Vulnerabilidades CVE
Base de datos de vulnerabilidades CVE enriquecida con datos de CISA KEV y NVD
| CVE ID | CVSS | Severidad | KEV | Avistamientos |
|---|---|---|---|---|
| CVE-2025-53767 Azure OpenAI Elevation of Privilege Vulnerability | 10.0 | CRITICAL | β | 0 |
| CVE-2025-30012 The Live Auction Cockpit in SAP Supplier Relationship Management (SRM) uses a deprecated java applet component, which allows an unauthenticated attacker to send malicious payload request in a specific... | 10.0 | CRITICAL | β | 0 |
| CVE-2025-49132 Pterodactyl is a free, open-source game server management panel. Prior to version 1.11.11, using the /locales/locale.json with the locale and namespace query parameters, a malicious actor is able to e... | 10.0 | CRITICAL | β | 0 |
| CVE-2025-41240 Three Bitnami Helm charts mount Kubernetes Secrets under a predictable path (/opt/bitnami/*/secrets) that is located within the web server document root. In affected versions, this can lead to unauthe... | 10.0 | CRITICAL | β | 0 |
| CVE-2021-34770 A vulnerability in the Control and Provisioning of Wireless Access Points (CAPWAP) protocol processing of Cisco IOS XE Software for Cisco Catalyst 9000 Family Wireless Controllers could allow an unaut... | 10.0 | CRITICAL | β | 0 |
| CVE-2024-39761 Multiple OS command injection vulnerabilities exist in the login.cgi set_sys_init() functionality of Wavlink AC3000 M33A8.V5030.210505. A specially crafted HTTP request can lead to arbitrary code exec... | 10.0 | CRITICAL | β | 0 |
| CVE-2022-24816 JAI-EXT is an open-source project which aims to extend the Java Advanced Imaging (JAI) API. Programs allowing Jiffle script to be provided via network request can lead to a Remote Code Execution as th... | 10.0 | CRITICAL | KEV | 0 |
| CVE-2022-22536 SAP NetWeaver Application Server ABAP, SAP NetWeaver Application Server Java, ABAP Platform, SAP Content Server 7.53 and SAP Web Dispatcher are vulnerable for request smuggling and request concatenati... | 10.0 | CRITICAL | KEV | 0 |
| CVE-2024-36258 A stack-based buffer overflow vulnerability exists in the touchlist_sync.cgi touchlistsync() functionality of Wavlink AC3000 M33A8.V5030.210505. A specially crafted HTTP request can lead to arbitrary ... | 10.0 | CRITICAL | β | 0 |
| CVE-2024-56731 Gogs is an open source self-hosted Git service. Prior to version 0.13.3, it's still possible to delete files under the .git directory and achieve remote command execution due to an insufficient patch ... | 10.0 | CRITICAL | β | 0 |
| CVE-2024-51745 Wasmtime is a fast and secure runtime for WebAssembly. Wasmtime's filesystem sandbox implementation on Windows blocks access to special device filenames such as "COM1", "COM2", "LPT0", "LPT1", and so ... | 10.0 | CRITICAL | β | 0 |
| CVE-2022-20700 Multiple vulnerabilities in Cisco Small Business RV160, RV260, RV340, and RV345 Series Routers could allow an attacker to do any of the following: Execute arbitrary code Elevate privileges Execute arb... | 10.0 | CRITICAL | KEV | 0 |
| CVE-2024-2227 This vulnerability allows access to arbitrary files in the application server file system due to a path traversal vulnerability in JavaServer Faces (JSF) 2.2.20 documented in CVE-2020-6950. The remedi... | 10.0 | CRITICAL | β | 0 |
| CVE-2024-39760 Multiple OS command injection vulnerabilities exist in the login.cgi set_sys_init() functionality of Wavlink AC3000 M33A8.V5030.210505. A specially crafted HTTP request can lead to arbitrary code exec... | 10.0 | CRITICAL | β | 0 |
| CVE-2024-28354 There is a command injection vulnerability in the TRENDnet TEW-827DRU router with firmware version 2.10B01. An attacker can inject commands into the post request parameters usapps.@smb[%d].username in... | 10.0 | CRITICAL | β | 0 |
| CVE-2024-11317 Session Fixation vulnerabilities allow an attacker to fix a users session identifier before login providing an opportunity for session takeover on a product.Β Affected products: ABB ASPECT - Enterpr... | 10.0 | CRITICAL | β | 0 |
