Vulnerabilidades CVE

A continuación la lista de las últimas vulnerabilidades publicadas por el instituto NIST:

Borrar filtros
CVE ID Publicado Severidad CVSS Descripción
CVE-2025-53876 2025-07-12 N/A 0.0 Rejected reason: Not used
CVE-2025-53875 2025-07-12 N/A 0.0 Rejected reason: Not used
CVE-2025-53874 2025-07-12 N/A 0.0 Rejected reason: Not used
CVE-2025-53873 2025-07-12 N/A 0.0 Rejected reason: Not used
CVE-2025-53872 2025-07-12 N/A 0.0 Rejected reason: Not used
CVE-2025-53871 2025-07-12 N/A 0.0 Rejected reason: Not used
CVE-2025-5199 2025-07-12 HIGH 7.3 In Canonical Multipass up to and including version 1.15.1 on macOS, incorrect default permissions allow a local attacker to escalate privileges by modifying files executed with administrative privileges…
CVE-2025-7460 2025-07-11 HIGH 8.8 A vulnerability has been found in TOTOLINK T6 4.1.5cu.748_B20211015 and classified as critical. Affected by this vulnerability is the function setWiFiAclRules of the file /cgi-bin/cstecgi.cgi of the component…
CVE-2025-53636 2025-07-11 MEDIUM 5.4 Open OnDemand is an open-source HPC portal. Users can flood logs by interacting with the shell app and generating many errors. Users who flood logs can create very…
CVE-2025-7459 2025-07-11 HIGH 7.3 A vulnerability classified as critical was found in code-projects Mobile Shop 1.0. This vulnerability affects unknown code of the file /EditMobile.php. The manipulation of the argument ID leads…
CVE-2025-7457 2025-07-11 HIGH 7.3 A vulnerability, which was classified as critical, was found in Campcodes Online Movie Theater Seat Reservation System 1.0. This affects an unknown part of the file /admin/manage_movie.php. The…
CVE-2025-7456 2025-07-11 HIGH 7.3 A vulnerability, which was classified as critical, has been found in Campcodes Online Movie Theater Seat Reservation System 1.0. Affected by this issue is some unknown functionality of…
CVE-2025-7455 2025-07-11 HIGH 7.3 A vulnerability classified as critical was found in Campcodes Online Movie Theater Seat Reservation System 1.0. Affected by this vulnerability is an unknown functionality of the file /manage_reserve.php.…
CVE-2025-30403 2025-07-11 HIGH 8.1 A heap-buffer-overflow vulnerability is possible in mvfst via a specially crafted message during a QUIC session. This issue affects mvfst versions prior to v2025.07.07.00.
CVE-2025-52089 2025-07-11 MEDIUM 5.4 A hidden remote support feature protected by a static secret in TOTOLINK N300RB firmware version 8.54 allows an authenticated attacker to execute arbitrary OS commands with root privileges.
CVE-2025-48924 2025-07-11 MEDIUM 6.5 Uncontrolled Recursion vulnerability in Apache Commons Lang. This issue affects Apache Commons Lang: Starting with commons-lang:commons-lang 2.0 to 2.6, and, from org.apache.commons:commons-lang3 3.0 before 3.18.0. The methods ClassUtils.getClass(...) can throw StackOverflowError on…
CVE-2025-7503 2025-07-11 N/A 0.0 An OEM IP camera manufactured by Shenzhen Liandian Communication Technology LTD exposes a Telnet service (port 23) with undocumented, default credentials. The Telnet service is enabled by default…
CVE-2025-7454 2025-07-11 HIGH 7.3 A vulnerability classified as critical has been found in Campcodes Online Movie Theater Seat Reservation System 1.0. Affected is an unknown function of the file /admin/manage_theater.php. The manipulation…
CVE-2025-7453 2025-07-11 LOW 3.7 A vulnerability was found in saltbo zpan up to 1.6.5/1.7.0-beta2. It has been rated as problematic. This issue affects the function NewToken of the file zpan/internal/app/service/token.go of the…
CVE-2025-3631 2025-07-11 MEDIUM 6.5 An IBM MQ 9.3 and 9.4 Client connecting to an MQ Queue Manager can cause a SIGSEGV in the AMQRMPPA channel process terminating it.
CVE-2025-30402 2025-07-11 HIGH 8.1 A heap-buffer-overflow vulnerability in the loading of ExecuTorch methods can cause the runtime to crash and potentially result in code execution or other undesirable effects. This issue affects…
CVE-2013-3307 2025-07-11 HIGH 8.3 Linksys E1000 devices through 2.1.02, E1200 devices before 2.0.05, and E3200 devices through 1.0.04 allow OS command injection via shell metacharacters in the apply.cgi ping_ip parameter on TCP…
CVE-2025-7452 2025-07-11 MEDIUM 6.3 A vulnerability was found in kone-net go-chat up to f9e58d0afa9bbdb31faf25e7739da330692c4c63. It has been declared as critical. This vulnerability affects the function GetFile of the file go-chat/api/v1/file_controller.go of the…
CVE-2025-53642 2025-07-11 MEDIUM 4.8 haxcms-nodejs and haxcms-php are backends for HAXcms. The logout function within the application does not terminate a user's session or clear their cookies. Additionally, the application issues a…
CVE-2025-53641 2025-07-11 HIGH 8.2 Postiz is an AI social media scheduling tool. From 1.45.1 to 1.62.3, the Postiz frontend application allows an attacker to inject arbitrary HTTP headers into the middleware pipeline.…
CVE-2025-45582 2025-07-11 MEDIUM 4.1 GNU Tar through 1.35 allows file overwrite via directory traversal in crafted TAR archives, with a certain two-step process. First, the victim must extract an archive that contains…
CVE-2025-53519 2025-07-11 MEDIUM 5.4 A vulnerability exists in Advantech iView versions prior to 5.7.05 build 7057, which could allow a reflected cross-site scripting (XSS) attack. By manipulating specific parameters, an attacker could…
CVE-2025-41442 2025-07-11 MEDIUM 5.4 A vulnerability exists in Advantech iView versions prior to 5.7.05 build 7057, which could allow a reflected cross-site scripting (XSS) attack. By manipulating certain input parameters, an attacker…
CVE-2025-45662 2025-07-10 MEDIUM 6.1 A cross-site scripting (XSS) vulnerability in the component /master/login.php of mpgram-web commit 94baadb allows attackers to execute arbitrary Javascript in the context of a user's browser via a…
CVE-2025-28245 2025-07-10 MEDIUM 6.1 Cross-site scripting (XSS) vulnerability in Alteryx Server 2023.1.1.460 allows remote attackers to inject arbitrary web script or HTML via the notification body.
