Vulnerabilidades CVE
Base de datos de vulnerabilidades CVE enriquecida con datos de CISA KEV y NVD
| CVE ID | CVSS | Severidad | KEV | Avistamientos |
|---|---|---|---|---|
| CVE-2020-18716 SQL Injection in Rockoa v1.8.7 allows remote attackers to gain privileges due to loose filtering of parameters in wordAction.php. | 9.8 | CRITICAL | β | 0 |
| CVE-2020-18717 SQL Injection in ZZZCMS zzzphp 1.7.1 allows remote attackers to execute arbitrary code due to a lack of parameter filtering in inc/zzz_template.php. | 9.8 | CRITICAL | β | 0 |
| CVE-2021-27169 An issue was discovered on FiberHome AN5506-04-FA devices with firmware RP2631. There is a gepon password for the gepon account. | 9.8 | CRITICAL | β | 0 |
| CVE-2021-25281 An issue was discovered in through SaltStack Salt before 3002.5. salt-api does not honor eauth credentials for the wheel_async client. Thus, an attacker can remotely run any wheel modules on the maste... | 9.8 | CRITICAL | β | 0 |
| CVE-2021-27170 An issue was discovered on FiberHome HG6245D devices through RP2613. By default, there are no firewall rules for IPv6 connectivity, exposing the internal management interfaces to the Internet. | 9.8 | CRITICAL | β | 0 |
| CVE-2021-20623 Video Insight VMS versions prior to 7.8 allows a remote attacker to execute arbitrary code with the system user privilege by sending a specially crafted request. | 9.8 | CRITICAL | β | 0 |
| CVE-2021-27362 The WPG plugin before 3.1.0.0 for IrfanView 4.57 has a Read Access Violation on Control Flow starting at WPG!ReadWPG_W+0x0000000000000133, which might allow remote attackers to execute arbitrary code. | 9.8 | CRITICAL | β | 0 |
| CVE-2021-26809 PHPGurukul Car Rental Project version 2.0 suffers from a remote shell upload vulnerability in changeimage1.php. | 9.8 | CRITICAL | β | 0 |
| CVE-2020-35339 In 74cms version 5.0.1, there is a remote code execution vulnerability in /Application/Admin/Controller/ConfigController.class.php and /ThinkPHP/Common/functions.php where attackers can obtain server ... | 9.8 | CRITICAL | β | 0 |
| CVE-2021-25283 An issue was discovered in through SaltStack Salt before 3002.5. The jinja renderer does not protect against server side template injection attacks. | 9.8 | CRITICAL | β | 0 |
| CVE-2021-3311 An issue was discovered in October through build 471. It reactivates an old session ID (which had been invalid after a logout) once a new login occurs. NOTE: this violates the intended Auth/Manager.ph... | 9.8 | CRITICAL | β | 0 |
| CVE-2021-0254 A buffer size validation vulnerability in the overlayd service of Juniper Networks Junos OS may allow an unauthenticated remote attacker to send specially crafted packets to the device, triggering a p... | 9.8 | CRITICAL | β | 0 |
| CVE-2021-3148 An issue was discovered in SaltStack Salt before 3002.5. Sending crafted web requests to the Salt API can result in salt.utils.thin.gen_thin() command injection because of different handling of single... | 9.8 | CRITICAL | β | 0 |
| CVE-2021-31572 The kernel in Amazon Web Services FreeRTOS before 10.4.3 has an integer overflow in stream_buffer.c for a stream buffer. | 9.8 | CRITICAL | β | 0 |
| CVE-2021-3197 An issue was discovered in SaltStack Salt before 3002.5. The salt-api's ssh client is vulnerable to a shell injection by including ProxyCommand in an argument, or via ssh_options provided in an API re... | 9.8 | CRITICAL | β | 0 |
| CVE-2021-31571 The kernel in Amazon Web Services FreeRTOS before 10.4.3 has an integer overflow in queue.c for queue creation. | 9.8 | CRITICAL | β | 0 |
