Vulnerabilidades CVE
Base de datos de vulnerabilidades CVE enriquecida con datos de CISA KEV y NVD
| CVE ID | CVSS | Severidad | KEV | Avistamientos |
|---|---|---|---|---|
| CVE-2023-36328 Integer Overflow vulnerability in mp_grow in libtom libtommath before commit beba892bc0d4e4ded4d667ab1d2a94f4d75109a9, allows attackers to execute arbitrary code and cause a denial of service (DoS). | 9.8 | CRITICAL | β | 0 |
| CVE-2024-37759 DataGear v5.0.0 and earlier was discovered to contain a SpEL (Spring Expression Language) expression injection vulnerability via the Data Viewing interface. | 9.8 | CRITICAL | β | 0 |
| CVE-2024-11286 The WP JobHunt plugin for WordPress is vulnerable to authentication bypass in all versions up to, and including, 7.1. This is due to the plugin not properly verifying a user's identity prior to authen... | 9.8 | CRITICAL | β | 0 |
| CVE-2024-11285 The WP JobHunt plugin for WordPress is vulnerable to privilege escalation via account takeover in all versions up to, and including, 7.1. This is due to the plugin not properly validating a user's ide... | 9.8 | CRITICAL | β | 0 |
| CVE-2024-11284 The WP JobHunt plugin for WordPress is vulnerable to privilege escalation via account takeover in all versions up to, and including, 6.9. This is due to the plugin not properly validating a user's ide... | 9.8 | CRITICAL | β | 0 |
| CVE-2023-47253 Qualitor through 8.20 allows remote attackers to execute arbitrary code via PHP code in the html/ad/adpesquisasql/request/processVariavel.php gridValoresPopHidden parameter. | 9.8 | CRITICAL | β | 0 |
| CVE-2025-25568 SoftEtherVPN 5.02.5187 is vulnerable to Use after Free in the Command.c file via the CheckNetworkAcceptThread function. NOTE: the Supplier disputes this because the use-after-free is not in the VPN so... | 9.8 | CRITICAL | β | 0 |
| CVE-2025-25565 SoftEther VPN 5.02.5187 is vulnerable to Buffer Overflow in the Command.c file via the PtMakeCert and PtMakeCert2048 functions. NOTE: the Supplier disputes this because the behavior only allows a user... | 9.8 | CRITICAL | β | 0 |
| CVE-2024-27444 langchain_experimental (aka LangChain Experimental) in LangChain before 0.1.8 allows an attacker to bypass the CVE-2023-44467 fix and execute arbitrary code via the __import__, __subclasses__, __built... | 9.8 | CRITICAL | β | 0 |
| CVE-2024-39243 An issue discovered in skycaiji 2.8 allows attackers to run arbitrary code via crafted POST request to /index.php?s=/admin/develop/editor_save. | 9.8 | CRITICAL | β | 0 |
| CVE-2024-24401 SQL Injection vulnerability in Nagios XI 2024R1.01 allows a remote attacker to execute arbitrary code via a crafted payload to the monitoringwizard.php component. | 9.8 | CRITICAL | β | 0 |
| CVE-2024-35373 Mocodo Mocodo Online 4.2.6 and below is vulnerable to Remote Code Execution via /web/rewrite.php. | 9.8 | CRITICAL | β | 0 |
| CVE-2024-20078 In venc, there is a possible out of bounds write due to type confusion. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exp... | 9.8 | CRITICAL | β | 0 |
| CVE-2024-20080 In gnss service, there is a possible escalation of privilege due to improper certificate validation. This could lead to remote escalation of privilege with no additional execution privileges needed. U... | 9.8 | CRITICAL | β | 0 |
| CVE-2023-41313 The authentication method in Apache Doris versions before 2.0.0 was vulnerable to timing attacks. Users are recommended to upgrade to version 2.0.0 + or 1.2.8, which fixes this issue. | 9.8 | CRITICAL | β | 0 |
| CVE-2024-28288 Ruijie RG-NBR700GW 10.3(4b12) router lacks cookie verification when resetting the password, resulting in an administrator password reset vulnerability. An attacker can use this vulnerability to log in... | 9.8 | CRITICAL | β | 0 |
