Vulnerabilidades CVE
Base de datos de vulnerabilidades CVE enriquecida con datos de CISA KEV y NVD
| CVE ID | CVSS | Severidad | KEV | Avistamientos |
|---|---|---|---|---|
| CVE-2016-4999 SQL injection vulnerability in the getStringParameterSQL method in main/java/org/dashbuilder/dataprovider/sql/dialect/DefaultDialect.java in Dashbuilder before 0.6.0.Beta1 allows remote attackers to e... | 9.8 | CRITICAL | β | 0 |
| CVE-2016-9053 An exploitable out-of-bounds indexing vulnerability exists within the RW fabric message particle type of Aerospike Database Server 3.10.0.3. A specially crafted packet can cause the server to fetch a ... | 9.8 | CRITICAL | β | 0 |
| CVE-2015-0573 drivers/media/platform/msm/broadcast/tsc.c in the TSC driver for the Linux kernel 3.x, as used in Qualcomm Innovation Center (QuIC) Android contributions for MSM devices and other products, allows att... | 9.8 | CRITICAL | β | 0 |
| CVE-2016-7480 The SplObjectStorage unserialize implementation in ext/spl/spl_observer.c in PHP before 7.0.12 does not verify that a key is an object, which allows remote attackers to execute arbitrary code or cause... | 9.8 | CRITICAL | β | 0 |
| CVE-2016-2148 Heap-based buffer overflow in the DHCP client (udhcpc) in BusyBox before 1.25.0 allows remote attackers to have unspecified impact via vectors involving OPTION_6RD parsing. | 9.8 | CRITICAL | β | 0 |
| CVE-2016-9052 An exploitable stack-based buffer overflow vulnerability exists in the querying functionality of Aerospike Database Server 3.10.0.3. A specially crafted packet can cause a stack-based buffer overflow ... | 9.8 | CRITICAL | β | 0 |
| CVE-2016-7567 Buffer overflow in the SLPFoldWhiteSpace function in common/slp_compare.c in OpenSLP 2.0 allows remote attackers to have unspecified impact via a crafted string. | 9.8 | CRITICAL | β | 0 |
| CVE-2016-3078 Multiple integer overflows in php_zip.c in the zip extension in PHP before 7.0.6 allow remote attackers to cause a denial of service (heap-based buffer overflow and application crash) or possibly have... | 9.8 | CRITICAL | β | 0 |
| CVE-2017-5005 Stack-based buffer overflow in Quick Heal Internet Security 10.1.0.316 and earlier, Total Security 10.1.0.316 and earlier, and AntiVirus Pro 10.1.0.316 and earlier on OS X allows remote attackers to e... | 9.8 | CRITICAL | β | 0 |
| CVE-2016-9558 (1) libdwarf/dwarf_leb.c and (2) dwarfdump/print_frames.c in libdwarf before 20161124 allow remote attackers to have unspecified impact via a crafted bit pattern in a signed leb number, aka a "negatio... | 9.8 | CRITICAL | β | 0 |
| CVE-2017-5340 Zend/zend_hash.c in PHP before 7.0.15 and 7.1.x before 7.1.1 mishandles certain cases that require large array allocations, which allows remote attackers to execute arbitrary code or cause a denial of... | 9.8 | CRITICAL | β | 0 |
| CVE-2016-5772 Double free vulnerability in the php_wddx_process_data function in wddx.c in the WDDX extension in PHP before 5.5.37, 5.6.x before 5.6.23, and 7.x before 7.0.8 allows remote attackers to cause a denia... | 9.8 | CRITICAL | β | 0 |
| CVE-2016-9054 An exploitable stack-based buffer overflow vulnerability exists in the querying functionality of Aerospike Database Server 3.10.0.3. A specially crafted packet can cause a stack-based buffer overflow ... | 9.8 | CRITICAL | β | 0 |
| CVE-2016-9157 A vulnerability in Siemens SICAM PAS (all versions before V8.09) could allow a remote attacker to cause a Denial of Service condition and potentially lead to unauthenticated remote code execution by s... | 9.8 | CRITICAL | β | 0 |
| CVE-2017-5941 An issue was discovered in the node-serialize package 0.0.4 for Node.js. Untrusted data passed into the unserialize() function can be exploited to achieve arbitrary code execution by passing a JavaScr... | 9.8 | CRITICAL | β | 0 |
