
2022-10-14
CRITICAL
9.1
An issue in OXHOO TP50 OXH1.50 allows unauthenticated attackers to access the administrative panel via browsing to the URL http://device_ip/index1.html.
CVE-2022-41416
2022-10-14
HIGH
7.2
Online Tours & Travels Management System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at…
CVE-2022-41477
2022-10-14
CRITICAL
9.1
A security issue was discovered in WeBid
CVE-2022-41308
2022-10-14
HIGH
7.8
A maliciously crafted PKT file when consumed through SubassemblyComposer.exe application could lead to memory corruption vulnerability by read access violation.…
CVE-2022-41535
2022-10-14
HIGH
7.2
Open Source SACCO Management System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /sacco_shield/manage_borrower.php.
CVE-2022-3149
2022-10-17
MEDIUM
6.1
The WP Custom Cursors WordPress plugin before 3.0.1 does not have CSRF check in place when creating and editing cursors,…
CVE-2022-41307
2022-10-14
HIGH
7.8
A maliciously crafted PKT file when consumed through SubassemblyComposer.exe application could lead to memory corruption vulnerability by read access violation.…
CVE-2022-41306
2022-10-14
HIGH
7.8
A maliciously crafted PCT file when consumed through DesignReview.exe application could lead to memory corruption vulnerability by write access violation.…
CVE-2022-41304
2022-10-14
HIGH
7.8
An Out-Of-Bounds Write Vulnerability in Autodesk FBX SDK 2020 version and prior may lead to code execution through maliciously crafted…
CVE-2022-41303
2022-10-14
HIGH
7.8
A user may be tricked into opening a malicious FBX file which may exploit a use-after-free vulnerability in Autodesk FBX…
CVE-2022-41302
2022-10-14
HIGH
7.8
An Out-Of-Bounds Read Vulnerability in Autodesk FBX SDK version 2020. and prior may lead to code execution or information disclosure…
CVE-2022-3139
2022-10-17
MEDIUM
4.8
The We’re Open! WordPress plugin before 1.42 does not sanitise and escape some of its settings, which could allow high…
CVE-2022-3131
2022-10-17
HIGH
7.2
The Search Logger WordPress plugin through 0.9 does not properly sanitise and escape a parameter before using it in a…
CVE-2022-3126
2022-10-17
MEDIUM
4.3
The Frontend File Manager Plugin WordPress plugin before 21.4 does not have CSRF check when uploading files, which could allow…
CVE-2022-39128
2022-10-14
MEDIUM
5.5
In sensor driver, there is a possible out of bounds write due to a missing bounds check. This could lead…
CVE-2022-39127
2022-10-14
MEDIUM
5.5
In sensor driver, there is a possible out of bounds write due to a missing bounds check. This could lead…
CVE-2022-39126
2022-10-14
MEDIUM
5.5
In sensor driver, there is a possible out of bounds write due to a missing bounds check. This could lead…
CVE-2022-39125
2022-10-14
MEDIUM
5.5
In sensor driver, there is a possible out of bounds write due to a missing bounds check. This could lead…
CVE-2022-39124
2022-10-14
MEDIUM
5.5
In sensor driver, there is a possible out of bounds write due to a missing bounds check. This could lead…
CVE-2022-39123
2022-10-14
MEDIUM
5.5
In sensor driver, there is a possible out of bounds write due to a missing bounds check. This could lead…
CVE-2022-39122
2022-10-14
MEDIUM
5.5
In sensor driver, there is a possible out of bounds write due to a missing bounds check. This could lead…
CVE-2025-2062
2025-03-07
HIGH
7.3
A vulnerability classified as critical has been found in projectworlds Life Insurance Management System 1.0. Affected is an unknown function…
CVE-2022-33217
2022-10-19
HIGH
7.8
Memory corruption in Qualcomm IPC due to buffer copy without checking the size of input while starting communication with a…
CVE-2022-39121
2022-10-14
MEDIUM
5.5
In sensor driver, there is a possible out of bounds write due to a missing bounds check. This could lead…
CVE-2022-32177
2022-10-14
CRITICAL
9.0
In "Gin-Vue-Admin", versions v2.5.1 through v2.5.3beta are vulnerable to Unrestricted File Upload that leads to execution of javascript code, through…
CVE-2025-2063
2025-03-07
HIGH
7.3
A vulnerability classified as critical was found in projectworlds Life Insurance Management System 1.0. Affected by this vulnerability is an…
CVE-2025-2064
2025-03-07
HIGH
7.3
A vulnerability, which was classified as critical, has been found in projectworlds Life Insurance Management System 1.0. Affected by this…
CVE-2025-2065
2025-03-07
HIGH
7.3
A vulnerability, which was classified as critical, was found in projectworlds Life Insurance Management System 1.0. This affects an unknown…
CVE-2025-2066
2025-03-07
HIGH
7.3
A vulnerability has been found in projectworlds Life Insurance Management System 1.0 and classified as critical. This vulnerability affects unknown…
CVE-2025-2067
2025-03-07
HIGH
7.3
A vulnerability was found in projectworlds Life Insurance Management System 1.0 and classified as critical. This issue affects some unknown…
CVE-2024-9638
2025-01-07
MEDIUM
4.8
The Category Posts Widget WordPress plugin before 4.9.18 does not sanitise and escape some of its settings, which could allow…
CVE-2024-48245
2025-01-07
HIGH
7.2
Vehicle Management System 1.0 is vulnerable to SQL Injection. A guest user can exploit vulnerable POST parameters in various administrative…
CVE-2024-7277
2024-07-31
MEDIUM
4.7
A vulnerability was found in itsourcecode Alton Management System 1.0 and classified as critical. Affected by this issue is some…
CVE-2024-7276
2024-07-30
MEDIUM
4.7
A vulnerability has been found in itsourcecode Alton Management System 1.0 and classified as critical. Affected by this vulnerability is…
CVE-2024-7278
2024-07-31
MEDIUM
4.7
A vulnerability was found in itsourcecode Alton Management System 1.0. It has been classified as critical. This affects an unknown…
CVE-2024-45985
2024-09-26
MEDIUM
4.7
A Cross Site Scripting (XSS) vulnerability in update_contact.php of Blood Bank and Donation Management System v1.0 allows an attacker to…
CVE-2024-45984
2024-09-26
MEDIUM
4.7
A Cross Site Scripting (XSS) vulnerability in add_donor.php of Blood Bank And Donation Management System 1.0 allows an attacker to…
CVE-2024-10151
2025-01-08
MEDIUM
5.4
The Auto iFrame WordPress plugin before 2.0 does not validate and escape some of its shortcode attributes before outputting them…
CVE-2024-12585
2025-01-08
MEDIUM
6.1
The Property Hive WordPress plugin before 2.1.1 does not sanitise and escape a parameter before outputting it back in the…
CVE-2024-44587
2024-09-05
HIGH
8.8
itsourcecode Alton Management System 1.0 is vulnerable to SQL Injection in /noncombo_save.php via the "menu" parameter.
CVE-2024-37871
2024-07-09
HIGH
8.2
SQL injection vulnerability in login.php in Itsourcecode Online Discussion Forum Project in PHP with Source Code 1.0 allows remote attackers…
CVE-2024-10815
2025-01-09
MEDIUM
4.2
The PostLists WordPress plugin through 2.0.2 does not escape the $_SERVER['REQUEST_URI'] parameter before outputting it back in an attribute, which…
« Anterior
Página 448 de 3529
Siguiente »
Page load link
Go to Top
