Vulnerabilidades CVE

A continuación la lista de las últimas vulnerabilidades publicadas por el instituto NIST:

Borrar filtros
CVE ID Publicado Severidad CVSS Descripción
CVE-2023-53319 2025-09-16 N/A 0.0 In the Linux kernel, the following vulnerability has been resolved: KVM: arm64: Handle kvm_arm_init failure correctly in finalize_pkvm Currently there is no synchronisation between finalize_pkvm() and kvm_arm_init() initcalls.…
CVE-2023-53318 2025-09-16 N/A 0.0 In the Linux kernel, the following vulnerability has been resolved: recordmcount: Fix memory leaks in the uwrite function Common realloc mistake: 'file_append' nulled but not freed upon failure
CVE-2023-53317 2025-09-16 N/A 0.0 In the Linux kernel, the following vulnerability has been resolved: ext4: fix WARNING in mb_find_extent Syzbot found the following issue: EXT4-fs: Warning: mounting with data=journal disables delayed allocation,…
CVE-2023-53316 2025-09-16 N/A 0.0 In the Linux kernel, the following vulnerability has been resolved: drm/msm/dp: Free resources after unregistering them The DP component's unbind operation walks through the submodules to unregister and…
CVE-2023-53315 2025-09-16 N/A 0.0 In the Linux kernel, the following vulnerability has been resolved: wifi: ath11k: Fix SKB corruption in REO destination ring While running traffics for a long time, randomly an…
CVE-2023-53314 2025-09-16 N/A 0.0 In the Linux kernel, the following vulnerability has been resolved: fbdev/ep93xx-fb: Do not assign to struct fb_info.dev Do not assing the Linux device to struct fb_info.dev. The call…
CVE-2023-53313 2025-09-16 N/A 0.0 In the Linux kernel, the following vulnerability has been resolved: md/raid10: fix wrong setting of max_corr_read_errors There is no input check when echo md/max_read_errors and overflow might occur.…
CVE-2023-53312 2025-09-16 N/A 0.0 In the Linux kernel, the following vulnerability has been resolved: net: fix net_dev_start_xmit trace event vs skb_transport_offset() After blamed commit, we must be more careful about using skb_transport_offset(),…
CVE-2023-53311 2025-09-16 N/A 0.0 In the Linux kernel, the following vulnerability has been resolved: nilfs2: fix use-after-free of nilfs_root in dirtying inodes via iput During unmount process of nilfs2, nothing holds nilfs_root…
CVE-2023-53310 2025-09-16 N/A 0.0 In the Linux kernel, the following vulnerability has been resolved: power: supply: axp288_fuel_gauge: Fix external_power_changed race fuel_gauge_external_power_changed() dereferences info->bat, which gets sets in axp288_fuel_gauge_probe() like this: info->bat =…
CVE-2023-53309 2025-09-16 N/A 0.0 In the Linux kernel, the following vulnerability has been resolved: drm/radeon: Fix integer overflow in radeon_cs_parser_init The type of size is unsigned, if size is 0x40000000, there will…
CVE-2023-53308 2025-09-16 N/A 0.0 In the Linux kernel, the following vulnerability has been resolved: net: fec: Better handle pm_runtime_get() failing in .remove() In the (unlikely) event that pm_runtime_get() (disguised as pm_runtime_resume_and_get()) fails,…
CVE-2023-53307 2025-09-16 N/A 0.0 In the Linux kernel, the following vulnerability has been resolved: rbd: avoid use-after-free in do_rbd_add() when rbd_dev_create() fails If getting an ID or setting up a work queue…
CVE-2023-53306 2025-09-16 N/A 0.0 In the Linux kernel, the following vulnerability has been resolved: fsdax: force clear dirty mark if CoW XFS allows CoW on non-shared extents to combat fragmentation[1]. The old…
CVE-2023-53305 2025-09-16 N/A 0.0 In the Linux kernel, the following vulnerability has been resolved: Bluetooth: L2CAP: Fix use-after-free Fix potential use-after-free in l2cap_le_command_rej.
