Vulnerabilidades CVE

A continuación la lista de las últimas vulnerabilidades publicadas por el instituto NIST:

Borrar filtros
CVE ID Publicado Severidad CVSS Descripción
CVE-2025-59671 2025-09-19 N/A 0.0 Rejected reason: Not used
CVE-2025-59670 2025-09-19 N/A 0.0 Rejected reason: Not used
CVE-2025-55912 2025-09-18 HIGH 7.3 An issue in ClipBucket 5.5.0 and prior versions allows an unauthenticated attacker can exploit the plupload endpoint in photo_uploader.php to upload arbitrary files without any authentication, due to…
CVE-2025-57452 2025-09-18 MEDIUM 6.1 In realme BackupRestore app v15.1.12_2810c08_250314, improper URI scheme handling in com.coloros.pc.PcToolMainActivity allows local attackers to cause a crash and potential XSS via crafted ADB intents.
CVE-2025-55911 2025-09-18 MEDIUM 6.5 An issue Clip Bucket v.5.5.2 Build#90 allows a remote attacker to execute arbitrary codes via the file_downloader.php and the file parameter
CVE-2025-50255 2025-09-18 HIGH 7.8 Cross Site Request Forgery (CSRF) vulnerability in Smartvista BackOffice SmartVista Suite 2.2.22 via crafted GET request.
CVE-2023-49565 2025-09-18 HIGH 8.4 The cbis_manager Podman container is vulnerable to remote command execution via the /api/plugins endpoint. Improper sanitization of the HTTP Headers X-FILENAME, X-PAGE, and X-FIELD allows for command injection.…
CVE-2023-49564 2025-09-18 HIGH 8.8 The CBIS/NCS Manager API is vulnerable to an authentication bypass. By sending a specially crafted HTTP header, an unauthenticated user can gain unauthorized access to API functions. This…
CVE-2024-13151 2025-09-18 CRITICAL 10.0 Authorization Bypass Through User-Controlled SQL Primary Key, CWE - 89 - Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Logo Software Diva…
CVE-2025-59410 2025-09-17 LOW 3.7 Dragonfly is an open source P2P-based file distribution and image acceleration system. Prior to 2.1.0, the code in the scheduler for downloading a tiny file is hard coded…
CVE-2025-36146 2025-09-18 MEDIUM 4.3 IBM Lakehouse (watsonx.data 2.2) could allow an authenticated user to obtain sensitive server component version information which could aid in further attacks against the system.
CVE-2025-36143 2025-09-18 MEDIUM 4.7 IBM Lakehouse (watsonx.data 2.2) could allow an authenticated privileged user to execute arbitrary commands on the system due to improper validation of user supplied input.
CVE-2025-36139 2025-09-18 MEDIUM 5.5 IBM Lakehouse (watsonx.data 2.2) is vulnerable to stored cross-site scripting. This vulnerability allows a privileged user to embed arbitrary JavaScript code in the Web UI thus altering the…
CVE-2025-10675 2025-09-18 MEDIUM 4.3 A security flaw has been discovered in fuyang_lipengjun platform 1.0. This impacts the function AttributeController of the file /attribute/queryAll. Performing manipulation results in improper authorization. Remote exploitation of…
CVE-2025-10674 2025-09-18 MEDIUM 4.3 A vulnerability was identified in fuyang_lipengjun platform 1.0. This affects the function AttributeCategoryController of the file /attributecategory/queryAll. Such manipulation leads to improper authorization. The attack may be launched…
CVE-2023-53447 2025-09-18 N/A 0.0 In the Linux kernel, the following vulnerability has been resolved: f2fs: don't reset unchangable mount option in f2fs_remount() syzbot reports a bug as below: general protection fault, probably…
CVE-2025-10616 2025-09-17 MEDIUM 6.3 A security flaw has been discovered in itsourcecode E-Commerce Website 1.0. Affected is an unknown function of the file /admin/users.php. The manipulation results in unrestricted upload. The attack…
CVE-2025-10615 2025-09-17 MEDIUM 6.3 A vulnerability was identified in itsourcecode E-Commerce Website 1.0. This impacts an unknown function of the file /admin/products.php. The manipulation leads to unrestricted upload. The attack can be…