| CVE-2025-46348 YesWiki is a wiki system written in PHP. Prior to version 4.5.4, the request to commence a site backup can be performed and downloaded without authentication. The archives are created with a predictab... | 10.0 | CRITICAL | β | 0 |
| CVE-2025-29902 Remote code execution that allows unauthorized users to execute arbitrary code on the server machine. | 10.0 | CRITICAL | β | 0 |
| CVE-2025-6512 On a client with a non-admin user, a script can be integrated into a report. The reports could later be executed on the BRAIN2 server with administrator rights. | 10.0 | CRITICAL | β | 0 |
| CVE-2024-34166 An os command injection vulnerability exists in the touchlist_sync.cgi touchlistsync() functionality of Wavlink AC3000 M33A8.V5030.210505. A specially crafted set of HTTP requests can lead to arbitrar... | 10.0 | CRITICAL | β | 0 |
| CVE-2024-39608 A firmware update vulnerability exists in the login.cgi functionality of Wavlink AC3000 M33A8.V5030.210505. A specially crafted HTTP request can lead to arbitrary firmware update. An attacker can send... | 10.0 | CRITICAL | β | 0 |
| CVE-2024-39754 A static login vulnerability exists in the wctrls functionality of Wavlink AC3000 M33A8.V5030.210505. A specially crafted set of network packets can lead to root access. An attacker can send packets t... | 10.0 | CRITICAL | β | 0 |
| CVE-2025-50567 Saurus CMS Community Edition 4.7.1 contains a vulnerability in the custom DB::prepare() function, which uses preg_replace() with the deprecated /e (eval) modifier to interpolate SQL query parameters. ... | 10.0 | CRITICAL | β | 0 |
| CVE-2024-25139 In TP-Link Omada er605 1.0.1 through (v2.6) 2.2.3, a cloud-brd binary is susceptible to an integer overflow that leads to a heap-based buffer overflow. After heap shaping, an attacker can achieve code... | 10.0 | CRITICAL | β | 0 |
| CVE-2017-16845 hw/input/ps2.c in Qemu does not validate 'rptr' and 'count' values during guest migration, leading to out-of-bounds access. | 10.0 | CRITICAL | β | 0 |
| CVE-2025-41243 Spring Cloud Gateway Server Webflux may be vulnerable to Spring Environment property modification. An application should be considered vulnerable when all the following are true: * The applicatio... | 10.0 | CRITICAL | β | 0 |
| CVE-2023-38586 An access issue was addressed with additional sandbox restrictions. This issue is fixed in macOS Sonoma 14. A sandboxed process may be able to circumvent sandbox restrictions. | 10.0 | CRITICAL | β | 0 |
| CVE-2023-40455 A permissions issue was addressed with additional restrictions. This issue is fixed in macOS Sonoma 14. A sandboxed process may be able to circumvent sandbox restrictions. | 10.0 | CRITICAL | β | 0 |
| CVE-2024-44146 A logic issue was addressed with improved file handling. This issue is fixed in macOS Sequoia 15. An app may be able to break out of its sandbox. | 10.0 | CRITICAL | β | 0 |
| CVE-2024-39759 Multiple OS command injection vulnerabilities exist in the login.cgi set_sys_init() functionality of Wavlink AC3000 M33A8.V5030.210505. A specially crafted HTTP request can lead to arbitrary code exec... | 10.0 | CRITICAL | β | 0 |
| CVE-2024-37099 Deserialization of Untrusted Data vulnerability in Liquid Web GiveWP allows Object Injection.This issue affects GiveWP: from n/a through 3.14.1. | 10.0 | CRITICAL | β | 0 |
| CVE-2024-56799 Simofa is a tool to help automate static website building and deployment. Prior to version 0.2.7, due to a design mistake in the RouteLoader class, some API routes may be publicly accessible when they... | 10.0 | CRITICAL | β | 0 |
| CVE-2024-25096 Improper Control of Generation of Code ('Code Injection') vulnerability in Canto Inc. Canto allows Code Injection.This issue affects Canto: from n/a through 3.0.7. | 10.0 | CRITICAL | β | 0 |
