Vulnerabilidades CVE

A continuación la lista de las últimas vulnerabilidades publicadas por el instituto NIST:

Borrar filtros
CVE ID Publicado Severidad CVSS Descripción
CVE-2025-49956 2025-10-22 N/A 0.0 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Anandaraj Balu Fade Slider fade-slider allows Reflected XSS.This issue affects Fade Slider: from n/a through
CVE-2025-49955 2025-10-22 N/A 0.0 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Rajan Vijayan WP Smart Flexslider wp-smart-flexslider allows Reflected XSS.This issue affects WP Smart Flexslider: from n/a…
CVE-2025-49954 2025-10-22 N/A 0.0 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in mithra62 WP-Click-Tracker wp-click-track allows Reflected XSS.This issue affects WP-Click-Tracker: from n/a through
CVE-2025-49953 2025-10-22 N/A 0.0 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in themeinity ShareBang, Ultimate Social Share Buttons for WordPress sharebang allows Reflected XSS.This issue affects ShareBang, Ultimate…
CVE-2025-49952 2025-10-22 N/A 0.0 Authorization Bypass Through User-Controlled Key vulnerability in favethemes Houzez houzez allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Houzez: from n/a through
CVE-2025-49951 2025-10-22 N/A 0.0 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in wpcrunch gAppointments gAppointments allows Reflected XSS.This issue affects gAppointments: from n/a through
CVE-2025-49950 2025-10-22 N/A 0.0 Missing Authorization vulnerability in billingo Official Integration for Billingo billingo allows Privilege Escalation.This issue affects Official Integration for Billingo: from n/a through
CVE-2025-49949 2025-10-22 N/A 0.0 Missing Authorization vulnerability in templazee Templazee templazee allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Templazee: from n/a through
CVE-2025-49948 2025-10-22 N/A 0.0 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Ahmad Awais WP Super Edit wp-super-edit allows Reflected XSS.This issue affects WP Super Edit: from n/a…
CVE-2025-49947 2025-10-22 N/A 0.0 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in extendons WooCommerce Registration Fields Plugin - Custom Signup Fields extendons-registration-fields allows Reflected XSS.This issue affects WooCommerce…
CVE-2025-49946 2025-10-22 N/A 0.0 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Cynob IT Consultancy Auto Login After Registration auto-login-after-registration allows Reflected XSS.This issue affects Auto Login After…
CVE-2025-49945 2025-10-22 N/A 0.0 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in kylegetson Shortcode Generator shortcode-generator allows Reflected XSS.This issue affects Shortcode Generator: from n/a through
CVE-2025-49944 2025-10-22 N/A 0.0 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Jonatan Jumbert WPCode Content Ratio wpcode-content-ratio allows Reflected XSS.This issue affects WPCode Content Ratio: from n/a…
CVE-2025-49940 2025-10-22 N/A 0.0 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in ThemeFusion Fusion Builder fusion-builder allows DOM-Based XSS.This issue affects Fusion Builder: from n/a through
CVE-2025-49939 2025-10-22 N/A 0.0 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in CrocoBlock JetElements For Elementor jet-elements allows Stored XSS.This issue affects JetElements For Elementor: from n/a through
CVE-2025-49938 2025-10-22 N/A 0.0 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in CrocoBlock JetEngine jet-engine allows Stored XSS.This issue affects JetEngine: from n/a through
CVE-2025-61756 2025-10-21 HIGH 7.5 Vulnerability in the Oracle Financial Services Analytical Applications Infrastructure product of Oracle Financial Services Applications (component: System Configuration). Supported versions that are affected are 8.0.7.9, 8.0.8.7 and 8.1.2.5.…
CVE-2025-53048 2025-10-21 MEDIUM 5.4 Vulnerability in the PeopleSoft Enterprise PeopleTools product of Oracle PeopleSoft (component: Rich Text Editor). Supported versions that are affected are 8.60, 8.61 and 8.62. Easily exploitable vulnerability allows…