| CVE-2016-10045 The isMail transport in PHPMailer before 5.2.20 might allow remote attackers to pass extra parameters to the mail command and consequently execute arbitrary code by leveraging improper interaction bet... | 9.8 | CRITICAL | β | 0 |
| CVE-2016-5771 spl_array.c in the SPL extension in PHP before 5.5.37 and 5.6.x before 5.6.23 improperly interacts with the unserialize implementation and garbage collection, which allows remote attackers to execute ... | 9.8 | CRITICAL | β | 0 |
| CVE-2016-10160 Off-by-one error in the phar_parse_pharfile function in ext/phar/phar.c in PHP before 5.6.30 and 7.0.x before 7.0.15 allows remote attackers to cause a denial of service (memory corruption) or possibl... | 9.8 | CRITICAL | β | 0 |
| CVE-2020-13880 IrfanView B3D PlugIns before version 4.56 has a B3d.dll!+1cbf heap-based out-of-bounds write. | 9.8 | CRITICAL | β | 0 |
| CVE-2023-31654 Redis raft master-1b8bd86 to master-7b46079 was discovered to contain an ODR violation via the component hiredisAllocFns at /opt/fs/redisraft/deps/hiredis/alloc.c. | 9.8 | CRITICAL | β | 0 |
| CVE-2021-42142 An issue was discovered in Contiki-NG tinyDTLS through master branch 53a0d97. DTLS servers mishandle the early use of a large epoch number. This vulnerability allows remote attackers to cause a denial... | 9.8 | CRITICAL | β | 0 |
| CVE-2024-0808 Integer underflow in WebUI in Google Chrome prior to 121.0.6167.85 allowed a remote attacker to potentially exploit heap corruption via a malicious file. (Chromium security severity: High) | 9.8 | CRITICAL | β | 0 |
| CVE-2023-44077 Studio Network Solutions ShareBrowser before 7.0 on macOS mishandles signature verification, aka PMP-2636. | 9.8 | CRITICAL | β | 0 |
| CVE-2024-27447 pretix before 2024.1.1 mishandles file validation. | 9.8 | CRITICAL | β | 0 |
| CVE-2024-31673 Kliqqi-CMS 2.0.2 is vulnerable to SQL Injection in load_data.php via the userid parameter. | 9.8 | CRITICAL | β | 0 |
| CVE-2024-32370 An issue in HSC Cybersecurity HC Mailinspector 5.2.17-3 through 5.2.18 allows a remote attacker to obtain sensitive information via a crafted payload to the id parameter in the mliSystemUsers.php comp... | 9.8 | CRITICAL | β | 0 |
| CVE-2023-6623 The Essential Blocks WordPress plugin before 4.4.3 does not prevent unauthenticated attackers from overwriting local variables when rendering templates over the REST API, which may lead to Local File ... | 9.8 | CRITICAL | β | 0 |
| CVE-2025-22968 An issue in D-Link DWR-M972V 1.05SSG allows a remote attacker to execute arbitrary code via SSH using root account without restrictions | 9.8 | CRITICAL | β | 0 |
| CVE-2024-35374 Mocodo Mocodo Online 4.2.6 and below does not properly sanitize the sql_case input field in /web/generate.php, allowing remote attackers to execute arbitrary commands and potentially command injection... | 9.8 | CRITICAL | β | 0 |
| CVE-2024-22638 liveSite v2019.1 was discovered to contain a remote code execution (RCE) vulenrabiity via the component /livesite/edit_designer_region.php or /livesite/add_email_campaign.php. | 9.8 | CRITICAL | β | 0 |
| CVE-2023-6049 The Estatik Real Estate Plugin WordPress plugin before 4.1.1 unserializes user input via some of its cookies, which could allow unauthenticated users to perform PHP Object Injection when a suitable ga... | 9.8 | CRITICAL | β | 0 |
| CVE-2022-23088 The 802.11 beacon handling routine failed to validate the length of an IEEE 802.11s Mesh ID before copying it to a heap-allocated buffer. While a FreeBSD Wi-Fi client is in scanning mode (i.e., not a... | 9.8 | CRITICAL | β | 0 |
