Vulnerabilidades CVE
Base de datos de vulnerabilidades CVE enriquecida con datos de CISA KEV y NVD
| CVE ID | CVSS | Severidad | KEV | Avistamientos |
|---|---|---|---|---|
| CVE-2025-12419 Mattermost versions 10.12.x <= 10.12.1, 10.11.x <= 10.11.4, 10.5.x <= 10.5.12, 11.0.x <= 11.0.3 fail to properly validate OAuth state tokens during OpenID Connect authentication which allows an authen... | 9.9 | CRITICAL | β | 0 |
| CVE-2026-30956 OneUptime is a solution for monitoring and managing online services. Prior to 10.0.21, a lowβprivileged user can bypass authorization and tenant isolation in OneUptime v10.0.20 and earlier by sending ... | 9.9 | CRITICAL | β | 0 |
| CVE-2024-9307 The mFolio Lite plugin for WordPress is vulnerable to file uploads due to a missing capability check in all versions up to, and including, 1.2.1. This makes it possible for authenticated attackers, wi... | 9.9 | CRITICAL | β | 0 |
| CVE-2025-49746 Improper authorization in Azure Machine Learning allows an authorized attacker to elevate privileges over a network. | 9.9 | CRITICAL | β | 0 |
| CVE-2023-20036 A vulnerability in the web UI of Cisco IND could allow an authenticated, remote attacker to execute arbitrary commands with administrative privileges on the underlying operating system of an affected ... | 9.9 | CRITICAL | β | 0 |
| CVE-2025-49747 Missing authorization in Azure Machine Learning allows an authorized attacker to elevate privileges over a network. | 9.9 | CRITICAL | β | 0 |
| CVE-2025-46157 An issue in EfroTech Time Trax v.1.0 allows a remote attacker to execute arbitrary code via the file attachment function in the leave request form | 9.9 | CRITICAL | β | 0 |
| CVE-2025-40585 A vulnerability has been identified in Energy Services (All versions with G5DFR). Affected solutions using G5DFR contain default credentials. This could allow an attacker to gain control of G5DFR comp... | 9.9 | CRITICAL | β | 0 |
| CVE-2025-3498 An unauthenticated user with management network access can get and modify the Radiflow iSAP Smart Collector (CentOS 7 - VSAP 1.20) configuration. The device has two web servers that expose unauthent... | 9.9 | CRITICAL | β | 0 |
| CVE-2025-46093 LiquidFiles before 4.1.2 supports FTP SITE CHMOD for mode 6777 (setuid and setgid), which allows FTPDrop users to execute arbitrary code as root by leveraging the Actionscript feature and the sudoers ... | 9.9 | CRITICAL | β | 0 |
| CVE-2024-32514 Unrestricted Upload of File with Dangerous Type vulnerability in Poll Maker & Voting Plugin Team (InfoTheme) WP Poll Maker.This issue affects WP Poll Maker: from n/a through 3.4. | 9.9 | CRITICAL | β | 0 |
| CVE-2025-67164 An authenticated arbitrary file upload vulnerability in the /storage/poc.php component of Pagekit CMS v1.0.18 allows attackers to execute arbitrary code via uploading a crafted PHP file. | 9.9 | CRITICAL | β | 0 |
| CVE-2025-21556 Vulnerability in the Oracle Agile PLM Framework product of Oracle Supply Chain (component: Agile Integration Services). The supported version that is affected is 9.3.6. Easily exploitable vulnerabil... | 9.9 | CRITICAL | β | 0 |
| CVE-2023-45162 Affected 1E Platform versions have a Blind SQL Injection vulnerability that can lead to arbitrary code execution.Β Application of the relevant hotfix remediates this issue. for v8.1.2 apply hotfix Q... | 9.9 | CRITICAL | β | 0 |
| CVE-2025-29972 Server-side request forgery (ssrf) in Azure Storage Resource Provider allows an authorized attacker to perform spoofing over a network. | 9.9 | CRITICAL | β | 0 |
| CVE-2024-46986 Camaleon CMS is a dynamic and advanced content management system based on Ruby on Rails. An arbitrary file write vulnerability accessible via the upload method of the MediaController allows authentica... | 9.9 | CRITICAL | β | 0 |
| CVE-2025-68613 n8n is an open source workflow automation platform. Versions starting with 0.211.0 and prior to 1.120.4, 1.121.1, and 1.122.0 contain a critical Remote Code Execution (RCE) vulnerability in their work... | 9.9 | CRITICAL | KEV | 0 |