CVE-2023-53446 2025-09-18 N/A 0.0 In the Linux kernel, the following vulnerability has been resolved: PCI/ASPM: Disable ASPM on MFD function removal to avoid use-after-free Struct pcie_link_state->downstream is a pointer to the pci_dev…
CVE-2023-53445 2025-09-18 N/A 0.0 In the Linux kernel, the following vulnerability has been resolved: net: qrtr: Fix a refcount bug in qrtr_recvmsg() Syzbot reported a bug as following: refcount_t: addition on 0;…
CVE-2023-53444 2025-09-18 N/A 0.0 In the Linux kernel, the following vulnerability has been resolved: drm/ttm: fix bulk_move corruption when adding a entry When the resource is the first in the bulk_move range,…
CVE-2023-53443 2025-09-18 N/A 0.0 In the Linux kernel, the following vulnerability has been resolved: mfd: arizona: Use pm_runtime_resume_and_get() to prevent refcnt leak In arizona_clk32k_enable(), we should use pm_runtime_resume_and_get() as pm_runtime_get_sync() will increase…
CVE-2023-53442 2025-09-18 N/A 0.0 In the Linux kernel, the following vulnerability has been resolved: ice: Block switchdev mode when ADQ is active and vice versa ADQ and switchdev are not supported simultaneously.…
CVE-2023-53441 2025-09-18 N/A 0.0 In the Linux kernel, the following vulnerability has been resolved: bpf: cpumap: Fix memory leak in cpu_map_update_elem Syzkaller reported a memory leak as follows: BUG: memory leak unreferenced…
CVE-2023-53440 2025-09-18 N/A 0.0 In the Linux kernel, the following vulnerability has been resolved: nilfs2: fix sysfs interface lifetime The current nilfs2 sysfs support has issues with the timing of creation and…
CVE-2023-53439 2025-09-18 N/A 0.0 In the Linux kernel, the following vulnerability has been resolved: net: skb_partial_csum_set() fix against transport header magic value skb->transport_header uses the special 0xFFFF value to mark if the…
CVE-2023-53438 2025-09-18 N/A 0.0 In the Linux kernel, the following vulnerability has been resolved: x86/MCE: Always save CS register on AMD Zen IF Poison errors The Instruction Fetch (IF) units on current…
CVE-2023-53437 2025-09-18 N/A 0.0 In the Linux kernel, the following vulnerability has been resolved: media: uvcvideo: Handle cameras with invalid descriptors If the source entity does not contain any pads, do not…
CVE-2023-53436 2025-09-18 N/A 0.0 In the Linux kernel, the following vulnerability has been resolved: scsi: snic: Fix possible memory leak if device_add() fails If device_add() returns error, the name allocated by dev_set_name()…
CVE-2023-53435 2025-09-18 N/A 0.0 In the Linux kernel, the following vulnerability has been resolved: cassini: Fix a memory leak in the error handling path of cas_init_one() cas_saturn_firmware_init() allocates some memory using vmalloc().…
CVE-2023-53434 2025-09-18 N/A 0.0 In the Linux kernel, the following vulnerability has been resolved: remoteproc: imx_dsp_rproc: Add custom memory copy implementation for i.MX DSP Cores The IRAM is part of the HiFi…
CVE-2023-53433 2025-09-18 N/A 0.0 In the Linux kernel, the following vulnerability has been resolved: net: add vlan_get_protocol_and_depth() helper Before blamed commit, pskb_may_pull() was used instead of skb_header_pointer() in __vlan_get_protocol() and friends. Few…
CVE-2023-53432 2025-09-18 N/A 0.0 In the Linux kernel, the following vulnerability has been resolved: firewire: net: fix use after free in fwnet_finish_incoming_packet() The netif_rx() function frees the skb so we can't dereference…
CVE-2023-53431 2025-09-18 N/A 0.0 In the Linux kernel, the following vulnerability has been resolved: scsi: ses: Don't attach if enclosure has no components An enclosure with no components can't usefully be operated…
