Vulnerabilidades CVE
Base de datos de vulnerabilidades CVE enriquecida con datos de CISA KEV y NVD
| CVE ID | CVSS | Severidad | KEV | Avistamientos |
|---|---|---|---|---|
| CVE-2022-44640 Heimdal before 7.7.1 allows remote attackers to execute arbitrary code because of an invalid free in the ASN.1 codec used by the Key Distribution Center (KDC). | 9.8 | CRITICAL | β | 0 |
| CVE-2022-45896 Planet eStream before 6.72.10.07 allows unauthenticated upload of arbitrary files: Choose a Video / Related Media or Upload Document. Upload2.ashx can be used, or Ajax.asmx/ProcessUpload2. This leads ... | 9.8 | CRITICAL | β | 0 |
| CVE-2022-47377 Password recovery vulnerability in SICK SIM2000ST Partnumber 2086502 with firmware version <1.13.4 allows an unprivileged remote attacker to gain access to the userlevel defined as RecoverableUserLeve... | 9.8 | CRITICAL | β | 0 |
| CVE-2022-46682 Jenkins Plot Plugin 2.1.11 and earlier does not configure its XML parser to prevent XML external entity (XXE) attacks. | 9.8 | CRITICAL | β | 0 |
| CVE-2022-42813 A certificate validation issue existed in the handling of WKWebView. This issue was addressed with improved validation. This issue is fixed in tvOS 16.1, iOS 16.1 and iPadOS 16, macOS Ventura 13, watc... | 9.8 | CRITICAL | β | 0 |
| CVE-2024-36046 Infoblox NIOS through 8.6.4 executes with more privileges than required. | 9.8 | CRITICAL | β | 0 |
| CVE-2022-46404 A command injection vulnerability has been identified in Atos Unify OpenScape 4000 Assistant and Unify OpenScape 4000 Manager (8 before R2.22.18, 10 before 0.28.13, and 10 R1 before R1.34.4) that may ... | 9.8 | CRITICAL | β | 0 |
| CVE-2021-45466 In CWP (aka Control Web Panel or CentOS Web Panel) before 0.9.8.1107, attackers can make a crafted request to api/?api=add_server&DHCP= to add an authorized_keys text file in the /resources/ folder. | 9.8 | CRITICAL | β | 0 |
| CVE-2022-45299 An issue in the IpFile argument of rust-lang webbrowser-rs v0.8.2 allows attackers to access arbitrary files via supplying a crafted URL. | 9.8 | CRITICAL | β | 0 |
| CVE-2022-45875 Improper validation of script alert plugin parameters in Apache DolphinScheduler to avoid remote command execution vulnerability. This issue affects Apache DolphinScheduler version 3.0.1 and prior ve... | 9.8 | CRITICAL | β | 0 |
| CVE-2021-45467 In CWP (aka Control Web Panel or CentOS Web Panel) before 0.9.8.1107, an unauthenticated attacker can use %00 bytes to cause /user/loader.php to register an arbitrary API key, as demonstrated by a /us... | 9.8 | CRITICAL | β | 0 |
| CVE-2022-42808 An out-of-bounds write issue was addressed with improved bounds checking. This issue is fixed in tvOS 16.1, iOS 16.1 and iPadOS 16, macOS Ventura 13, watchOS 9.1. A remote user may be able to cause ke... | 9.8 | CRITICAL | β | 0 |
| CVE-2022-24116 Certain General Electric Renewable Energy products have inadequate encryption strength. This affects iNET and iNET II before 8.3.0. | 9.8 | CRITICAL | β | 0 |
| CVE-2017-13139 In ImageMagick before 6.9.9-0 and 7.x before 7.0.6-1, the ReadOneMNGImage function in coders/png.c has an out-of-bounds read with the MNG CLIP chunk. | 9.8 | CRITICAL | β | 0 |
| CVE-2022-42837 An issue existed in the parsing of URLs. This issue was addressed with improved input validation. This issue is fixed in iOS 16.2 and iPadOS 16.2, macOS Ventura 13.1, iOS 15.7.2 and iPadOS 15.7.2, wat... | 9.8 | CRITICAL | β | 0 |
| CVE-2022-46020 WBCE CMS v1.5.4 can implement getshell by modifying the upload file type. | 9.8 | CRITICAL | β | 0 |
