Vulnerabilidades CVE

A continuación la lista de las últimas vulnerabilidades publicadas por el instituto NIST:

CVE ID	Publicado	Severidad	CVSS	Descripción
CVE-2025-54631	2025-08-06	MEDIUM	6.7	Vulnerability of insufficient data length verification in the partition module. Impact: Successful exploitation of this vulnerability may affect availability.
CVE-2025-54630	2025-08-06	MEDIUM	6.8	:Vulnerability of insufficient data length verification in the DFA module. Impact: Successful exploitation of this vulnerability may affect availability.
CVE-2025-54629	2025-08-06	MEDIUM	6.7	Race condition issue occurring in the physical page import process of the memory management module. Impact: Successful exploitation of this vulnerability may affect service integrity.
CVE-2025-54628	2025-08-06	MEDIUM	5.3	Vulnerability of incomplete verification information in the communication module. Impact: Successful exploitation of this vulnerability may affect availability.
CVE-2025-54627	2025-08-06	HIGH	8.8	Out-of-bounds write vulnerability in the skia module. Impact: Successful exploitation of this vulnerability may affect service confidentiality.
CVE-2025-54626	2025-08-06	MEDIUM	4.4	Pointer dangling vulnerability in the cjwindow module. Impact: Successful exploitation of this vulnerability may affect function stability.
CVE-2025-54625	2025-08-06	MEDIUM	6.7	Race condition vulnerability in the kernel file system module. Impact: Successful exploitation of this vulnerability may affect availability.
CVE-2025-54624	2025-08-06	MEDIUM	5.7	Unexpected injection event vulnerability in the multimodalinput module. Impact: Successful exploitation of this vulnerability may affect availability.
CVE-2025-8656	2025-08-06	MEDIUM	6.8	Kenwood DMX958XR Protection Mechanism Failure Software Downgrade Vulnerability. This vulnerability allows physically present attackers to downgrade software on affected installations of Kenwood DMX958XR devices. Authentication is not required…
CVE-2025-8655	2025-08-06	MEDIUM	6.8	Kenwood DMX958XR libSystemLib Command injection Remote Code Execution Vulnerability. This vulnerability allows physically present attackers to execute arbitrary code on affected installations of Kenwood DMX958XR devices. Authentication is…
CVE-2025-8654	2025-08-06	HIGH	8.8	Kenwood DMX958XR ReadMVGImage Command Injection Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Kenwood DMX958XR devices. Authentication is not…
CVE-2025-8653	2025-08-06	HIGH	8.8	Kenwood DMX958XR JKRadioService Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Kenwood DMX958XR. Authentication is not…
CVE-2025-8652	2025-08-06	MEDIUM	6.8	Kenwood DMX958XR JKWifiService Command Injection Remote Code Execution Vulnerability. This vulnerability allows physically present attackers to execute arbitrary code on affected installations of Kenwood DMX958XR devices. Authentication is…
CVE-2025-8651	2025-08-06	MEDIUM	6.8	Kenwood DMX958XR JKWifiService Command Injection Remote Code Execution Vulnerability. This vulnerability allows physically present attackers to execute arbitrary code on affected installations of Kenwood DMX958XR devices. Authentication is…
CVE-2025-8650	2025-08-06	MEDIUM	6.8	Kenwood DMX958XR libSystemLib Command Injection Remote Code Execution Vulnerability. This vulnerability allows physically present attackers to execute arbitrary code on affected installations of Kenwood DMX958XR devices. Authentication is…
CVE-2025-8649	2025-08-06	MEDIUM	6.8	Kenwood DMX958XR JKWifiService Command Injection Remote Code Execution Vulnerability. This vulnerability allows physically present attackers to execute arbitrary code on affected installations of Kenwood DMX958XR devices. Authentication is…
CVE-2025-8648	2025-08-06	MEDIUM	6.8	Kenwood DMX958XR Firmware Update Command Injection Vulnerability. This vulnerability allows physically present attackers to execute arbitrary code on affected installations of Kenwood DMX958XR devices. Authentication is not required…
