Vulnerabilidades CVE
Base de datos de vulnerabilidades CVE enriquecida con datos de CISA KEV y NVD
| CVE ID | CVSS | Severidad | KEV | Avistamientos |
|---|---|---|---|---|
| CVE-2025-5622 A vulnerability was found in D-Link DIR-816 1.10CNB05 and classified as critical. Affected by this issue is the function wirelessApcli_5g of the file /goform/wirelessApcli_5g. The manipulation of the ... | 9.8 | CRITICAL | β | 0 |
| CVE-2024-33792 netis-systems MEX605 v2.00.06 allows attackers to execute arbitrary OS commands via a crafted payload to the tracert page. | 9.8 | CRITICAL | β | 0 |
| CVE-2024-39236 Gradio v4.36.1 was discovered to contain a code injection vulnerability via the component /gradio/component_meta.py. This vulnerability is triggered via a crafted input. NOTE: the supplier disputes th... | 9.8 | CRITICAL | β | 0 |
| CVE-2024-53552 CrushFTP 10 before 10.8.3 and 11 before 11.2.3 mishandles password reset, leading to account takeover. | 9.8 | CRITICAL | β | 0 |
| CVE-2024-38993 rjrodger jsonic-next v2.12.1 was discovered to contain a prototype pollution via the function empty. This vulnerability allows attackers to execute arbitrary code or cause a Denial of Service (DoS) vi... | 9.8 | CRITICAL | β | 0 |
| CVE-2024-53947 Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Apache Superset. Specifically, certain engine-specific functions are not checked, which allows att... | 9.8 | CRITICAL | β | 0 |
| CVE-2024-33789 Linksys E5600 v1.1.0.26 was discovered to contain a command injection vulnerability via the ipurl parameter at /API/info form endpoint. | 9.8 | CRITICAL | β | 0 |
| CVE-2024-47208 Server-Side Request Forgery (SSRF), Improper Control of Generation of Code ('Code Injection') vulnerability in Apache OFBiz. This issue affects Apache OFBiz: before 18.12.17. Users are recommended t... | 9.8 | CRITICAL | β | 0 |
| CVE-2024-5822 A Server-Side Request Forgery (SSRF) vulnerability exists in the upload processing interface of gaizhenbiao/ChuanhuChatGPT versions <= ChuanhuChatGPT-20240410-git.zip. This vulnerability allows attack... | 9.8 | CRITICAL | β | 0 |
| CVE-2025-44148 Cross Site Scripting (XSS) vulnerability in MailEnable before v10 allows a remote attacker to execute arbitrary code via the failure.aspx component | 9.8 | CRITICAL | β | 0 |
| CVE-2025-27520 BentoML is a Python library for building online serving systems optimized for AI apps and model inference. A Remote Code Execution (RCE) vulnerability caused by insecure deserialization has been ident... | 9.8 | CRITICAL | β | 0 |
| CVE-2025-47869 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability was discovered in Apache NuttX RTOS apps/exapmles/xmlrpc application. In this example application device stats str... | 9.8 | CRITICAL | β | 0 |
| CVE-2025-6121 A vulnerability, which was classified as critical, has been found in D-Link DIR-632 FW103B08. Affected by this issue is the function get_pure_content of the component HTTP POST Request Handler. The ma... | 9.8 | CRITICAL | β | 0 |
| CVE-2025-3365 A missing protection against path traversal allows to access any file on the server. | 9.8 | CRITICAL | β | 0 |
| CVE-2025-4631 The Profitori plugin for WordPress is vulnerable to Privilege Escalation due to a missing capability check on the stocktend_object endpoint in versions 2.0.6.0 to 2.1.1.3. This makes it possible to tr... | 9.8 | CRITICAL | β | 0 |
| CVE-2025-5600 A vulnerability, which was classified as critical, has been found in TOTOLINK EX1200T 4.1.2cu.5232_B20210713. This issue affects the function setLanguageCfg of the file /cgi-bin/cstecgi.cgi. The manip... | 9.8 | CRITICAL | β | 0 |
| CVE-2025-4607 The PSW Front-end Login & Registration plugin for WordPress is vulnerable to Privilege Escalation in all versions up to, and including, 1.12 via the customer_registration() function. This is due to th... | 9.8 | CRITICAL | β | 0 |