| CVE-2021-33420 A deserialization issue discovered in inikulin replicator before 1.0.4 allows remote attackers to run arbitrary code via the fromSerializable function in TypedArray object. | 9.8 | CRITICAL | β | 0 |
| CVE-2022-39185 EXFO - BV-10 Performance Endpoint Unit Undocumented privileged user. Unit has an undocumented hard-coded privileged user. | 9.8 | CRITICAL | β | 0 |
| CVE-2022-24117 Certain General Electric Renewable Energy products download firmware without an integrity check. This affects iNET and iNET II before 8.3.0, SD before 6.4.7, TD220X before 2.0.16, and TD220MAX before ... | 9.8 | CRITICAL | β | 0 |
| CVE-2022-42529 Product: AndroidVersions: Android kernelAndroid ID: A-235292841References: N/A | 9.8 | CRITICAL | β | 0 |
| CVE-2022-46954 Dynamic Transaction Queuing System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /admin/ajax.php?action=delete_transaction. | 9.8 | CRITICAL | β | 0 |
| CVE-2014-9515 Dozer improperly uses a reflection-based approach to type conversion, which might allow remote attackers to execute arbitrary code via a crafted serialized object. | 9.8 | CRITICAL | β | 0 |
| CVE-2022-38627 Nortek Linear eMerge E3-Series 0.32-08f, 0.32-07p, 0.32-07e, 0.32-09c, 0.32-09b, 0.32-09a, and 0.32-08e were discovered to contain a SQL injection vulnerability via the idt parameter. | 9.8 | CRITICAL | β | 0 |
| CVE-2022-32665 In Boa, there is a possible command injection due to improper input validation. This could lead to remote escalation of privilege with no additional execution privileges needed. User interaction is no... | 9.8 | CRITICAL | β | 0 |
| CVE-2022-38488 logrocket-oauth2-example through 2020-05-27 allows SQL injection via the /auth/register username parameter. | 9.8 | CRITICAL | β | 0 |
| CVE-2022-3515 A vulnerability was found in the Libksba library due to an integer overflow within the CRL parser. The vulnerability can be exploited remotely for code execution on the target system by passing specia... | 9.8 | CRITICAL | β | 0 |
| CVE-2022-39184 EXFO - BV-10 Performance Endpoint Unit authentication bypass User can manually manipulate access enabling authentication bypass. | 9.8 | CRITICAL | β | 0 |
| CVE-2022-24119 Certain General Electric Renewable Energy products have a hidden feature for unauthenticated remote access to the device configuration shell. This affects iNET and iNET II before 8.3.0. | 9.8 | CRITICAL | β | 0 |
| CVE-2022-46364 A SSRF vulnerability in parsing theΒ href attribute of XOP:Include in MTOM requests in versions of Apache CXF before 3.5.5 and 3.4.10 allows an attacker to perform SSRF style attacks on webservices tha... | 9.8 | CRITICAL | β | 0 |
| CVE-2022-4357 The LetsRecover WordPress plugin before 1.2.0 does not properly sanitise and escape a parameter before using it in a SQL statement via an AJAX action available to unauthenticated users, leading to a S... | 9.8 | CRITICAL | β | 0 |
| CVE-2022-4298 The Wholesale Market WordPress plugin before 2.2.1 does not have authorisation check, as well as does not validate user input used to generate system path, allowing unauthenticated attackers to downlo... | 9.8 | CRITICAL | β | 0 |
| CVE-2022-4297 The WP AutoComplete Search WordPress plugin through 1.0.4 does not sanitise and escape a parameter before using it in a SQL statement via an AJAX available to unauthenticated users, leading to an unau... | 9.8 | CRITICAL | β | 0 |
| CVE-2022-25748 Memory corruption in WLAN due to integer overflow to buffer overflow while parsing GTK frames. in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connecti... | 9.8 | CRITICAL | β | 0 |
