Vulnerabilidades CVE

A continuación la lista de las últimas vulnerabilidades publicadas por el instituto NIST:

Borrar filtros
CVE ID Publicado Severidad CVSS Descripción
CVE-2025-39961 2025-10-09 N/A 0.0 In the Linux kernel, the following vulnerability has been resolved: iommu/amd/pgtbl: Fix possible race while increase page table level The AMD IOMMU host page table implementation supports dynamic…
CVE-2025-39960 2025-10-09 N/A 0.0 In the Linux kernel, the following vulnerability has been resolved: gpiolib: acpi: initialize acpi_gpio_info struct Since commit 7c010d463372 ("gpiolib: acpi: Make sure we fill struct acpi_gpio_info"), uninitialized acpi_gpio_info…
CVE-2025-10240 2025-10-09 HIGH 8.8 A vulnerability exists in the Progress Flowmon web application prior to version 12.5.5, whereby a user who clicks a malicious link provided by an attacker may inadvertently trigger…
CVE-2025-10239 2025-10-09 HIGH 7.2 In Flowmon versions prior to 12.5.5, a vulnerability has been identified that allows a user with administrator privileges and access to the management interface to execute additional unintended…
CVE-2025-9371 2025-10-09 MEDIUM 6.4 The Betheme theme for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘page_title’ parameter in all versions up to, and including, 28.1.6 due to insufficient input sanitization…
CVE-2025-2934 2025-10-09 MEDIUM 4.3 GitLab has remediated an issue in GitLab CE/EE affecting all versions from 5.2 prior to 18.2.8, 18.3 prior to 18.3.4, and 18.4 prior to 18.4.2 that could have…
CVE-2025-11340 2025-10-09 HIGH 7.7 GitLab has remediated an issue in GitLab EE affecting all versions from 18.3 to 18.3.4, 18.4 to 18.4.2 that, under certain conditions, could have allowed authenticated users with…
CVE-2025-10249 2025-10-09 MEDIUM 6.5 The Slider Revolution plugin for WordPress is vulnerable to unauthorized access and modification of data due to a missing capability check on several functions in all versions up…
CVE-2025-10004 2025-10-09 HIGH 7.5 GitLab has remediated an issue in GitLab CE/EE affecting all versions from 13.12 to 18.2.8, 18.3 to 18.3.4, and 18.4 to 18.4.2 that could make the GitLab instance…
CVE-2025-39959 2025-10-09 N/A 0.0 In the Linux kernel, the following vulnerability has been resolved: ASoC: amd: acp: Fix incorrect retrival of acp_chip_info Use dev_get_drvdata(dev->parent) instead of dev_get_platdata(dev) to correctly obtain acp_chip_info members…
CVE-2025-39958 2025-10-09 N/A 0.0 In the Linux kernel, the following vulnerability has been resolved: iommu/s390: Make attach succeed when the device was surprise removed When a PCI device is removed with surprise…
CVE-2025-39957 2025-10-09 N/A 0.0 In the Linux kernel, the following vulnerability has been resolved: wifi: mac80211: increase scan_ies_len for S1G Currently the S1G capability element is not taken into account for the…
CVE-2025-39956 2025-10-09 N/A 0.0 In the Linux kernel, the following vulnerability has been resolved: igc: don't fail igc_probe() on LED setup error When igc_led_setup() fails, igc_probe() fails and triggers kernel panic in…
CVE-2025-39955 2025-10-09 N/A 0.0 In the Linux kernel, the following vulnerability has been resolved: tcp: Clear tcp_sk(sk)->fastopen_rsk in tcp_disconnect(). syzbot reported the splat below where a socket had tcp_sk(sk)->fastopen_rsk in the TCP_ESTABLISHED…
CVE-2025-39954 2025-10-09 N/A 0.0 In the Linux kernel, the following vulnerability has been resolved: clk: sunxi-ng: mp: Fix dual-divider clock rate readback When dual-divider clock support was introduced, the P divider offset…
CVE-2025-10862 2025-10-09 HIGH 7.5 The Popup builder with Gamification, Multi-Step Popups, Page-Level Targeting, and WooCommerce Triggers plugin for WordPress is vulnerable to SQL Injection in all versions up to, and including, 2.1.3.…
CVE-2025-11539 2025-10-09 CRITICAL 9.9 Grafana Image Renderer is vulnerable to remote code execution due to an arbitrary file write vulnerability. This is due to the fact that the /render/csv endpoint lacked validation of…
CVE-2025-11522 2025-10-09 CRITICAL 9.8 The Search & Go - Directory WordPress Theme theme for WordPress is vulnerable to Authentication Bypass via account takeover in all versions up to, and including, 2.7. This…
CVE-2025-7634 2025-10-09 CRITICAL 9.8 The WP Travel Engine – Tour Booking Plugin – Tour Operator Software plugin for WordPress is vulnerable to Local File Inclusion in all versions up to, and including,…
CVE-2025-7526 2025-10-09 CRITICAL 9.8 The WP Travel Engine – Tour Booking Plugin – Tour Operator Software plugin for WordPress is vulnerable to arbitrary file deletion (via renaming) due to insufficient file path…
CVE-2025-6038 2025-10-09 HIGH 8.8 The Lisfinity Core - Lisfinity Core plugin used for pebas® Lisfinity WordPress theme plugin for WordPress is vulnerable to privilege escalation via password update in all versions up…
CVE-2025-47355 2025-10-09 HIGH 7.8 Memory corruption while invoking remote procedure IOCTL calls.