| CVE-2021-27132 SerComm AG Combo VD625 AGSOT_2.1.0 devices allow CRLF injection (for HTTP header injection) in the download function via the Content-Disposition header. | 9.8 | CRITICAL | β | 0 |
| CVE-2021-25830 A file extension handling issue was found in [core] module of ONLYOFFICE DocumentServer v4.2.0.236-v5.6.4.13. An attacker must request the conversion of the crafted file from DOCT into DOCX format. Us... | 9.8 | CRITICAL | β | 0 |
| CVE-2021-22855 The specific function of HR Portal of Soar Cloud System accepts any type of object to be deserialized. Attackers can send malicious serialized objects to execute arbitrary commands. | 9.8 | CRITICAL | β | 0 |
| CVE-2021-25831 A file extension handling issue was found in [core] module of ONLYOFFICE DocumentServer v4.0.0-9-v5.6.3. An attacker must request the conversion of the crafted file from PPTT into PPTX format. Using t... | 9.8 | CRITICAL | β | 0 |
| CVE-2020-10857 Zulip Desktop before 5.0.0 improperly uses shell.openExternal and shell.openItem with untrusted content, leading to remote code execution. | 9.8 | CRITICAL | β | 0 |
| CVE-2021-30476 HashiCorp Terraformβs Vault Provider (terraform-provider-vault) did not correctly configure GCE-type bound labels for Vaultβs GCP auth method. Fixed in 2.19.1. | 9.8 | CRITICAL | β | 0 |
| CVE-2021-27171 An issue was discovered on FiberHome HG6245D devices through RP2613. It is possible to start a Linux telnetd as root on port 26/tcp by using the CLI interface commands of ddd and shell (or tshell). | 9.8 | CRITICAL | β | 0 |
| CVE-2021-3287 Zoho ManageEngine OpManager before 12.5.329 allows unauthenticated Remote Code Execution due to a general bypass in the deserialization class. | 9.8 | CRITICAL | β | 0 |
| CVE-2019-25039 Unbound before 1.9.5 allows an integer overflow in a size calculation in respip/respip.c. NOTE: The vendor disputes that this is a vulnerability. Although the code may be vulnerable, a running Unbound... | 9.8 | CRITICAL | β | 0 |
| CVE-2021-21426 Magento-lts is a long-term support alternative to Magento Community Edition (CE). In magento-lts versions 19.4.12 and prior and 20.0.8 and prior, there is a vulnerability caused by the unsecured deser... | 9.8 | CRITICAL | β | 0 |
| CVE-2020-23907 An issue was discovered in retdec v3.3. In function canSplitFunctionOn() of ir_modifications.cpp, there is a possible out of bounds read due to a heap buffer overflow. The impact is: Deny of Service, ... | 9.8 | CRITICAL | β | 0 |
| CVE-2021-22652 Access to the Advantech iView versions prior to v5.7.03.6112 configuration are missing authentication, which may allow an unauthorized attacker to change the configuration and obtain code execution. | 9.8 | CRITICAL | β | 0 |
| CVE-2021-25832 A heap buffer overflow vulnerability inside of BMP image processing was found at [core] module of ONLYOFFICE DocumentServer v4.0.0-9-v6.0.0. Using this vulnerability, an attacker is able to gain remot... | 9.8 | CRITICAL | β | 0 |
| CVE-2021-25833 A file extension handling issue was found in [server] module of ONLYOFFICE DocumentServer v4.2.0.71-v5.6.0.21. The file extension is controlled by an attacker through the request data and leads to arb... | 9.8 | CRITICAL | β | 0 |
| CVE-2021-26476 EPrints 3.4.2 allows remote attackers to execute OS commands via crafted LaTeX input to a cgi/cal?year= URI. | 9.8 | CRITICAL | β | 0 |
| CVE-2020-35314 A remote code execution vulnerability in the installUpdateThemePluginAction function in index.php in WonderCMS 3.1.3, allows remote attackers to upload a custom plugin which can contain arbitrary code... | 9.8 | CRITICAL | β | 0 |