CVE-2023-53430 2025-09-18 N/A 0.0 In the Linux kernel, the following vulnerability has been resolved: wifi: mt76: dma: fix memory leak running mt76_dma_tx_cleanup Fix device unregister memory leak and alway cleanup all configured…
CVE-2023-53429 2025-09-18 N/A 0.0 In the Linux kernel, the following vulnerability has been resolved: btrfs: don't check PageError in __extent_writepage __extent_writepage currenly sets PageError whenever any error happens, and the also checks…
CVE-2023-53428 2025-09-18 N/A 0.0 In the Linux kernel, the following vulnerability has been resolved: powercap: arm_scmi: Remove recursion while parsing zones Powercap zones can be defined as arranged in a hierarchy of…
CVE-2023-53427 2025-09-18 N/A 0.0 In the Linux kernel, the following vulnerability has been resolved: cifs: Fix warning and UAF when destroy the MR list If the MR allocate failed, the MR recovery…
CVE-2023-53426 2025-09-18 N/A 0.0 In the Linux kernel, the following vulnerability has been resolved: xsk: Fix xsk_diag use-after-free error during socket cleanup Fix a use-after-free error that is possible if the xsk_diag…
CVE-2023-53425 2025-09-18 N/A 0.0 In the Linux kernel, the following vulnerability has been resolved: media: platform: mediatek: vpu: fix NULL ptr dereference If pdev is NULL, then it is still dereferenced. This…
CVE-2023-53424 2025-09-18 N/A 0.0 In the Linux kernel, the following vulnerability has been resolved: clk: mediatek: fix of_iomap memory leak Smatch reports: drivers/clk/mediatek/clk-mtk.c:583 mtk_clk_simple_probe() warn: 'base' from of_iomap() not released on lines:…
CVE-2023-53423 2025-09-18 N/A 0.0 In the Linux kernel, the following vulnerability has been resolved: objtool: Fix memory leak in create_static_call_sections() strdup() allocates memory for key_name. We need to release the memory in…
CVE-2023-53422 2025-09-18 N/A 0.0 In the Linux kernel, the following vulnerability has been resolved: wifi: iwlwifi: fw: fix memory leak in debugfs Fix a memory leak that occurs when reading the fw_info…
CVE-2023-53421 2025-09-18 N/A 0.0 In the Linux kernel, the following vulnerability has been resolved: blk-cgroup: Reinit blkg_iostat_set after clearing in blkcg_reset_stats() When blkg_alloc() is called to allocate a blkcg_gq structure with the…
CVE-2023-53420 2025-09-18 N/A 0.0 In the Linux kernel, the following vulnerability has been resolved: ntfs: Fix panic about slab-out-of-bounds caused by ntfs_listxattr() Here is a BUG report from syzbot: BUG: KASAN: slab-out-of-bounds…
CVE-2023-53419 2025-09-18 N/A 0.0 In the Linux kernel, the following vulnerability has been resolved: rcu: Protect rcu_print_task_exp_stall() ->exp_tasks access For kernels built with CONFIG_PREEMPT_RCU=y, the following scenario can result in a NULL-pointer…
CVE-2023-49367 2025-09-18 N/A 0.0 An issue in user interface in Kyocera Command Center RX EXOSYS M5521cdn allows remote to obtain sensitive information via inspecting sent packages by user.
CVE-2022-50419 2025-09-18 N/A 0.0 In the Linux kernel, the following vulnerability has been resolved: Bluetooth: hci_sysfs: Fix attempting to call device_add multiple times device_add shall not be called multiple times as stated…
CVE-2022-50418 2025-09-18 N/A 0.0 In the Linux kernel, the following vulnerability has been resolved: wifi: ath11k: mhi: fix potential memory leak in ath11k_mhi_register() mhi_alloc_controller() allocates a memory space for mhi_ctrl. When gets…
CVE-2022-50417 2025-09-18 N/A 0.0 In the Linux kernel, the following vulnerability has been resolved: drm/panfrost: Fix GEM handle creation ref-counting panfrost_gem_create_with_handle() previously returned a BO but with the only reference being from…
« Anterior Página 813 de 4304 Siguiente »