| CVE-2024-31351 Unrestricted Upload of File with Dangerous Type vulnerability in Copymatic Copymatic β AI Content Writer & Generator.This issue affects Copymatic β AI Content Writer & Generator: from n/a through 1.6. | 10.0 | CRITICAL | β | 0 |
| CVE-2024-2389 In Flowmon versions prior to 11.1.14 and 12.3.5, an operating system command injection vulnerability has been identified.Β An unauthenticated userΒ can gain entry to the system via the Flowmon manageme... | 10.0 | CRITICAL | β | 0 |
| CVE-2022-42497 Arbitrary Code Execution vulnerability in Api2Cart Bridge Connector plugin <= 1.1.0 on WordPress. | 10.0 | CRITICAL | β | 0 |
| CVE-2024-50704 Unauthenticated remote code execution vulnerability in Uniguest Tripleplay before 24.2.1 allows remote attackers to execute arbitrary code via a specially crafted HTTP POST request. | 10.0 | CRITICAL | β | 0 |
| CVE-2024-50707 Unauthenticated remote code execution vulnerability in Uniguest Tripleplay before 24.2.1 allows remote attackers to execute arbitrary code via the X-Forwarded-For header in an HTTP GET request. | 10.0 | CRITICAL | β | 0 |
| CVE-2024-31996 XWiki Platform is a generic wiki platform. Starting in version 3.0.1 and prior to versions 4.10.19, 15.5.4, and 15.10-rc-1, the HTML escaping of escaping tool that is used in XWiki doesn't escape `{`,... | 10.0 | CRITICAL | β | 0 |
| CVE-2024-56829 Huang Yaoshi Pharmaceutical Management Software through 16.0 allows arbitrary file upload via a .asp filename in the fileName element of the UploadFile element in a SOAP request to /XSDService.asmx. | 10.0 | CRITICAL | β | 0 |
| CVE-2024-7591 Improper Input Validation vulnerability in Progress LoadMaster allows OS Command Injection.This issue affects: * LoadMaster: 7.2.40.0 and above * ECS: All versions * Multi-Tenancy: 7.1.35.4 and abo... | 10.0 | CRITICAL | β | 0 |
| CVE-2025-41672 A remote unauthenticated attacker may use default certificates to generate JWT Tokens and gain full access to the tool and all connected devices. | 10.0 | CRITICAL | β | 0 |
| CVE-2024-27957 Unrestricted Upload of File with Dangerous Type vulnerability in Pie Register.This issue affects Pie Register: from n/a through 3.8.3.1. | 10.0 | CRITICAL | β | 0 |
| CVE-2024-36290 A buffer overflow vulnerability exists in the login.cgi Goto_chidx() functionality of Wavlink AC3000 M33A8.V5030.210505. A specially crafted HTTP request can lead to stack-based buffer overflow. An at... | 10.0 | CRITICAL | β | 0 |
| CVE-2024-11639 An authentication bypass in the admin web console of Ivanti CSA before 5.0.3 allows a remote unauthenticated attacker to gain administrative access | 10.0 | CRITICAL | β | 0 |
| CVE-2024-30510 Unrestricted Upload of File with Dangerous Type vulnerability in Salon Booking System Salon booking system.This issue affects Salon booking system: from n/a through 9.5. | 10.0 | CRITICAL | β | 0 |
| CVE-2017-12905 Server Side Request Forgery vulnerability in Vebto Pixie Image Editor 1.4 and 1.7 allows remote attackers to disclose information or execute arbitrary code via the url parameter to Launderer.php. | 10.0 | CRITICAL | β | 0 |
| CVE-2025-26701 An issue was discovered in Percona PMM Server (OVA) before 3.0.0-1.ova. The default service account credentials can lead to SSH access, use of Sudo to root, and sensitive data exposure. This is fixed ... | 10.0 | CRITICAL | β | 0 |
| CVE-2017-8110 www.modified-shop.org modified eCommerce Shopsoftware 2.0.2.2 rev 10690 has XXE in api/it-recht-kanzlei/api-it-recht-kanzlei.php. | 10.0 | CRITICAL | β | 0 |
| CVE-2025-54119 ADOdb is a PHP database class library that provides abstractions for performing queries and managing databases. In versions 5.22.9 and below, improper escaping of a query parameter may allow an attack... | 10.0 | CRITICAL | β | 0 |
This product uses data from the NVD API but is not endorsed or certified by the NVD.