CVE-2023-53304 2025-09-16 N/A 0.0 In the Linux kernel, the following vulnerability has been resolved: netfilter: nft_set_rbtree: fix overlap expiration walk The lazy gc on insert that should remove timed-out entries fails to…
CVE-2022-50352 2025-09-16 N/A 0.0 In the Linux kernel, the following vulnerability has been resolved: net: hns: fix possible memory leak in hnae_ae_register() Inject fault while probing module, if device_register() fails, but the…
CVE-2022-50351 2025-09-16 N/A 0.0 In the Linux kernel, the following vulnerability has been resolved: cifs: Fix xid leak in cifs_create() If the cifs already shutdown, we should free the xid before return,…
CVE-2022-50350 2025-09-16 N/A 0.0 In the Linux kernel, the following vulnerability has been resolved: scsi: target: iscsi: Fix a race condition between login_work and the login thread In case a malicious initiator…
CVE-2022-50349 2025-09-16 N/A 0.0 In the Linux kernel, the following vulnerability has been resolved: misc: tifm: fix possible memory leak in tifm_7xx1_switch_media() If device_register() returns error in tifm_7xx1_switch_media(), name of kobject which…
CVE-2022-50348 2025-09-16 N/A 0.0 In the Linux kernel, the following vulnerability has been resolved: nfsd: Fix a memory leak in an error handling path If this memdup_user() call fails, the memory allocated…
CVE-2022-50347 2025-09-16 N/A 0.0 In the Linux kernel, the following vulnerability has been resolved: mmc: rtsx_usb_sdmmc: fix return value check of mmc_add_host() mmc_add_host() may return error, if we ignore its return value,…
CVE-2022-50346 2025-09-16 N/A 0.0 In the Linux kernel, the following vulnerability has been resolved: ext4: init quota for 'old.inode' in 'ext4_rename' Syzbot found the following issue: ext4_parse_param: s_want_extra_isize=128 ext4_inode_info_init: s_want_extra_isize=32 ext4_rename: old.inode=ffff88823869a2c8…
CVE-2022-50345 2025-09-16 N/A 0.0 In the Linux kernel, the following vulnerability has been resolved: NFSD: Protect against send buffer overflow in NFSv3 READ Since before the git era, NFSD has conserved the…
CVE-2022-50344 2025-09-16 N/A 0.0 In the Linux kernel, the following vulnerability has been resolved: ext4: fix null-ptr-deref in ext4_write_info I caught a null-ptr-deref bug as follows: ================================================================== KASAN: null-ptr-deref in range [0x0000000000000068-0x000000000000006f]…
CVE-2022-50343 2025-09-16 N/A 0.0 In the Linux kernel, the following vulnerability has been resolved: rapidio: fix possible name leaks when rio_add_device() fails Patch series "rapidio: fix three possible memory leaks". This patchset…
CVE-2022-50342 2025-09-16 N/A 0.0 In the Linux kernel, the following vulnerability has been resolved: floppy: Fix memory leak in do_floppy_init() A memory leak was reported when floppy_alloc_disk() failed in do_floppy_init(). unreferenced object…
CVE-2022-50341 2025-09-16 N/A 0.0 In the Linux kernel, the following vulnerability has been resolved: cifs: fix oops during encryption When running xfstests against Azure the following oops occurred on an arm64 system…
CVE-2022-50340 2025-09-16 N/A 0.0 In the Linux kernel, the following vulnerability has been resolved: media: vimc: Fix wrong function called when vimc_init() fails In vimc_init(), when platform_driver_register(&vimc_pdrv) fails, platform_driver_unregister(&vimc_pdrv) is wrongly called…
CVE-2022-50339 2025-09-16 N/A 0.0 In the Linux kernel, the following vulnerability has been resolved: Bluetooth: avoid hci_dev_test_and_set_flag() in mgmt_init_hdev() syzbot is again reporting attempt to cancel uninitialized work at mgmt_index_removed() [1], for…
CVE-2025-58749 2025-09-16 N/A 0.0 WebAssembly Micro Runtime (WAMR) is a lightweight standalone WebAssembly (Wasm) runtime. In WAMR versions prior to 2.4.2, when running in LLVM-JIT mode, the runtime cannot exit normally when…
CVE-2025-30075 2025-09-16 LOW 2.2 In Alludo MindManager before 25.0.208 on Windows, attackers could potentially execute code as other local users on the same machine if they could write DLL files to directories…
