Vulnerabilidades CVE

A continuación la lista de las últimas vulnerabilidades publicadas por el instituto NIST:

Borrar filtros
CVE ID Publicado Severidad CVSS Descripción
CVE-2025-8346 2025-07-31 MEDIUM 4.3 A vulnerability, which was classified as problematic, has been found in Portabilis i-Educar 2.10. Affected by this issue is some unknown functionality of the file /educar_aluno_lst.php. The manipulation…
CVE-2025-8345 2025-07-31 MEDIUM 6.3 A vulnerability classified as critical was found in Shanghai Lingdang Information Technology Lingdang CRM up to 8.6.4.7. Affected by this vulnerability is the function delete_user of the file…
CVE-2025-8344 2025-07-31 MEDIUM 6.3 A vulnerability classified as critical has been found in openviglet shio up to 0.3.8. Affected is the function shStaticFileUpload of the file shio-app/src/main/java/com/viglet/shio/api/staticfile/ShStaticFileAPI.java. The manipulation of the argument…
CVE-2025-8343 2025-07-31 MEDIUM 4.3 A vulnerability was found in openviglet shio up to 0.3.8. It has been rated as critical. This issue affects the function shStaticFilePreUpload of the file shio-app/src/main/java/com/viglet/shio/api/staticfile/ShStaticFileAPI.java. The manipulation…
CVE-2025-8340 2025-07-31 MEDIUM 4.3 A vulnerability was found in code-projects Intern Membership Management System 1.0. It has been declared as problematic. This vulnerability affects unknown code of the file fill_details.php of the…
CVE-2025-8339 2025-07-31 HIGH 7.3 A vulnerability was found in code-projects Intern Membership Management System 1.0. It has been classified as critical. This affects an unknown part of the file /student_login.php. The manipulation…
CVE-2025-8338 2025-07-31 HIGH 7.3 A vulnerability was found in projectworlds Online Admission System 1.0 and classified as critical. Affected by this issue is some unknown functionality of the file /adminac.php. The manipulation…
CVE-2025-54085 2025-07-31 N/A 0.0 CVE-2025-54085 is a vulnerability in the management console of Absolute Secure Access prior to version 13.56. Attackers with administrative access to the console and who have been assigned…
CVE-2025-49084 2025-07-31 N/A 0.0 CVE-2025-49084 is a vulnerability in the management console of Absolute Secure Access prior to version 13.56. Attackers with administrative access can overwrite policy rules without the requisite permissions.…
CVE-2025-49083 2025-07-31 N/A 0.0 CVE-2025-49083 is a vulnerability in the management console of Absolute Secure Access after version 12.00 and prior to version 13.56. Attackers with administrative access to the console can…
CVE-2025-49082 2025-07-31 N/A 0.0 CVE-2025-49082 is a vulnerability in the management console of Absolute Secure Access prior to version 13.56. Attackers with administrative access to the console and who have been assigned…
CVE-2025-36040 2025-07-31 MEDIUM 6.5 IBM Aspera Faspex 5.0.0 through 5.0.12.1 could allow an authenticated user to perform unauthorized actions due to client-side enforcement of sever side security mechanisms.
CVE-2025-36039 2025-07-31 MEDIUM 6.5 IBM Aspera Faspex 5.0.0 through 5.0.12.1 could allow an authenticated user to perform unauthorized actions due to client-side enforcement of sever side security mechanisms,
CVE-2025-8337 2025-07-30 LOW 2.4 A vulnerability, which was classified as problematic, has been found in code-projects Simple Car Rental System 1.0. This issue affects some unknown processing of the file /admin/add_vehicles.php. The…
CVE-2025-8336 2025-07-30 HIGH 7.3 A vulnerability classified as critical was found in Campcodes Online Recruitment Management System 1.0. This vulnerability affects unknown code of the file /admin/ajax.php?action=save_user. The manipulation of the argument…
CVE-2025-8335 2025-07-30 MEDIUM 4.3 A vulnerability classified as problematic has been found in code-projects Simple Car Rental System 1.0. This affects an unknown part. The manipulation leads to cross-site request forgery. It…
CVE-2025-8334 2025-07-30 HIGH 7.3 A vulnerability was found in Campcodes Online Recruitment Management System 1.0. It has been rated as critical. Affected by this issue is some unknown functionality of the file…
CVE-2025-54586 2025-07-30 HIGH 7.1 GitProxy is an application that stands between developers and a Git remote endpoint. In versions 1.19.1 and below, attackers can inject extra commits into the pack sent to…
CVE-2025-8333 2025-07-30 HIGH 7.3 A vulnerability was found in code-projects Online Farm System 1.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file /categoryvalue.php.…
CVE-2025-8332 2025-07-30 HIGH 7.3 A vulnerability was found in code-projects Online Farm System 1.0. It has been classified as critical. Affected is an unknown function of the file /register.php. The manipulation of…