CVE-2025-7450 2025-07-11 MEDIUM 5.4 A vulnerability was found in letseeqiji gorobbs up to 1.0.8. It has been classified as critical. This affects the function ResetUserAvatar of the file controller/api/v1/user.go of the component…
CVE-2025-47964 2025-07-11 MEDIUM 5.4 Microsoft Edge (Chromium-based) Spoofing Vulnerability
CVE-2025-47963 2025-07-11 MEDIUM 6.3 No cwe for this issue in Microsoft Edge (Chromium-based) allows an unauthorized attacker to perform spoofing over a network.
CVE-2025-47182 2025-07-11 MEDIUM 5.6 Improper input validation in Microsoft Edge (Chromium-based) allows an authorized attacker to bypass a security feature locally.
CVE-2025-43856 2025-07-11 N/A 0.0 immich is a high performance self-hosted photo and video management solution. Prior to 1.132.0, immich is vulnerable to account hijacking through oauth2, because the state parameter is not…
CVE-2024-47065 2025-07-11 N/A 0.0 Meshtastic is an open source mesh networking solution. Prior to 2.5.1, traceroute responses from the remote node are not rate limited. Given that there are SNR measurements attributed…
CVE-2025-7029 2025-07-11 N/A 0.0 A vulnerability in the Software SMI handler (SwSmiInputValue 0xB2) allows a local attacker to control the RBX register, which is used to derive pointers (OcHeader, OcData) passed into…
CVE-2025-7028 2025-07-11 N/A 0.0 A vulnerability in the Software SMI handler (SwSmiInputValue 0x20) allows a local attacker to supply a crafted pointer (FuncBlock) through RBX and RCX register values. This pointer is…
CVE-2025-7027 2025-07-11 N/A 0.0 A vulnerability in the Software SMI handler (SwSmiInputValue 0xB2) allows a local attacker to control both the read and write addresses used by the CommandRcx1 function. The write…
CVE-2025-7026 2025-07-11 HIGH 8.2 A vulnerability in the Software SMI handler (SwSmiInputValue 0xB2) allows a local attacker to control the RBX register, which is used as an unchecked pointer in the CommandRcx0…
CVE-2025-6549 2025-07-11 MEDIUM 6.5 An Incorrect Authorization vulnerability in the web server of Juniper Networks Junos OS on SRX Series allows an unauthenticated, network-based attacker to reach the Juniper Web Device Manager…
CVE-2025-52989 2025-07-11 MEDIUM 5.1 An Improper Neutralization of Delimiters vulnerability in the UI of Juniper Networks Junos OS and Junos OS Evolved allows a local, authenticated attacker with high privileges to modify…
CVE-2025-52988 2025-07-11 MEDIUM 6.7 An Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability in the CLI of Juniper Networks Junos OS and Junos OS Evolved allows…
CVE-2025-52986 2025-07-11 MEDIUM 5.5 A Missing Release of Memory after Effective Lifetime vulnerability in the routing protocol daemon (rpd) of Juniper Networks Junos OS and Junos OS Evolved allows a local, low…
CVE-2025-52985 2025-07-11 MEDIUM 5.3 A Use of Incorrect Operator vulnerability in the Routing Engine firewall of Juniper Networks Junos OS Evolved allows an unauthenticated, network-based attacker to bypass security restrictions. When a…
CVE-2025-52984 2025-07-11 MEDIUM 5.9 A NULL Pointer Dereference vulnerability in the routing protocol daemon (rpd) of Juniper Networks Junos OS and Junos OS Evolved allows an unauthenticated, network-based attacker to cause impact…
CVE-2025-52983 2025-07-11 HIGH 7.2 A UI Discrepancy for Security Feature vulnerability in the UI of Juniper Networks Junos OS on VM Host systems allows a network-based, unauthenticated attacker to access the device.…
CVE-2025-52982 2025-07-11 MEDIUM 5.9 An Improper Resource Shutdown or Release vulnerability in the SIP ALG of Juniper Networks Junos OS on MX Series with MS-MPC allows an unauthenticated, network-based attacker to cause…
CVE-2025-52981 2025-07-11 HIGH 7.5 An Improper Check for Unusual or Exceptional Conditions vulnerability in the flow processing daemon (flowd) of Juniper Networks Junos OS on SRX1600, SRX2300, SRX 4000 Series, and SRX5000…
CVE-2025-52980 2025-07-11 HIGH 7.5 A Use of Incorrect Byte Ordering vulnerability in the Routing Protocol Daemon (rpd) of Juniper Networks Junos OS on SRX300 Series allows an unauthenticated, network-based attacker to cause…
« Anterior Página 996 de 4307 Siguiente »