Vulnerabilidades CVE
Base de datos de vulnerabilidades CVE enriquecida con datos de CISA KEV y NVD
| CVE ID | CVSS | Severidad | KEV | Avistamientos |
|---|---|---|---|---|
| CVE-2026-30998 An improper resource deallocation and closure vulnerability in the tools/zmqsend.c component of FFmpeg v8.0.1 allows attackers to cause a Denial of Service (DoS) via supplying a crafted input file. | 7.5 | HIGH | β | 0 |
| CVE-2019-25654 Core FTP/SFTP Server 1.2 contains a buffer overflow vulnerability that allows attackers to crash the service by supplying an excessively long string in the User domain field. Attackers can paste a mal... | 7.5 | HIGH | β | 0 |
| CVE-2019-25552 CEWE PHOTO SHOW 6.4.3 contains a denial of service vulnerability that allows attackers to crash the application by submitting an excessively long buffer to the password field. Attackers can paste a la... | 7.5 | HIGH | β | 0 |
| CVE-2026-33184 nimiq/core-rs-albatross is a Rust implementation of the Nimiq Proof-of-Stake protocol based on the Albatross consensus algorithm. Prior to version 1.3.0, the discovery handler accepts a peer-controlle... | 7.5 | HIGH | β | 0 |
| CVE-2026-33852 Missing Release of Memory after Effective Lifetime vulnerability in MolotovCherry Android-ImageMagick7.This issue affects Android-ImageMagick7: before 7.1.2-11. | 7.5 | HIGH | β | 0 |
| CVE-2026-6319 Use after free in Payments in Google Chrome on Android prior to 147.0.7727.101 allowed a remote attacker who convinced a user to engage in specific UI gestures to execute arbitrary code via a crafted ... | 7.5 | HIGH | β | 0 |
| CVE-2026-32854 LibVNCServer versions 0.9.15 and prior (fixed inΒ commit dc78dee) contain null pointer dereference vulnerabilities in the HTTP proxy handlers within httpProcessInput() in httpd.c that allow remote atta... | 7.5 | HIGH | β | 0 |
| CVE-2026-22663 prompts.chat prior to commit 7b81836 contains multiple authorization bypass vulnerabilities due to missing isPrivate checks across API endpoints and page metadata generation that allow unauthorized us... | 7.5 | HIGH | β | 0 |
| CVE-2026-33806 Impact: Fastify applications using schema.body.content for per-content-type body validation can have validation bypassed entirely by prepending a space to the Content-Type header. The body is still p... | 7.5 | HIGH | β | 0 |
| CVE-2026-34070 LangChain is a framework for building agents and LLM-powered applications. Prior to version 1.2.22, multiple functions in langchain_core.prompts.loading read files from paths embedded in deserialized ... | 7.5 | HIGH | β | 0 |
| CVE-2026-40248 free5GC is an open-source implementation of the 5G core network. In versions 4.2.1 and below of the UDR service, the handler for creating or updating Traffic Influence Subscriptions checks whether the... | 7.5 | HIGH | β | 0 |
| CVE-2026-6308 Out of bounds read in Media in Google Chrome prior to 147.0.7727.101 allowed a remote attacker who convinced a user to engage in specific UI gestures to execute arbitrary code via a crafted HTML page.... | 7.5 | HIGH | β | 0 |
| CVE-2019-25579 phpTransformer 2016.9 contains a directory traversal vulnerability that allows unauthenticated attackers to access arbitrary files by manipulating the path parameter. Attackers can send requests to th... | 7.5 | HIGH | β | 0 |
| CVE-2026-33891 Forge (also called `node-forge`) is a native implementation of Transport Layer Security in JavaScript. Prior to version 1.4.0, a Denial of Service (DoS) vulnerability exists in the node-forge library ... | 7.5 | HIGH | β | 0 |
| CVE-2026-33540 Distribution is a toolkit to pack, ship, store, and deliver container content. Prior to 3.1.0, in pull-through cache mode, distribution discovers token auth endpoints by parsing WWW-Authenticate chall... | 7.5 | HIGH | β | 0 |
| CVE-2026-35464 pyLoad is a free and open-source download manager written in Python. The fix for CVE-2026-33509 added an ADMIN_ONLY_OPTIONS set to block non-admin users from modifying security-critical config options... | 7.5 | HIGH | β | 0 |