| CVE-2024-24724 Gibbon through 26.0.00 allows /modules/School%20Admin/messengerSettings.php Server Side Template Injection leading to Remote Code Execution because input is passed to the Twig template engine (messeng... | 9.8 | CRITICAL | β | 0 |
| CVE-2024-36526 ZKTeco ZKBio CVSecurity v6.1.1 was discovered to contain a hardcoded cryptographic key. | 9.8 | CRITICAL | β | 0 |
| CVE-2024-23486 Plaintext storage of a password issue exists in BUFFALO wireless LAN routers, which may allow a network-adjacent unauthenticated attacker with access to the product's login page may obtain configured ... | 9.8 | CRITICAL | β | 0 |
| CVE-2024-28056 Amazon AWS Amplify CLI before 12.10.1 incorrectly configures the role trust policy of IAM roles associated with Amplify projects. When the Authentication component is removed from an Amplify project, ... | 9.8 | CRITICAL | β | 0 |
| CVE-2025-32814 An issue was discovered in Infoblox NETMRI before 7.6.1. Unauthenticated SQL Injection can occur. | 9.8 | CRITICAL | β | 0 |
| CVE-2024-1601 An SQL injection vulnerability exists in the `delete_discussion()` function of the parisneo/lollms-webui application, allowing an attacker to delete all discussions and message data. The vulnerability... | 9.8 | CRITICAL | β | 0 |
| CVE-2007-0681 profile.php in ExtCalendar 2 and earlier allows remote attackers to change the passwords of arbitrary users without providing the original password, and possibly perform other unauthorized actions, vi... | 9.8 | CRITICAL | β | 0 |
| CVE-2007-1383 Integer overflow in the 16 bit variable reference counter in PHP 4 allows context-dependent attackers to execute arbitrary code by overflowing this counter, which causes the same variable to be destro... | 9.8 | CRITICAL | β | 0 |
| CVE-2006-7105 PHP remote file inclusion vulnerability in libs/Smarty.class.php in Smarty 2.6.9 allows remote attackers to execute arbitrary PHP code via a URL in the filename parameter. NOTE: in the original discl... | 9.8 | CRITICAL | β | 0 |
| CVE-2006-7079 Variable extraction vulnerability in include/common.php in exV2 2.0.4.3 and earlier allows remote attackers to overwrite arbitrary program variables and conduct directory traversal attacks to execute ... | 9.8 | CRITICAL | β | 0 |
| CVE-2006-6975 PHP remote file inclusion vulnerability in centipaid_class.php in CentiPaid 1.4.3 allows remote attackers to execute arbitrary code via a URL in the class_pwd parameter. NOTE: this issue has been dis... | 9.8 | CRITICAL | β | 0 |
| CVE-2022-26871 An arbitrary file upload vulnerability in Trend Micro Apex Central could allow an unauthenticated remote attacker to upload an arbitrary file which could lead to remote code execution. | 9.8 | CRITICAL | KEV | 0 |
| CVE-2022-45047 Class org.apache.sshd.server.keyprovider.SimpleGeneratorHostKeyProvider in Apache MINA SSHD <= 2.9.1 uses Java deserialization to load a serialized java.security.PrivateKey. The class is one of severa... | 9.8 | CRITICAL | β | 0 |
| CVE-2024-42765 A SQL injection vulnerability in "/login.php" of the Kashipara Bus Ticket Reservation System v1.0 allows remote attackers to execute arbitrary SQL commands and bypass Login via the "email" or "passwor... | 9.8 | CRITICAL | β | 0 |
| CVE-2020-3161 A vulnerability in the web server for Cisco IP Phones could allow an unauthenticated, remote attacker to execute code with root privileges or cause a reload of an affected IP phone, resulting in a den... | 9.8 | CRITICAL | KEV | 0 |
| CVE-2008-1160 ZyXEL ZyWALL 1050 has a hard-coded password for the Quagga and Zebra processes that is not changed when it is set by a user, which allows remote attackers to gain privileges. | 9.8 | CRITICAL | β | 0 |
| CVE-2022-44877 login/index.php in CWP (aka Control Web Panel or CentOS Web Panel) 7 before 0.9.8.1147 allows remote attackers to execute arbitrary OS commands via shell metacharacters in the login parameter. | 9.8 | CRITICAL | KEV | 0 |