| CVE-2020-35313 A server-side request forgery (SSRF) vulnerability in the addCustomThemePluginRepository function in index.php in WonderCMS 3.1.3 allows remote attackers to execute arbitrary code via a crafted URL to... | 9.8 | CRITICAL | β | 0 |
| CVE-2021-31726 Akuvox C315 115.116.2613 allows remote command Injection via the cfgd_server service. The attack vector is sending a payload to port 189 (default root 0.0.0.0). | 9.8 | CRITICAL | β | 0 |
| CVE-2021-3375 ActivePresenter 6.1.6 is affected by a memory corruption vulnerability that may result in a denial of service (DoS) or arbitrary code execution. | 9.8 | CRITICAL | β | 0 |
| CVE-2021-25274 The Collector Service in SolarWinds Orion Platform before 2020.2.4 uses MSMQ (Microsoft Message Queue) and doesn't set permissions on its private queues. As a result, remote unauthenticated clients ca... | 9.8 | CRITICAL | β | 0 |
| CVE-2021-27161 An issue was discovered on FiberHome HG6245D devices through RP2613. The web daemon contains the hardcoded admin / 1234 credentials for an ISP. | 9.8 | CRITICAL | β | 0 |
| CVE-2021-27160 An issue was discovered on FiberHome HG6245D devices through RP2613. The web daemon contains the hardcoded user / 888888 credentials for an ISP. | 9.8 | CRITICAL | β | 0 |
| CVE-2021-27185 The samba-client package before 4.0.0 for Node.js allows command injection because of the use of process.exec. | 9.8 | CRITICAL | β | 0 |
| CVE-2021-27177 An issue was discovered on FiberHome HG6245D devices through RP2613. It is possible to bypass authentication by sending the decoded value of the GgpoZWxwCmxpc3QKd2hvCg== string to the telnet server. | 9.8 | CRITICAL | β | 0 |
| CVE-2021-30502 The unofficial vscode-ghc-simple (aka Simple Glasgow Haskell Compiler) extension before 0.2.3 for Visual Studio Code allows remote code execution via a crafted workspace configuration with replCommand... | 9.8 | CRITICAL | β | 0 |
| CVE-2021-26747 Netis WF2780 2.3.40404 and WF2411 1.1.29629 devices allow Shell Metacharacter Injection into the ping command, leading to remote code execution. | 9.8 | CRITICAL | β | 0 |
| CVE-2021-27236 An issue was discovered in Mutare Voice (EVM) 3.x before 3.3.8. getfile.asp allows Unauthenticated Local File Inclusion, which can be leveraged to achieve Remote Code Execution. | 9.8 | CRITICAL | β | 0 |
| CVE-2021-27153 An issue was discovered on FiberHome HG6245D devices through RP2613. The web daemon contains the hardcoded trueadmin / admintrue credentials for an ISP. | 9.8 | CRITICAL | β | 0 |
| CVE-2021-27152 An issue was discovered on FiberHome HG6245D devices through RP2613. The web daemon contains the hardcoded awnfibre / fibre@dm!n credentials for an ISP. | 9.8 | CRITICAL | β | 0 |
| CVE-2021-27335 KollectApps before 4.8.16c is affected by insecure Java deserialization, leading to Remote Code Execution via a ysoserial.payloads.CommonsCollections parameter. | 9.8 | CRITICAL | β | 0 |
| CVE-2021-27151 An issue was discovered on FiberHome HG6245D devices through RP2613. The web daemon contains the hardcoded rootmet / m3tr0r00t credentials for an ISP. | 9.8 | CRITICAL | β | 0 |
| CVE-2020-35775 CITSmart before 9.1.2.23 allows LDAP Injection. | 9.8 | CRITICAL | β | 0 |
| CVE-2021-27234 An issue was discovered in Mutare Voice (EVM) 3.x before 3.3.8. The web application suffers from SQL injection on Adminlog.asp, Archivemsgs.asp, Deletelog.asp, Eventlog.asp, and Evmlog.asp. | 9.8 | CRITICAL | β | 0 |
| CVE-2021-27150 An issue was discovered on FiberHome HG6245D devices through RP2613. The web daemon contains the hardcoded gestiontelebucaramanga / t3l3buc4r4m4ng42013 credentials for an ISP. | 9.8 | CRITICAL | β | 0 |
This product uses data from the NVD API but is not endorsed or certified by the NVD.