| CVE-2024-56325 Authentication Bypass Issue If the path does not contain / and contain., authentication is not required. Expected Normal Request and Response Example curl -X POST -H "Content-Type: application/json... | 9.8 | CRITICAL | β | 0 |
| CVE-2024-35285 A vulnerability in NuPoint Messenger (NPM) of Mitel MiCollab through 9.8.0.33 allows an unauthenticated attacker to conduct a command injection attack due to insufficient parameter sanitization. | 9.8 | CRITICAL | β | 0 |
| CVE-2024-35314 A vulnerability in the Desktop Client of Mitel MiCollab through 9.7.1.110, and MiVoice Business Solution Virtual Instance (MiVB SVI) 1.0.0.25, could allow an unauthenticated attacker to conduct a comm... | 9.8 | CRITICAL | β | 0 |
| CVE-2024-44546 Powerjob >= 3.20 is vulnerable to SQL injection via the version parameter. | 9.8 | CRITICAL | β | 0 |
| CVE-2025-49825 Teleport provides connectivity, authentication, access controls and audit for infrastructure. Community Edition versions before and including 17.5.1 are vulnerable to remote authentication bypass. At ... | 9.8 | CRITICAL | β | 0 |
| CVE-2024-45208 The Versa Director SD-WAN orchestration platform which makes use of Cisco NCS application service. Active and Standby Directors communicate over TCP ports 4566 and 4570 to exchange High Availability (... | 9.8 | CRITICAL | β | 0 |
| CVE-2025-24288 The Versa Director software exposes a number of services by default and allow attackers an easy foothold due to default credentials and multiple accounts (most with sudo access) that utilize the same ... | 9.8 | CRITICAL | β | 0 |
| CVE-2024-10901 In eosphoros-ai/db-gpt version v0.6.0, the web API `POST /api/v1/editor/chart/run` allows execution of arbitrary SQL queries without any access control. This vulnerability can be exploited by attacker... | 9.8 | CRITICAL | β | 0 |
| CVE-2025-4738 Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Yirmibes Software MY ERP allows SQL Injection.This issue affects MY ERP: before 1.170. | 9.8 | CRITICAL | β | 0 |
| CVE-2025-30139 An issue was discovered on G-Net Dashcam BB GONX devices. Default credentials for SSID cannot be changed. It broadcasts a fixed SSID with default credentials that cannot be changed. This allows any ne... | 9.8 | CRITICAL | β | 0 |
| CVE-2023-26785 MariaDB v10.5 was discovered to contain a remote code execution (RCE) vulnerability via UDF Code in a Shared Object File, followed by a "create function" statement. NOTE: this is disputed by the Maria... | 9.8 | CRITICAL | β | 0 |
| CVE-2024-25254 SuperScan v4.1 was discovered to contain a buffer overflow via the Hostname/IP parameter. | 9.8 | CRITICAL | β | 0 |
| CVE-2024-45216 Improper Authentication vulnerability in Apache Solr. Solr instances using the PKIAuthenticationPlugin, which is enabled by default when Solr Authentication is used, are vulnerable to Authentication ... | 9.8 | CRITICAL | β | 0 |
| CVE-2025-32105 A buffer overflow in the the Sangoma IMG2020 HTTP server through 2.3.9.6 allows an unauthenticated user to achieve remote code execution. | 9.8 | CRITICAL | β | 0 |
| CVE-2024-10835 In eosphoros-ai/db-gpt version v0.6.0, the web API `POST /api/v1/editor/sql/run` allows execution of arbitrary SQL queries without any access control. This vulnerability can be exploited by attackers ... | 9.8 | CRITICAL | β | 0 |
| CVE-2024-46535 Jepaas v7.2.8 was discovered to contain a SQL injection vulnerability via the orderSQL parameter at /homePortal/loadUserMsg. | 9.8 | CRITICAL | β | 0 |
| CVE-2025-48481 FreeScout is a free self-hosted help desk and shared mailbox. Prior to version 1.8.180, an attacker with an unactivated email invitation containing invite_hash, can exploit this vulnerability to self-... | 9.8 | CRITICAL | β | 0 |