| CVE-2019-7238 Sonatype Nexus Repository Manager before 3.15.0 has Incorrect Access Control. | 9.8 | CRITICAL | KEV | 0 |
| CVE-2022-40293 The application was vulnerable to a session fixation that could be used hijack accounts. | 9.8 | CRITICAL | β | 0 |
| CVE-2026-40504 Creolabs Gravity before 0.9.6 contains a heap buffer overflow vulnerability in the gravity_vm_exec function that allows attackers to write out-of-bounds memory by crafting scripts with many string lit... | 9.8 | CRITICAL | β | 0 |
| CVE-2016-10033 The mailSend function in the isMail transport in PHPMailer before 5.2.18 might allow remote attackers to pass extra parameters to the mail command and consequently execute arbitrary code via a \" (bac... | 9.8 | CRITICAL | KEV | 0 |
| CVE-2023-29492 Novi Survey before 8.9.43676 allows remote attackers to execute arbitrary code on the server in the context of the service account. This does not provide access to stored survey or response data. | 9.8 | CRITICAL | KEV | 0 |
| CVE-2026-37539 Buffer overflow vulnerability in cannelloni v2.0.0 in CAN frame parsing in parser.cpp in function parseCANFrame, and decoder.cpp in function decodeFrame allowing remote attackers to cause a denial of ... | 9.8 | CRITICAL | β | 0 |
| CVE-2020-6207 SAP Solution Manager (User Experience Monitoring), version- 7.2, due to Missing Authentication Check does not perform any authentication for a service resulting in complete compromise of all SMDAgents... | 9.8 | CRITICAL | KEV | 0 |
| CVE-2018-14933 upgrade_handle.php on NUUO NVRmini devices allows Remote Command Execution via shell metacharacters in the uploaddir parameter for a writeuploaddir command. | 9.8 | CRITICAL | KEV | 0 |
| CVE-2026-42473 Unsafe deserialization vulnerability in MixPHP Framework 2.x thru 2.2.17. The session and cache handlers use unserialize() on data from the filesystem in the FileHandler object. | 9.8 | CRITICAL | β | 0 |
| CVE-2022-40942 Tenda TX3 US_TX3V1.0br_V16.03.13.11 is vulnerable to stack overflow via compare_parentcontrol_time. | 9.8 | CRITICAL | β | 0 |
| CVE-2018-1000861 A code execution vulnerability exists in the Stapler web framework used by Jenkins 2.153 and earlier, LTS 2.138.3 and earlier in stapler/core/src/main/java/org/kohsuke/stapler/MetaClass.java that allo... | 9.8 | CRITICAL | KEV | 0 |
| CVE-2022-40929 XXL-JOB 2.2.0 has a Command execution vulnerability in background tasks. NOTE: this is disputed because the issues/4929 report is about an intended and supported use case (running arbitrary Bash scrip... | 9.8 | CRITICAL | β | 0 |
| CVE-2026-42484 A heap-based buffer overflow in hex_to_binary in the PKZIP hash parser in hashcat v7.1.2 allows an attacker to cause a denial of service or possibly execute arbitrary code via a crafted PKZIP hash fil... | 9.8 | CRITICAL | β | 0 |
| CVE-2026-37531 AGL app-framework-main thru 17.1.12 contains a Zip Slip path traversal vulnerability (CWE-22) combined with a TOCTOU race condition (CWE-367) in the widget installation flow. The is_valid_filename fun... | 9.8 | CRITICAL | β | 0 |
| CVE-2008-5038 Use-after-free vulnerability in the NetWare Core Protocol (NCP) feature in Novell eDirectory 8.7.3 SP10 before 8.7.3 SP10 FTF1 and 8.8 SP2 for Windows allows remote attackers to cause a denial of serv... | 9.8 | CRITICAL | β | 0 |
| CVE-2026-37534 Integer underflow vulnerability in Open-SAE-J1939 thru commit b6caf884df46435e539b1ecbf92b6c29b345bdfe (2025-11-30) in SAE_J1939_Read_Transport_Protocol_Data_Transfer,allows attackers to write to arbi... | 9.8 | CRITICAL | β | 0 |
| CVE-2020-5847 Unraid through 6.8.0 allows Remote Code Execution. | 9.8 | CRITICAL | KEV | 0 |
This product uses data from the NVD API but is not endorsed or certified by the NVD.