Vulnerabilidades CVE

A continuación la lista de las últimas vulnerabilidades publicadas por el instituto NIST:

CVE ID Publicado Severidad CVSS Descripción
CVE-2025-44651 2025-07-21 N/A 0.0 In TRENDnet TPL-430AP FW1.0, the USERLIMIT_GLOBAL option is set to 0 in the bftpd-related configuration file. This can cause DoS…
CVE-2025-44650 2025-07-21 N/A 0.0 In Netgear R7000 V1.3.1.64_10.1.36 and EAX80 V1.0.1.70_1.0.2, the USERLIMIT_GLOBAL option is set to 0 in the bftpd.conf configuration file. This…
CVE-2025-44647 2025-07-21 N/A 0.0 In TRENDnet TEW-WLC100P 2.03b03, the i_dont_care_about_security_and_use_aggressive_mode_psk option is enabled in the strongSwan configuration file, so that IKE Responders are allowed…
CVE-2025-54362 2025-07-22 N/A 0.0 Rejected reason: Not used
CVE-2025-54361 2025-07-22 N/A 0.0 Rejected reason: Not used
CVE-2025-54360 2025-07-22 N/A 0.0 Rejected reason: Not used
CVE-2025-54359 2025-07-22 N/A 0.0 Rejected reason: Not used
CVE-2025-54358 2025-07-22 N/A 0.0 Rejected reason: Not used
CVE-2025-54357 2025-07-22 N/A 0.0 Rejected reason: Not used
CVE-2025-54356 2025-07-22 N/A 0.0 Rejected reason: Not used
CVE-2025-54355 2025-07-22 N/A 0.0 Rejected reason: Not used
CVE-2025-54354 2025-07-22 N/A 0.0 Rejected reason: Not used
CVE-2025-6235 2025-07-21 N/A 0.0 In ExtremeControl before 25.5.12, a cross-site scripting (XSS) vulnerability was discovered in a login interface of the affected application. The…
CVE-2025-46117 2025-07-21 HIGH 8.8 An issue was discovered in CommScope Ruckus Unleashed prior to 200.15.6.212.14 and 200.17.7.0.139, and in Ruckus ZoneDirector prior to 10.5.1.0.279,…
CVE-2025-46116 2025-07-21 HIGH 8.8 An issue was discovered in CommScope Ruckus Unleashed prior to 200.15.6.212.14 and 200.17.7.0.139, and in Ruckus ZoneDirector prior to 10.5.1.0.279,…
CVE-2025-7928 2025-07-21 HIGH 7.3 A vulnerability was found in code-projects Church Donation System 1.0 and classified as critical. This issue affects some unknown processing…
CVE-2025-7927 2025-07-21 MEDIUM 6.3 A vulnerability has been found in PHPGurukul Online Banquet Booking System 1.0 and classified as critical. This vulnerability affects unknown…
CVE-2025-46123 2025-07-21 N/A 0.0 An issue was discovered in CommScope Ruckus Unleashed prior to 200.15.6.212.14 and 200.17.7.0.139, and in Ruckus ZoneDirector prior to 10.5.1.0.279,…
CVE-2025-46122 2025-07-21 N/A 0.0 An issue was discovered in CommScope Ruckus Unleashed prior to 200.15.6.212.14 and 200.17.7.0.139, where the authenticated diagnostics API endpoint `/admin/_cmdstat.jsp`…
CVE-2025-46121 2025-07-21 N/A 0.0 An issue was discovered in CommScope Ruckus Unleashed prior to 200.15.6.212.14 and 200.17.7.0.139, where the functions `stamgr_cfg_adpt_addStaFavourite` and `stamgr_cfg_adpt_addStaIot` pass…
CVE-2025-46120 2025-07-21 N/A 0.0 An issue was discovered in CommScope Ruckus Unleashed prior to 200.14.6.1.203 and in Ruckus ZoneDirector, where a path-traversal flaw in…
CVE-2025-46119 2025-07-21 N/A 0.0 An issue was discovered in CommScope Ruckus Unleashed prior to 200.15.6.12.304, where an authenticated request to the management endpoint `/admin/_cmdstat.jsp`…
CVE-2025-50151 2025-07-21 HIGH 8.8 File access paths in configuration files uploaded by users with administrator access are not validated. This issue affects Apache Jena…
CVE-2025-49656 2025-07-21 HIGH 7.5 Users with administrator access can create databases files outside the files area of the Fuseki server. This issue affects Apache…
CVE-2025-46118 2025-07-21 N/A 0.0 An issue was discovered in CommScope Ruckus Unleashed prior to 200.15.6.212.14 and 200.17.7.0.139 and in Ruckus ZoneDirector prior to 10.5.1.0.279,…
CVE-2025-43977 2025-07-21 N/A 0.0 The com.skt.prod.dialer application through 12.5.0 for Android enables any installed application (with no permissions) to place phone calls without user…
CVE-2025-43976 2025-07-21 N/A 0.0 The com.enflick.android.tn2ndLine application through 24.17.1.0 for Android enables any installed application (with no permissions) to place phone calls without user…