| CVE-2026-32228 UI / API User with asset materialize permission could trigger dags they had no access to. Users are advised to migrate to Airflow version 3.2.0 that fixes the issue. | 7.5 | HIGH | β | 0 |
| CVE-2026-40481 monetr is a budgeting application for recurring expenses. In versions 1.12.3 and below, the public Stripe webhook endpoint buffers the entire request body into memory before validating the Stripe sign... | 7.5 | HIGH | β | 0 |
| CVE-2026-31676 In the Linux kernel, the following vulnerability has been resolved: rxrpc: only handle RESPONSE during service challenge Only process RESPONSE packets while the service connection is still in RXRPC_... | 7.5 | HIGH | β | 0 |
| CVE-2026-30230 Flare is a Next.js-based, self-hostable file sharing platform that integrates with screenshot tools. Prior to version 1.7.2, the thumbnail endpoint does not validate the password for passwordβprotecte... | 7.5 | HIGH | β | 0 |
| CVE-2026-2262 The Easy Appointments plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 3.12.21 via the `/wp-json/wp/v2/eablocks/ea_appointments/` REST API end... | 7.5 | HIGH | β | 0 |
| CVE-2026-35556 OpenPLC_V3 is vulnerable to a Plaintext Storage of a Password vulnerability that could allow an attacker to retrieve credentials and access sensitive information. | 7.5 | HIGH | β | 0 |
| CVE-2026-5437 An out-of-bounds read vulnerability exists in `DicomStreamReader` during DICOM meta-header parsing. When processing malformed metadata structures, the parser may read beyond the bounds of the allocate... | 7.5 | HIGH | β | 0 |
| CVE-2018-25294 CEWE Photoshow 6.3.4 contains a buffer overflow vulnerability in the login dialog that allows attackers to crash the application by submitting oversized input. Attackers can inject 4000 bytes of data ... | 7.5 | HIGH | β | 0 |
| CVE-2026-34297 Vulnerability in the Oracle HCM Common Architecture product of Oracle E-Business Suite (component: Knowledge Integration). Supported versions that are affected are 12.2.3-12.2.15. Easily exploitable ... | 7.5 | HIGH | β | 0 |
| CVE-2026-5426 Hard-coded ASP.NET/IIS machineKey value in Digital Knowledge KnowledgeDeliver deployments prior to February 24, 2026 allows adversaries to circumvent ViewState validation mechanisms and achieve remote... | 7.5 | HIGH | β | 0 |
| CVE-2026-28429 Talishar is a fan-made Flesh and Blood project. Prior to commit 6be3871, a Path Traversal vulnerability was identified in the gameName parameter. While the application's primary entry points implement... | 7.5 | HIGH | β | 0 |
| CVE-2026-35230 Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). The supported version that is affected is 7.2.6. Difficult to exploit vulnerability allows high privileg... | 7.5 | HIGH | β | 0 |
| CVE-2026-33204 SimpleJWT is a simple JSON web token library written in PHP. Prior to version 1.1.1, an unauthenticated attacker can perform a Denial of Service via JWE header tampering when PBES2 algorithms are used... | 7.5 | HIGH | β | 0 |
| CVE-2026-4727 Denial-of-service in the Libraries component in NSS. This vulnerability was fixed in Firefox 149 and Thunderbird 149. | 7.5 | HIGH | β | 0 |
| CVE-2026-4726 Denial-of-service in the XML component. This vulnerability was fixed in Firefox 149 and Thunderbird 149. | 7.5 | HIGH | β | 0 |
| CVE-2026-27833 Piwigo is an open source photo gallery application for the web. Prior to version 16.3.0, the pwg.history.search API method in Piwigo is registered without the admin_only option, allowing unauthenticat... | 7.5 | HIGH | β | 0 |
| CVE-2026-35391 Bulwark Webmail is a self-hosted webmail client for Stalwart Mail Server. Prior to 1.4.11, the getClientIP() function in lib/admin/session.ts trusted the first (leftmost) entry of the X-Forwarded-For ... | 7.5 | HIGH | β | 0 |
| CVE-2026-26828 A NULL pointer dereference in the daap_reply_playlists function (src/httpd_daap.c) of owntone-server commit 3d1652d allows attackers to cause a Denial of Service (DoS) via sending a crafted DAAP reque... | 7.5 | HIGH | β | 0 |