CVE-2025-61761 2025-10-21 MEDIUM 5.4 Vulnerability in the PeopleSoft Enterprise FIN Maintenance Management product of Oracle PeopleSoft (component: Work Order Management). The supported version that is affected is 9.2. Easily exploitable vulnerability allows…
CVE-2025-53047 2025-10-21 MEDIUM 5.8 Vulnerability in the Portable Clusterware component of Oracle Database Server. Supported versions that are affected are 19.3-19.28, 21.3-21.19 and 23.4-23.9. Easily exploitable vulnerability allows unauthenticated attacker with network…
CVE-2025-53046 2025-10-21 MEDIUM 4.9 Vulnerability in the Oracle ZFS Storage Appliance Kit product of Oracle Systems (component: Analytics). The supported version that is affected is 8.8. Easily exploitable vulnerability allows high privileged…
CVE-2025-53045 2025-10-21 MEDIUM 4.9 Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). Supported versions that are affected are 8.0.0-8.0.43, 8.4.0-8.4.6 and 9.0.0-9.4.0. Easily exploitable vulnerability allows high privileged attacker…
CVE-2025-53044 2025-10-21 MEDIUM 4.9 Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). Supported versions that are affected are 8.0.0-8.0.43, 8.4.0-8.4.6 and 9.0.0-9.4.0. Easily exploitable vulnerability allows high privileged attacker…
CVE-2025-53043 2025-10-21 HIGH 8.1 Vulnerability in the Oracle Product Hub product of Oracle E-Business Suite (component: Item Catalog). Supported versions that are affected are 12.2.3-12.2.14. Easily exploitable vulnerability allows low privileged attacker…
CVE-2025-53042 2025-10-21 MEDIUM 4.9 Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.0-8.0.43, 8.4.0-8.4.6 and 9.0.0-9.4.0. Easily exploitable vulnerability allows high privileged…
CVE-2025-52079 2025-10-21 HIGH 8.8 The administrator password setting of the D-Link DIR-820L 1.06B02 is has Improper Access Control and is vulnerable to Unverified Password Change via crafted POST request to /get_set.ccp.
CVE-2025-62478 2025-10-21 MEDIUM 4.9 Vulnerability in the Oracle ZFS Storage Appliance Kit product of Oracle Systems (component: Object Store). The supported version that is affected is 8.8. Easily exploitable vulnerability allows high…
CVE-2025-62477 2025-10-21 MEDIUM 4.9 Vulnerability in the Oracle ZFS Storage Appliance Kit product of Oracle Systems (component: Remote Replication). The supported version that is affected is 8.8. Easily exploitable vulnerability allows high…
CVE-2025-62476 2025-10-21 MEDIUM 4.9 Vulnerability in the Oracle ZFS Storage Appliance Kit product of Oracle Systems (component: Remote Replication). The supported version that is affected is 8.8. Easily exploitable vulnerability allows high…
CVE-2025-62475 2025-10-21 MEDIUM 4.9 Vulnerability in the Oracle ZFS Storage Appliance Kit product of Oracle Systems (component: Core). The supported version that is affected is 8.8. Easily exploitable vulnerability allows high privileged…
CVE-2025-62290 2025-10-21 HIGH 7.2 Vulnerability in the Oracle ZFS Storage Appliance Kit product of Oracle Systems (component: Block Storage). The supported version that is affected is 8.8. Easily exploitable vulnerability allows high…
CVE-2025-61885 2025-10-21 MEDIUM 4.3 Vulnerability in the Oracle Life Sciences InForm product of Oracle Health Sciences Applications (component: Web Server). The supported version that is affected is 7.0.1.0. Easily exploitable vulnerability allows…
CVE-2025-61881 2025-10-21 MEDIUM 5.9 Vulnerability in the Java VM component of Oracle Database Server. Supported versions that are affected are 19.3-19.28, 21.3-21.19 and 23.4-23.9. Difficult to exploit vulnerability allows unauthenticated attacker with…
CVE-2025-61764 2025-10-21 MEDIUM 5.3 Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: Core). Supported versions that are affected are 12.2.1.4.0, 14.1.1.0.0 and 14.1.2.0.0. Easily exploitable vulnerability allows unauthenticated…