CVE-2025-8647	2025-08-06	MEDIUM	6.8	Kenwood DMX958XR Firmware Update Command Injection Vulnerability. This vulnerability allows physically present attackers to execute arbitrary code on affected installations of Kenwood DMX958XR devices. Authentication is not required…
CVE-2025-8646	2025-08-06	MEDIUM	6.8	Kenwood DMX958XR Firmware Update Command Injection Vulnerability. This vulnerability allows physically present attackers to execute arbitrary code on affected installations of Kenwood DMX958XR devices. Authentication is not required…
CVE-2025-8645	2025-08-06	MEDIUM	6.8	Kenwood DMX958XR Firmware Update Command Injection Vulnerability. This vulnerability allows physically present attackers to execute arbitrary code on affected installations of Kenwood DMX958XR devices. Authentication is not required…
CVE-2025-8644	2025-08-06	MEDIUM	6.8	Kenwood DMX958XR Firmware Update Command Injection Vulnerability. This vulnerability allows physically present attackers to execute arbitrary code on affected installations of Kenwood DMX958XR devices. Authentication is not required…
CVE-2025-8643	2025-08-06	MEDIUM	6.8	Kenwood DMX958XR Firmware Update Command Injection Vulnerability. This vulnerability allows physically present attackers to execute arbitrary code on affected installations of Kenwood DMX958XR devices. Authentication is not required…
CVE-2025-8642	2025-08-06	MEDIUM	6.8	Kenwood DMX958XR Firmware Update Command Injection Vulnerability. This vulnerability allows physically present attackers to execute arbitrary code on affected installations of Kenwood DMX958XR devices. Authentication is not required…
CVE-2025-8641	2025-08-06	MEDIUM	6.8	Kenwood DMX958XR Firmware Update Command Injection Vulnerability. This vulnerability allows physically present attackers to execute arbitrary code on affected installations of Kenwood DMX958XR devices. Authentication is not required…
CVE-2025-8640	2025-08-06	MEDIUM	6.8	Kenwood DMX958XR Firmware Update Command Injection Vulnerability. This vulnerability allows physically present attackers to execute arbitrary code on affected installations of Kenwood DMX958XR devices. Authentication is not required…
CVE-2025-8639	2025-08-06	MEDIUM	6.8	Kenwood DMX958XR Firmware Update Command Injection Vulnerability. This vulnerability allows physically present attackers to execute arbitrary code on affected Kenwood DMX958XR devices. Authentication is not required to exploit…
CVE-2025-8638	2025-08-06	MEDIUM	6.8	Kenwood DMX958XR Firmware Update Command Injection Vulnerability. This vulnerability allows physically present attackers to execute arbitrary code on affected installations of Kenwood DMX958XR devices. Authentication is not required…
CVE-2025-8637	2025-08-06	MEDIUM	6.8	Kenwood DMX958XR Firmware Update Command Injection Vulnerability. This vulnerability allows physically present attackers to execute arbitrary code on affected installations of Kenwood DMX958XR devices. Authentication is not required…
CVE-2025-8636	2025-08-06	MEDIUM	6.8	Kenwood DMX958XR Firmware Update Command Injection Vulnerability. This vulnerability allows physically present attackers to execute arbitrary code on affected installations of Kenwood DMX958XR devices. Authentication is not required…
CVE-2025-8635	2025-08-06	MEDIUM	6.8	Kenwood DMX958XR Firmware Update Command Injection Vulnerability. This vulnerability allows physically present attackers to execute arbitrary code on affected installations of Kenwood DMX958XR devices. Authentication is not required…
CVE-2025-8634	2025-08-06	MEDIUM	6.8	Kenwood DMX958XR Firmware Update Command Injection Vulnerability. This vulnerability allows physically present attackers to execute arbitrary code on affected installations of Kenwood DMX958XR devices. Authentication is not required…
CVE-2025-8633	2025-08-06	MEDIUM	6.8	Kenwood DMX958XR Firmware Update Command Injection Vulnerability. This vulnerability allows physically present attackers to execute arbitrary code on affected installations of Kenwood DMX958XR devices. Authentication is not required…