| CVE-2025-32106 In Audiocodes Mediapack MP-11x through 6.60A.369.002, a crafted POST request request may result in an unauthenticated remote user's ability to execute unauthorized code. | 9.8 | CRITICAL | β | 0 |
| CVE-2020-36846 A buffer overflow, as described in CVE-2020-8927, exists in the embedded Brotli library.Β Versions of IO::Compress::Brotli prior to 0.007 included a version of the brotli library prior to version 1.0.... | 9.8 | CRITICAL | β | 0 |
| CVE-2025-46352 The CS5000 Fire Panel is vulnerable due to a hard-coded password that runs on a VNC server and is visible as a string in the binary responsible for running VNC. This password cannot be altered, allo... | 9.8 | CRITICAL | β | 0 |
| CVE-2025-41438 The CS5000 Fire Panel is vulnerable due to a default account that exists on the panel. Even though it is possible to change this by SSHing into the device, it has remained unchanged on every install... | 9.8 | CRITICAL | β | 0 |
| CVE-2025-29953 Deserialization of Untrusted Data vulnerability in Apache ActiveMQ NMS OpenWire Client. This issue affects Apache ActiveMQ NMS OpenWire Client before 2.1.1 when performing connections to untrusted se... | 9.8 | CRITICAL | β | 0 |
| CVE-2024-29756 In afe_callback of q6afe.c, there is a possible out of bounds write due to a buffer overflow. This could lead to local escalation of privilege with no additional execution privileges needed. User inte... | 9.8 | CRITICAL | β | 0 |
| CVE-2025-1907 Instantel Micromate lacks authentication on a configuration port which could allow an attacker to execute commands if connected. | 9.8 | CRITICAL | β | 0 |
| CVE-2024-11286 The WP JobHunt plugin for WordPress is vulnerable to authentication bypass in all versions up to, and including, 7.1. This is due to the plugin not properly verifying a user's identity prior to authen... | 9.8 | CRITICAL | β | 0 |
| CVE-2025-49001 DataEase is an open source business intelligence and data visualization tool. Prior to version 2.10.10, secret verification does not take effect successfully, so a user can use any secret to forge a J... | 9.8 | CRITICAL | β | 0 |
| CVE-2025-49002 DataEase is an open source business intelligence and data visualization tool. Versions prior to version 2.10.10 have a flaw in the patch for CVE-2025-32966 that allow the patch to be bypassed through ... | 9.8 | CRITICAL | β | 0 |
| CVE-2024-11285 The WP JobHunt plugin for WordPress is vulnerable to privilege escalation via account takeover in all versions up to, and including, 7.1. This is due to the plugin not properly validating a user's ide... | 9.8 | CRITICAL | β | 0 |
| CVE-2025-5486 The WP Email Debug plugin for WordPress is vulnerable to privilege escalation due to a missing capability check on the WPMDBUG_handle_settings() function in versions 1.0 to 1.1.0. This makes it possib... | 9.8 | CRITICAL | β | 0 |
| CVE-2024-51211 SQL injection vulnerability exists in OS4ED openSIS-Classic Version 9.1, specifically in the resetuserinfo.php file. The vulnerability is due to improper input validation of the $username_stn_id param... | 9.8 | CRITICAL | β | 0 |
| CVE-2024-11284 The WP JobHunt plugin for WordPress is vulnerable to privilege escalation via account takeover in all versions up to, and including, 6.9. This is due to the plugin not properly validating a user's ide... | 9.8 | CRITICAL | β | 0 |
| CVE-2024-23086 Apfloat v1.10.1 was discovered to contain a stack overflow via the component org.apfloat.internal.DoubleModMath::modPow(double. NOTE: this is disputed by multiple third parties who believe there was n... | 9.8 | CRITICAL | β | 0 |
| CVE-2024-9194 Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Linux and Microsoft Windows Octopus Server on Windows, Linux allows SQL Injection.This issue affec... | 9.8 | CRITICAL | β | 0 |
This product uses data from the NVD API but is not endorsed or certified by the NVD.