CVE-2025-54585 2025-07-30 N/A 0.0 GitProxy is an application that stands between developers and a Git remote endpoint. In versions 1.19.1 and below, attackers can exploit the way GitProxy handles new branch creation…
CVE-2025-8331 2025-07-30 HIGH 7.3 A vulnerability was found in code-projects Online Farm System 1.0 and classified as critical. This issue affects some unknown processing of the file /forgot_pass.php. The manipulation of the…
CVE-2025-8330 2025-07-30 HIGH 7.3 A vulnerability has been found in code-projects Vehicle Management 1.0 and classified as critical. This vulnerability affects unknown code of the file /edit1.php. The manipulation of the argument…
CVE-2025-54584 2025-07-30 N/A 0.0 GitProxy is an application that stands between developers and a Git remote endpoint (e.g., github.com). In versions 1.19.1 and below, an attacker can craft a malicious Git packfile…
CVE-2025-54583 2025-07-30 N/A 0.0 GitProxy is an application that stands between developers and a Git remote endpoint (e.g., github.com). Versions 1.19.1 and below allow users to push to remote repositories while bypassing…
CVE-2025-54581 2025-07-30 HIGH 7.5 vproxy is an HTTP/HTTPS/SOCKS5 proxy server. In versions 2.3.3 and below, untrusted data is extracted from the user-controlled HTTP Proxy-Authorization header and passed to Extension::try_from and flows into…
CVE-2025-54576 2025-07-30 CRITICAL 9.1 OAuth2-Proxy is an open-source tool that can act as either a standalone reverse proxy or a middleware component integrated into existing reverse proxy or load balancer setups. In…
CVE-2025-54575 2025-07-30 MEDIUM 5.3 ImageSharp is a 2D graphics library. In versions below 2.1.11 and 3.0.0 through 3.1.10, a specially crafted GIF file containing a malformed comment extension block (with a missing…
CVE-2025-53022 2025-07-30 HIGH 8.6 TrustedFirmware-M (aka Trusted Firmware for M profile Arm CPUs) before 2.1.3 and 2.2.x before 2.2.1 lacks length validation during a firmware upgrade. While processing a new image, the…
CVE-2025-52187 2025-07-30 HIGH 8.2 GetProjectsIdea Create School Management System 1.0 is vulnerable to Cross Site Scripting (XSS) in my_profile_update_form1.php.
CVE-2025-51954 2025-07-30 MEDIUM 6.1 playground.electronhub.ai v1.1.9 was discovered to contain a cross-site scripting (XSS) vulnerability.
CVE-2024-48916 2025-07-30 HIGH 8.1 Ceph is a distributed object, block, and file storage platform. In versions 19.2.3 and below, it is possible to send an JWT that has "none" as JWT alg.…
CVE-2025-8329 2025-07-30 HIGH 7.3 A vulnerability, which was classified as critical, was found in code-projects Vehicle Management 1.0. This affects an unknown part of the file /filter3.php. The manipulation of the argument…
CVE-2025-51951 2025-07-30 MEDIUM 6.1 andisearch v0.5.249 was discovered to contain a cross-site scripting (XSS) vulnerability.
CVE-2025-50777 2025-07-30 HIGH 7.8 The firmware of the AZIOT 2MP Full HD Smart Wi-Fi CCTV Home Security Camera (version V1.00.02) contains an Incorrect Access Control vulnerability that allows local attackers to gain…
CVE-2025-50464 2025-07-30 MEDIUM 6.5 A buffer overflow vulnerability exists in the upload.cgi module of the iptime NAS firmware v1.5.04. The vulnerability arises due to the unsafe use of the strcpy function to…
CVE-2025-36609 2025-07-30 LOW 2.5 Dell SmartFabric OS10 Software, versions prior to 10.6.0.5, contains a Use of Hard-coded Password vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading…
CVE-2025-36608 2025-07-30 MEDIUM 6.5 Dell SmartFabric OS10 Software, versions prior to 10.6.0.5, contains an Improper Restriction of XML External Entity Reference vulnerability. A low privileged attacker with remote access could potentially exploit…
CVE-2025-30103 2025-07-30 MEDIUM 5.5 Dell SmartFabric OS10 Software, versions prior to 10.6.0.5 contains a Files or Directories Accessible to External Parties vulnerability. A low privileged attacker with local access could potentially exploit…
CVE-2025-54829 2025-07-31 N/A 0.0 Rejected reason: Not used
CVE-2025-54828 2025-07-31 N/A 0.0 Rejected reason: Not used
CVE-2025-54827 2025-07-31 N/A 0.0 Rejected reason: Not used
CVE-2025-54826 2025-07-31 N/A 0.0 Rejected reason: Not used
CVE-2025-54825 2025-07-31 N/A 0.0 Rejected reason: Not used
CVE-2025-54824 2025-07-31 N/A 0.0 Rejected reason: Not used
CVE-2025-54823 2025-07-31 N/A 0.0 Rejected reason: Not used
CVE-2023-41674 2025-07-31 N/A 0.0 Rejected reason: Not used
CVE-2025-7356 2025-07-30 N/A 0.0 Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.
CVE-2024-11478 2025-07-30 N/A 0.0 Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.
CVE-2025-54582 2025-07-30 N/A 0.0 Rejected reason: Reason: This candidate was issued in error. Valid Netty requests are issued via https://github.com/netty/netty.
« Anterior Página 952 de 4306 Siguiente »