CVE-2025-8632	2025-08-06	MEDIUM	6.8	Kenwood DMX958XR Firmware Update Command Injection Vulnerability. This vulnerability allows physically present attackers to execute arbitrary code on affected installations of Kenwood DMX958XR devices. Authentication is not required…
CVE-2025-8631	2025-08-06	MEDIUM	6.8	Kenwood DMX958XR Firmware Update Command Injection Vulnerability. This vulnerability allows physically present attackers to execute arbitrary code on affected installations of Kenwood DMX958XR devices. Authentication is not required…
CVE-2025-8630	2025-08-06	MEDIUM	6.8	Kenwood DMX958XR Firmware Update Command Injection Vulnerability. This vulnerability allows physically present attackers to execute arbitrary code on affected installations of Kenwood DMX958XR devices. Authentication is not required…
CVE-2025-8629	2025-08-06	MEDIUM	6.8	Kenwood DMX958XR Firmware Update Command Injection Vulnerability. This vulnerability allows physically present attackers to execute arbitrary code on affected installations of Kenwood DMX958XR devices. Authentication is not required…
CVE-2025-8628	2025-08-06	MEDIUM	6.8	Kenwood DMX958XR Firmware Update Command Injection Vulnerability. This vulnerability allows physically present attackers to execute arbitrary code on affected installations of Kenwood DMX958XR devices. Authentication is not required…
CVE-2025-7502	2025-08-06	MEDIUM	6.4	The WPBakery Page Builder for WordPress plugin for WordPress is vulnerable to Stored Cross-Site Scripting via several shortcodes in all versions up to, and including, 8.5 due to…
CVE-2025-7036	2025-08-06	HIGH	7.5	The CleverReach® WP plugin for WordPress is vulnerable to time-based SQL Injection via the ‘title’ parameter in all versions up to, and including, 1.5.20 due to insufficient escaping…
CVE-2025-6986	2025-08-06	MEDIUM	6.5	The FileBird – WordPress Media Library Folders & File Manager plugin for WordPress is vulnerable to SQL Injection via the 'search' parameter in all versions up to, and…
CVE-2025-6690	2025-08-06	MEDIUM	6.4	The WP Tournament Registration plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘field’ parameter in all versions up to, and including, 1.3.0 due to insufficient…
CVE-2025-6259	2025-08-06	MEDIUM	6.4	The esri-map-view plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's esri-map-view shortcode in all versions up to, and including, 1.2.3 due to insufficient input…
CVE-2025-6256	2025-08-06	MEDIUM	6.4	The Flex Guten plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘thumbnailHoverEffect’ parameter in all versions up to, and including, 1.2.5 due to insufficient input…
CVE-2025-54623	2025-08-06	MEDIUM	6.3	Out-of-bounds read vulnerability in the devicemanager module. Impact: Successful exploitation of this vulnerability may affect availability.
CVE-2025-54622	2025-08-06	HIGH	8.3	Binding authentication bypass vulnerability in the devicemanager module. Impact: Successful exploitation of this vulnerability may affect service confidentiality.
CVE-2025-54621	2025-08-06	MEDIUM	5.3	Iterator failure issue in the WantAgent module. Impact: Successful exploitation of this vulnerability may cause memory release failures.
CVE-2025-54620	2025-08-06	MEDIUM	5.5	Deserialization vulnerability of untrusted data in the ability module. Impact: Successful exploitation of this vulnerability may affect availability.
CVE-2025-54619	2025-08-06	MEDIUM	5.3	Iterator failure issue in the multi-mode input module. Impact: Successful exploitation of this vulnerability may cause iterator failures and affect availability.
CVE-2025-54618	2025-08-06	MEDIUM	5.7	Permission control vulnerability in the distributed clipboard module. Impact: Successful exploitation of this vulnerability may affect service confidentiality.
CVE-2025-54617	2025-08-06	MEDIUM	6.8	Stack-based buffer overflow vulnerability in the dms_fwk module. Impact: Successful exploitation of this vulnerability can cause RCE.

« Anterior Página 940 de 4305 Siguiente »

Vulnerabilidades CVE

Vulnerabilidades CVE

Soluciones

Recursos

Legal y Soporte