CVE-2025-7926 2025-07-21 LOW 3.5 A vulnerability, which was classified as problematic, was found in PHPGurukul Online Banquet Booking System 1.0. This affects an unknown…
CVE-2025-7624 2025-07-21 CRITICAL 9.8 An SQL injection vulnerability in the legacy (transparent) SMTP proxy of Sophos Firewall versions older than 21.0 MR2 (21.0.2) can…
CVE-2025-7382 2025-07-21 HIGH 8.8 A command injection vulnerability in WebAdmin of Sophos Firewall versions older than 21.0 MR2 (21.0.2) can lead to adjacent attackers achieving…
CVE-2025-6704 2025-07-21 CRITICAL 9.8 An arbitrary file writing vulnerability in the Secure PDF eXchange (SPX) feature of Sophos Firewall versions older than 21.0 MR2…
CVE-2025-4130 2025-07-21 HIGH 7.5 Use of Hard-coded Credentials vulnerability in PAVO Inc. PAVO Pay allows Read Sensitive Constants Within an Executable.This issue affects PAVO…
CVE-2025-4129 2025-07-21 HIGH 7.5 Authorization Bypass Through User-Controlled Key vulnerability in PAVO Inc. PAVO Pay allows Exploitation of Trusted Identifiers.This issue affects PAVO Pay:…
CVE-2024-13974 2025-07-21 HIGH 8.1 A business logic vulnerability in the Up2Date component of Sophos Firewall older than version 21.0 MR1 (20.0.1) can lead to…
CVE-2024-13973 2025-07-21 MEDIUM 6.8 A post-auth SQL injection vulnerability in WebAdmin of Sophos Firewall versions older than 21.0 MR1 (21.0.1) can potentially lead to…
CVE-2025-7925 2025-07-21 MEDIUM 4.3 A vulnerability, which was classified as problematic, has been found in PHPGurukul Online Banquet Booking System 1.0. Affected by this…
CVE-2025-7924 2025-07-21 LOW 3.5 A vulnerability classified as problematic was found in PHPGurukul Online Banquet Booking System 1.0. Affected by this vulnerability is an…
CVE-2025-7911 2025-07-20 HIGH 8.8 A vulnerability classified as critical was found in D-Link DI-8100 1.0. This vulnerability affects the function sprintf of the file…
CVE-2025-7910 2025-07-20 HIGH 8.8 A vulnerability classified as critical has been found in D-Link DIR-513 1.10. This affects the function sprintf of the file…
CVE-2025-7909 2025-07-20 HIGH 8.8 A vulnerability was found in D-Link DIR-513 1.0. It has been rated as critical. Affected by this issue is the…
CVE-2025-7908 2025-07-20 HIGH 8.8 A vulnerability was found in D-Link DI-8100 1.0. It has been declared as critical. Affected by this vulnerability is the…
CVE-2025-7907 2025-07-20 MEDIUM 4.3 A vulnerability was found in yangzongzhuan RuoYi up to 4.8.1. It has been classified as problematic. Affected is an unknown…
CVE-2025-7898 2025-07-20 MEDIUM 4.7 A vulnerability was found in Codecanyon iDentSoft 2.0. It has been classified as critical. This affects an unknown part of…
CVE-2025-4040 2025-07-21 HIGH 7.1 Authorization Bypass Through User-Controlled Key vulnerability in Turpak Automatic Station Monitoring System allows Privilege Escalation.This issue affects Automatic Station Monitoring…
CVE-2025-41100 2025-07-21 N/A 0.0 Incorrect authentication vulnerability in ParkingDoor. Through this vulnerability it is possible to operate the device without the access being logged…
CVE-2025-30192 2025-07-21 HIGH 7.5 An attacker spoofing answers to ECS enabled requests sent out by the Recursor has a chance of success higher than…
CVE-2025-2301 2025-07-21 MEDIUM 4.4 Authorization Bypass Through User-Controlled Key vulnerability in Akbim Software Online Exam Registration allows Exploitation of Trusted Identifiers.This issue affects Online…
CVE-2025-5681 2025-07-21 MEDIUM 6.5 Authorization Bypass Through User-Controlled Key vulnerability in Turtek Software Eyotek allows Exploitation of Trusted Identifiers.This issue affects Eyotek: before 23.06.2025.
CVE-2025-41459 2025-07-21 HIGH 7.8 Insufficient protection against brute-force and runtime manipulation in the local authentication component in Two App Studio Journey 5.5.6 on iOS…
CVE-2025-41458 2025-07-21 MEDIUM 5.5 Unencrypted storage in the database in Two App Studio Journey v5.5.9 for iOS allows local attackers to extract sensitive data…
« Anterior Página 88 de 3418 Siguiente »