| CVE-2022-40828 B.C. Institute of Technology CodeIgniter <=3.1.13 is vulnerable to SQL Injection via system\database\DB_query_builder.php or_where_not_in() function. Note: Multiple third parties have disputed this as... | 9.8 | CRITICAL | β | 0 |
| CVE-2022-4099 The Joy Of Text Lite WordPress plugin before 2.3.1 does not properly sanitise and escape some parameters before using them in SQL statements accessible to unauthenticated users, leading to unauthentic... | 9.8 | CRITICAL | β | 0 |
| CVE-2022-4059 The Cryptocurrency Widgets Pack WordPress plugin before 2.0 does not sanitise and escape some parameter before using it in a SQL statement via an AJAX action available to unauthenticated users, leadin... | 9.8 | CRITICAL | β | 0 |
| CVE-2022-4049 The WP User WordPress plugin through 7.0 does not properly sanitize and escape a parameter before using it in a SQL statement, leading to a SQL injection exploitable by unauthenticated users. | 9.8 | CRITICAL | β | 0 |
| CVE-2022-40827 B.C. Institute of Technology CodeIgniter <=3.1.13 is vulnerable to SQL Injection via system\database\DB_query_builder.php where() function. Note: Multiple third parties have disputed this as not a val... | 9.8 | CRITICAL | β | 0 |
| CVE-2022-41220 md2roff 1.9 has a stack-based buffer overflow via a Markdown file, a different vulnerability than CVE-2022-34913. NOTE: the vendor's position is that the product is not intended for untrusted input | 9.8 | CRITICAL | β | 0 |
| CVE-2022-46955 Dynamic Transaction Queuing System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /admin/ajax.php?action=save_queue. | 9.8 | CRITICAL | β | 0 |
| CVE-2022-3241 The Build App Online WordPress plugin before 1.0.19 does not properly sanitise and escape some parameters before using them in a SQL statement via an AJAX action available to unauthenticated users, le... | 9.8 | CRITICAL | β | 0 |
| CVE-2022-46353 A vulnerability has been identified in SCALANCE X204RNA (HSR) (All versions < V3.2.7), SCALANCE X204RNA (PRP) (All versions < V3.2.7), SCALANCE X204RNA EEC (HSR) (All versions < V3.2.7), SCALANCE X204... | 9.8 | CRITICAL | β | 0 |
| CVE-2022-47865 Lead Management System v1.0 is vulnerable to SQL Injection via the id parameter in removeOrder.php. | 9.8 | CRITICAL | β | 0 |
| CVE-2022-47866 Lead management system v1.0 is vulnerable to SQL Injection via the id parameter in removeBrand.php. | 9.8 | CRITICAL | β | 0 |
| CVE-2022-47859 Lead Management System v1.0 is vulnerable to SQL Injection via the user_id parameter in changePassword.php. | 9.8 | CRITICAL | β | 0 |
| CVE-2022-47860 Lead Management System v1.0 is vulnerable to SQL Injection via the id parameter in removeProduct.php. | 9.8 | CRITICAL | β | 0 |
| CVE-2022-48198 The ntpd_driver component before 1.3.0 and 2.x before 2.2.0 for Robot Operating System (ROS) allows attackers, who control the source code of a different node in the same ROS application, to change a ... | 9.8 | CRITICAL | β | 0 |
| CVE-2022-48195 An issue was discovered in Mellium mellium.im/sasl before 0.3.1. When performing SCRAM-based SASL authentication, if the remote end advertises support for channel binding, no random nonce is generated... | 9.8 | CRITICAL | β | 0 |
| CVE-2022-47128 Tenda A15 V15.13.07.13 was discovered to contain a stack overflow via the wepkey2 parameter at /goform/WifiBasicSet. | 9.8 | CRITICAL | β | 0 |
| CVE-2022-47127 Tenda A15 V15.13.07.13 was discovered to contain a stack overflow via the wrlPwd parameter at /goform/WifiBasicSet. | 9.8 | CRITICAL | β | 0 |
This product uses data from the NVD API but is not endorsed or certified by the NVD.