| CVE-2026-26829 A NULL pointer dereference in the safe_atou64 function (src/misc.c) of owntone-server through commit c4d57aa allows attackers to cause a Denial of Service (DoS) via sending a series of crafted HTTP re... | 7.5 | HIGH | β | 0 |
| CVE-2026-33554 ipmi-oem in FreeIPMI before 1.16.17 has exploitable buffer overflows on response messages. The Intelligent Platform Management Interface (IPMI) specification defines a set of interfaces for platform m... | 7.5 | HIGH | β | 0 |
| CVE-2026-34946 Wasmtime is a runtime for WebAssembly. From 25.0.0 to before 36.0.7, 42.0.2, and 43.0.1, Wasmtime's Winch compiler contains a vulnerability where the compilation of the table.fill instruction can resu... | 7.5 | HIGH | β | 0 |
| CVE-2026-40303 zrok is software for sharing web services, files, and network resources. Prior to version 2.0.1, endpoints.GetSessionCookie parses an attacker-supplied cookie chunk count and calls make([]string, coun... | 7.5 | HIGH | β | 0 |
| CVE-2026-34486 Missing Encryption of Sensitive Data vulnerability in Apache Tomcat due to theΒ fix for CVE-2026-29146 allowing the bypass of the EncryptInterceptor. This issue affects Apache Tomcat: 11.0.20, 10.1.53... | 7.5 | HIGH | β | 0 |
| CVE-2026-28388 Issue summary: When a delta CRL that contains a Delta CRL Indicator extension is processed a NULL pointer dereference might happen if the required CRL Number extension is missing. Impact summary: A N... | 7.5 | HIGH | β | 0 |
| CVE-2026-31638 In the Linux kernel, the following vulnerability has been resolved: rxrpc: Only put the call ref if one was acquired rxrpc_input_packet_on_conn() can process a to-client packet after the current cli... | 7.5 | HIGH | β | 0 |
| CVE-2026-31640 In the Linux kernel, the following vulnerability has been resolved: rxrpc: Fix use of wrong skb when comparing queued RESP challenge serial In rxrpc_post_response(), the code should be comparing the... | 7.5 | HIGH | β | 0 |
| CVE-2026-41602 Integer Overflow or Wraparound vulnerability in Apache Thrift TFramedTransport Go language implementation This issue affects Apache Thrift: before 0.23.0. Users are recommended to upgrade to version... | 7.5 | HIGH | β | 0 |
| CVE-2026-31662 In the Linux kernel, the following vulnerability has been resolved: tipc: fix bc_ackers underflow on duplicate GRP_ACK_MSG The GRP_ACK_MSG handler in tipc_group_proto_rcv() currently decrements bc_a... | 7.5 | HIGH | β | 0 |
| CVE-2026-32135 NanoMQ MQTT Broker (NanoMQ) is an all-around Edge Messaging Platform. Versions prior to 0.24.11 have a remotely triggerable heap buffer overflow in the `uri_param_parse` function of NanoMQ's REST API.... | 7.5 | HIGH | β | 0 |
| CVE-2026-34943 Wasmtime is a runtime for WebAssembly. Prior to 24.0.7, 36.0.7, 42.0.2, and 43.0.1, Wasmtime contains a possible panic which can happen when a flags-typed component model value is lifted with the Val ... | 7.5 | HIGH | β | 0 |
| CVE-2026-35246 Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). The supported version that is affected is 7.2.6. Difficult to exploit vulnerability allows high privileg... | 7.5 | HIGH | β | 0 |
| CVE-2026-33218 NATS-Server is a High-Performance server for NATS.io, a cloud and edge native messaging system. Prior to versions 2.11.15 and 2.12.6, a client which can connect to the leafnode port can crash the nats... | 7.5 | HIGH | β | 0 |
| CVE-2026-4652 On a system exposing an NVMe/TCP target, a remote client can trigger a kernel panic by sending a CONNECT command for an I/O queue with a bogus or stale CNTLID. An attacker with network access to the ... | 7.5 | HIGH | β | 0 |
| CVE-2026-33614 An unauthenticated remote attacker can exploit an unauthenticated SQL Injection vulnerability in the getinfo endpoint due to improper neutralization of special elements in a SQL SELECT command. This c... | 7.5 | HIGH | β | 0 |
This product uses data from the NVD API but is not endorsed or certified by the NVD.