CVE-2025-47354 2025-10-09 HIGH 7.8 Memory corruption while allocating buffers in DSP service.
CVE-2025-47351 2025-10-09 HIGH 7.8 Memory corruption while processing user buffers.
CVE-2025-47349 2025-10-09 HIGH 7.8 Memory corruption while processing an escape call.
CVE-2025-47347 2025-10-09 HIGH 7.8 Memory corruption while processing control commands in the virtual memory management interface.
CVE-2025-47342 2025-10-09 HIGH 7.1 Transient DOS may occur when multi-profile concurrency arises with QHS enabled.
CVE-2025-47341 2025-10-09 HIGH 7.8 memory corruption while processing an image encoding completion event.
CVE-2025-47340 2025-10-09 HIGH 7.8 Memory corruption while processing IOCTL call to get the mapping.
CVE-2025-47338 2025-10-09 HIGH 7.8 Memory corruption while processing escape commands from userspace.
CVE-2025-27060 2025-10-09 HIGH 8.8 Memory corruption while performing SCM call with malformed inputs.
CVE-2025-27059 2025-10-09 HIGH 8.8 Memory corruption while performing SCM call.
CVE-2025-27054 2025-10-09 HIGH 7.8 Memory corruption while processing a malformed license file during reboot.
CVE-2025-27053 2025-10-09 HIGH 7.8 Memory corruption during PlayReady APP usecase while processing TA commands.
CVE-2025-27049 2025-10-09 MEDIUM 5.5 Transient DOS while processing IOCTL call for image encoding.
CVE-2025-27048 2025-10-09 HIGH 7.8 Memory corruption while processing camera platform driver IOCTL calls.
CVE-2025-27045 2025-10-09 MEDIUM 6.1 Information disclosure while processing batch command execution in Video driver.
CVE-2025-27041 2025-10-09 MEDIUM 5.5 Transient DOS while processing video packets received from video firmware.
CVE-2025-27040 2025-10-09 MEDIUM 6.5 Information disclosure may occur while processing the hypervisor log.
CVE-2025-27039 2025-10-09 MEDIUM 6.6 Memory corruption may occur while processing IOCTL call for DMM/WARPNCC CONFIG request.
CVE-2025-11529 2025-10-09 HIGH 7.3 A security flaw has been discovered in ChurchCRM up to 5.18.0. This impacts the function AuthMiddleware of the file src/ChurchCRM/Slim/Middleware/AuthMiddleware.php of the component API Endpoint. The manipulation results…
CVE-2025-11166 2025-10-09 MEDIUM 5.4 The WP Go Maps (formerly WP Google Maps) plugin for WordPress is vulnerable to Cross-Site Request Forgery (CSRF) in all versions up to, and including, 9.0.46. This is…
CVE-2025-10586 2025-10-09 CRITICAL 9.8 The Community Events plugin for WordPress is vulnerable to SQL Injection via the ‘event_venue’ parameter in all versions up to, and including, 1.5.1 due to insufficient escaping on…
CVE-2025-10496 2025-10-09 HIGH 7.2 The Cookie Notice & Consent plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the uuid parameter in all versions up to, and including, 1.6.5 due to…
CVE-2025-11516 2025-10-09 MEDIUM 6.3 A weakness has been identified in code-projects Online Complaint Site 1.0. Impacted is an unknown function of the file /cms/users/complaint-details.php. Executing manipulation of the argument cid can lead…
CVE-2025-11515 2025-10-09 MEDIUM 6.3 A security flaw has been discovered in code-projects Online Complaint Site 1.0. This issue affects some unknown processing of the file /cms/users/register-complaint.php. Performing manipulation of the argument cid…
CVE-2025-11514 2025-10-09 MEDIUM 6.3 A vulnerability was identified in code-projects Online Complaint Site 1.0. This vulnerability affects unknown code of the file /cms/users/index.php. Such manipulation of the argument Username leads to sql…
CVE-2025-11513 2025-10-09 HIGH 7.3 A vulnerability was determined in code-projects E-Commerce Website 1.0. This affects an unknown part of the file /pages/supplier_update.php. This manipulation of the argument supp_id causes sql injection. The…
CVE-2025-11512 2025-10-09 MEDIUM 4.3 A vulnerability was found in code-projects Voting System 1.0. Affected by this issue is some unknown functionality of the file /admin/voters_add.php. The manipulation of the argument Firstname/Lastname/Platform results…
CVE-2025-61913 2025-10-08 CRITICAL 9.9 Flowise is a drag & drop user interface to build a customized large language model flow. In versions prior to 3.0.8, WriteFileTool and ReadFileTool in Flowise do not…
« Anterior Página 758 de 4304 Siguiente »