CVE-2025-61763 2025-10-21 HIGH 8.1 Vulnerability in Oracle Essbase (component: Essbase Web Platform). The supported version that is affected is 21.7.3.0.0. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP…
CVE-2025-61762 2025-10-21 MEDIUM 6.3 Vulnerability in the PeopleSoft Enterprise FIN Payables product of Oracle PeopleSoft (component: Payables). The supported version that is affected is 9.2. Easily exploitable vulnerability allows low privileged attacker…
CVE-2025-61757 2025-10-21 CRITICAL 9.8 Vulnerability in the Identity Manager product of Oracle Fusion Middleware (component: REST WebServices). Supported versions that are affected are 12.2.1.4.0 and 14.1.2.1.0. Easily exploitable vulnerability allows unauthenticated attacker…
CVE-2025-60790 2025-10-21 MEDIUM 6.5 ProcessWire CMS 3.0.246 allows a low-privileged user with lang-edit to upload a crafted ZIP to Language Support that is auto-extracted without limits prior to validation, enabling resource-exhaustion Denial…
CVE-2025-60427 2025-10-21 MEDIUM 6.5 LibreTime 3.0.0-alpha.10 and possibly earlier is vulnerable to Broken Access Control, where a user with the DJ role can access analytics data via the Web UI and direct…
CVE-2025-53062 2025-10-21 MEDIUM 4.9 Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). Supported versions that are affected are 8.0.0-8.0.43, 8.4.0-8.4.6 and 9.0.0-9.4.0. Easily exploitable vulnerability allows high privileged attacker…
CVE-2025-53061 2025-10-21 MEDIUM 5.5 Vulnerability in the PeopleSoft Enterprise PeopleTools product of Oracle PeopleSoft (component: PIA Core Technology). Supported versions that are affected are 8.60, 8.61 and 8.62. Easily exploitable vulnerability allows…
CVE-2025-53060 2025-10-21 MEDIUM 6.1 Vulnerability in the JD Edwards EnterpriseOne Tools product of Oracle JD Edwards (component: Web Runtime SEC). Supported versions that are affected are 9.2.0.0-9.2.9.4. Easily exploitable vulnerability allows unauthenticated…
CVE-2025-53059 2025-10-21 MEDIUM 4.9 Vulnerability in the PeopleSoft Enterprise PeopleTools product of Oracle PeopleSoft (component: OpenSearch Dashboards). Supported versions that are affected are 8.60, 8.61 and 8.62. Easily exploitable vulnerability allows high…
CVE-2025-53058 2025-10-21 MEDIUM 6.1 Vulnerability in the Oracle Applications Manager product of Oracle E-Business Suite (component: Application Logging Interfaces). Supported versions that are affected are 12.2.3-12.2.14. Easily exploitable vulnerability allows unauthenticated attacker…
CVE-2025-53057 2025-10-21 MEDIUM 5.9 Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Security). Supported versions that are affected are Oracle…
CVE-2025-53041 2025-10-21 MEDIUM 6.1 Vulnerability in the Oracle iStore product of Oracle E-Business Suite (component: Shopping Cart). Supported versions that are affected are 12.2.5-12.2.14. Easily exploitable vulnerability allows unauthenticated attacker with network…
CVE-2025-53040 2025-10-21 MEDIUM 4.9 Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.0-8.0.43, 8.4.0-8.4.6 and 9.0.0-9.4.0. Easily exploitable vulnerability allows high privileged…
CVE-2025-53037 2025-10-21 CRITICAL 9.8 Vulnerability in the Oracle Financial Services Analytical Applications Infrastructure product of Oracle Financial Services Applications (component: Platform). Supported versions that are affected are 8.0.7.9, 8.0.8.7 and 8.1.2.5. Easily…
CVE-2025-53036 2025-10-21 HIGH 8.6 Vulnerability in the Oracle Financial Services Analytical Applications Infrastructure product of Oracle Financial Services Applications (component: Platform). Supported versions that are affected are 8.0.7.9, 8.0.8.7 and 8.1.2.5. Easily…
CVE-2025-53035 2025-10-21 MEDIUM 6.5 Vulnerability in the Oracle Financial Services Analytical Applications Infrastructure product of Oracle Financial Services Applications (component: Platform). Supported versions that are affected are 8.0.7.9, 8.0.8.7 and 8.1.2.5. Easily…
« Anterior Página 727 de 4304 Siguiente »