CVE-2025-8894 2025-09-16 HIGH 7.8 A maliciously crafted PDF file, when parsed through certain Autodesk products, can force a Heap-Based Overflow vulnerability. A malicious actor can leverage this vulnerability to cause a crash,…
CVE-2025-8893 2025-09-16 HIGH 7.8 A maliciously crafted PDF file, when parsed through certain Autodesk products, can force an Out-of-Bounds Write vulnerability. A malicious actor may leverage this vulnerability to cause a crash,…
CVE-2025-59333 2025-09-16 HIGH 8.1 The mcp-database-server (MCP Server) 1.1.0 and earlier, as distributed via the npm package @executeautomation/database-server, fails to implement adequate security controls to properly enforce a "read-only" mode. This vulnerability…
CVE-2025-59270 2025-09-16 LOW 3.1 psPAS PowerShell module does not explicitly enforce TLS 1.2 within the 'Get-PASSAMLResponse' function during the SAML authentication process. An unauthenticated attacker in a 'Man-in-the-Middle' position could manipulate the…
CVE-2025-57145 2025-09-16 MEDIUM 5.4 A cross-site scripting (XSS) vulnerability exists in the search-autootaxi.php endpoint of the ATSMS web application. The application fails to properly sanitize user input submitted through a form field,…
CVE-2025-56295 2025-09-16 HIGH 7.3 code-projects Computer Laboratory System 1.0 has a file upload vulnerability. Staff can upload malicious files by uploading PHP backdoor files when modifying personal avatar information and use web…
CVE-2025-56293 2025-09-16 MEDIUM 5.4 code-projects Human Resource Integrated System 1.0 is vulnerable to Cross Site Scripting (XSS) in the Add Child Information section in the Childs Name field.
CVE-2025-56289 2025-09-16 MEDIUM 5.4 code-projects Document Management System 1.0 has a Cross Site Scripting (XSS) vulnerability, where attackers can leak admin's cookie information by entering malicious XSS code in the Company field…
CVE-2025-56280 2025-09-16 MEDIUM 5.4 code-projects Food Ordering Review System 1.0 is vulnerable to Cross Site Scripting (XSS) in the area where users submit reservation information.
CVE-2025-4953 2025-09-16 HIGH 7.4 A flaw was found in Podman. In a Containerfile or Podman, data written to RUN --mount=type=bind mounts during the podman build is not discarded. This issue can lead…
CVE-2025-41243 2025-09-16 CRITICAL 10.0 Spring Cloud Gateway Server Webflux may be vulnerable to Spring Environment property modification. An application should be considered vulnerable when all the following are true: * The application…
CVE-2025-36244 2025-09-16 HIGH 7.4 IBM AIX 7.2, 7.3, IBM VIOS 3.1, and 4.1, when configured to use Kerberos network authentication, could allow a local user to write to files on the system…
CVE-2024-13174 2025-09-16 HIGH 8.6 Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in E1 Informatics Web Application allows SQL Injection.This issue affects Web Application: through 20250916.  NOTE:…
CVE-2024-13149 2025-09-16 CRITICAL 9.8 Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection'), CWE - 200 - Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Arma Store…
CVE-2009-20007 2025-09-16 N/A 0.0 Talkative IRC v0.4.4.16 is vulnerable to a stack-based buffer overflow when processing specially crafted response strings sent to a connected client. An attacker can exploit this flaw by…
CVE-2009-20006 2025-09-16 N/A 0.0 osCommerce versions up to and including 2.2 RC2a contain a vulnerability in its administrative file manager utility (admin/file_manager.php). The interface allows file uploads and edits without sufficient input…
CVE-2009-20005 2025-09-16 N/A 0.0 A stack-based buffer overflow exists in the UtilConfigHome.csp endpoint of InterSystems Caché 2009.1. The vulnerability is triggered by sending a specially crafted HTTP GET request containing an oversized…
CVE-2025-56697 2025-09-16 MEDIUM 6.1 A Stored Cross-Site Scripting (XSS) vulnerability was discovered in the /users/adminpanel/admin/home.php?page=feedbacks file of Kashipara Computer Base Test v1.0. Attackers can inject malicious scripts via the smyFeedbacks POST parameter…
« Anterior Página 822 de 4304 Siguiente »