| CVE-2024-28441 File Upload vulnerability in magicflue v.7.0 and before allows a remote attacker to execute arbitrary code via a crafted request to the messageid parameter of the mail/mailupdate.jsp endpoint. | 9.8 | CRITICAL | β | 0 |
| CVE-2024-29858 In MISP before 2.4.187, __uploadLogo in app/Controller/OrganisationsController.php does not properly check for a valid logo upload. | 9.8 | CRITICAL | β | 0 |
| CVE-2023-46226 Remote Code Execution vulnerability in Apache IoTDB.This issue affects Apache IoTDB: from 1.0.0 through 1.2.2. Users are recommended to upgrade to version 1.3.0, which fixes the issue. | 9.8 | CRITICAL | β | 0 |
| CVE-2024-35373 Mocodo Mocodo Online 4.2.6 and below is vulnerable to Remote Code Execution via /web/rewrite.php. | 9.8 | CRITICAL | β | 0 |
| CVE-2024-57684 An access control issue in the component formDMZ.cgi of D-Link 816A2_FWv1.10CNB05_R1B011D88210 allows unauthenticated attackers to set the DMZ service of the device via a crafted POST request. | 9.8 | CRITICAL | β | 0 |
| CVE-2024-20082 In Modem, there is a possible memory corruption due to a missing bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed f... | 9.8 | CRITICAL | β | 0 |
| CVE-2024-25722 qanything_kernel/connector/database/mysql/mysql_client.py in qanything.ai QAnything before 1.2.0 allows SQL Injection. | 9.8 | CRITICAL | β | 0 |
| CVE-2024-35324 Douchat 4.0.5 suffers from an arbitrary file upload vulnerability via Public/Plugins/webuploader/server/preview.php. | 9.8 | CRITICAL | β | 0 |
| CVE-2024-42637 H3C R3010 v100R002L02 was discovered to contain a hardcoded password vulnerability in /etc/shadow, which allows attackers to log in as root. | 9.8 | CRITICAL | β | 0 |
| CVE-2024-42639 H3C GR1100-P v100R009 was discovered to use a hardcoded password in /etc/shadow, which allows attackers to log in as root. | 9.8 | CRITICAL | β | 0 |
| CVE-2024-3701 The system application (com.transsion.kolun.aiservice) component does not perform an authentication check, which allows attackers to perform malicious exploitations and affect system services. | 9.8 | CRITICAL | β | 0 |
| CVE-2024-27438 Download of Code Without Integrity Check vulnerability in Apache Doris. The jdbc driver files used for JDBC catalog is not checked and mayΒ resulting in remote command execution. Once the attacker is a... | 9.8 | CRITICAL | β | 0 |
| CVE-2024-23086 Apfloat v1.10.1 was discovered to contain a stack overflow via the component org.apfloat.internal.DoubleModMath::modPow(double. NOTE: this is disputed by multiple third parties who believe there was n... | 9.8 | CRITICAL | β | 0 |
| CVE-2023-49262 The authentication mechanism can be bypassed by overflowing the value of the Cookie "authentication" field, provided there is an active user session. | 9.8 | CRITICAL | β | 0 |
| CVE-2023-38317 An issue was discovered in OpenNDS before 10.1.3. It fails to sanitize the network interface name entry in the configuration file, allowing attackers that have direct or indirect access to this file t... | 9.8 | CRITICAL | β | 0 |
| CVE-2023-38318 An issue was discovered in OpenNDS before 10.1.3. It fails to sanitize the gateway FQDN entry in the configuration file, allowing attackers that have direct or indirect access to this file to execute ... | 9.8 | CRITICAL | β | 0 |
| CVE-2023-49255 The router console is accessible without authentication at "data" field, and while a user needs to be logged in in order to modify the configuration, the session state is shared. If any other user is ... | 9.8 | CRITICAL | β | 0 |
| CVE-2023-49253 Root user password is hardcoded into the device and cannot be changed in the user interface. | 9.8 | CRITICAL | β | 0 |
This product uses data from the NVD API but is not endorsed or certified by the NVD.