| CVE-2017-16278 Multiple exploitable buffer overflow vulnerabilities exist in the PubNub message handler for the "cc" channel of Insteon Hub running firmware version 1012. Specially crafted commands sent through the ... | 9.9 | CRITICAL | β | 0 |
| CVE-2017-16274 Multiple exploitable buffer overflow vulnerabilities exist in the PubNub message handler for the "cc" channel of Insteon Hub running firmware version 1012. Specially crafted commands sent through the ... | 9.9 | CRITICAL | β | 0 |
| CVE-2017-16289 Multiple exploitable buffer overflow vulnerabilities exist in the PubNub message handler for the "cc" channel of Insteon Hub running firmware version 1012. Specially crafted commands sent through the ... | 9.9 | CRITICAL | β | 0 |
| CVE-2026-24304 Improper access control in Azure Resource Manager allows an authorized attacker to elevate privileges over a network. | 9.9 | CRITICAL | β | 0 |
| CVE-2017-16271 Multiple exploitable buffer overflow vulnerabilities exist in the PubNub message handler for the "cc" channel of Insteon Hub running firmware version 1012. Specially crafted commands sent through the ... | 9.9 | CRITICAL | β | 0 |
| CVE-2017-16290 Multiple exploitable buffer overflow vulnerabilities exist in the PubNub message handler for the "cc" channel of Insteon Hub running firmware version 1012. Specially crafted commands sent through the ... | 9.9 | CRITICAL | β | 0 |
| CVE-2026-22797 An issue was discovered in OpenStack keystonemiddleware 10.5 through 10.7 before 10.7.2, 10.8 and 10.9 before 10.9.1, and 10.10 through 10.12 before 10.12.1. The external_oauth2_token middleware fails... | 9.9 | CRITICAL | β | 0 |
| CVE-2024-37906 Admidio is a free, open source user management system for websites of organizations and groups. In Admidio before version 4.3.9, there is an SQL Injection in the `/adm_program/modules/ecards/ecard_sen... | 9.9 | CRITICAL | β | 0 |
| CVE-2022-23603 iTunesRPC-Remastered is a discord rich presence application for use with iTunes & Apple Music. In code before commit 24f43aa user input is not properly sanitized and code injection is possible. Users ... | 9.9 | CRITICAL | β | 0 |
| CVE-2022-34827 Carel Boss Mini 1.5.0 has Improper Access Control. | 9.9 | CRITICAL | β | 0 |
| CVE-2024-25909 Unrestricted Upload of File with Dangerous Type vulnerability in JoomUnited WP Media folder.This issue affects WP Media folder: from n/a through 5.7.2. | 9.9 | CRITICAL | β | 0 |
| CVE-2025-0471 Unrestricted file upload vulnerability in the PMB platform, affecting versions 4.0.10 and above. This vulnerability could allow an attacker to upload a file to gain remote access to the machine, being... | 9.9 | CRITICAL | β | 0 |
| CVE-2025-2605 Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability in Honeywell MB-Secure allows Privilege Abuse. This issue affects MB-Secure: from V11.04 before... | 9.9 | CRITICAL | β | 0 |
| CVE-2024-20253 A vulnerability in multiple Cisco Unified Communications and Contact Center Solutions products could allow an unauthenticated, remote attacker to execute arbitrary code on an affected device. This vul... | 9.9 | CRITICAL | β | 0 |
| CVE-2023-3342 The User Registration plugin for WordPress is vulnerable to arbitrary file uploads due to a hardcoded encryption key and missing file type validation on the 'ur_upload_profile_pic' function in version... | 9.9 | CRITICAL | β | 0 |
| CVE-2025-49013 WilderForge is a Wildermyth coremodding API. A critical vulnerability has been identified in multiple projects across the WilderForge organization. The issue arises from unsafe usage of `${{ github.ev... | 9.9 | CRITICAL | β | 0 |
| CVE-2023-40714 A relative path traversal in Fortinet FortiSIEM versions 7.0.0, 6.7.0 through 6.7.2, 6.6.0 through 6.6.3, 6.5.1, 6.5.0 allows attacker to escalate privilege via uploading certain GUI elements | 9.9 | CRITICAL | β | 0 |
| CVE-2025-4981 Mattermost versions 10.5.x <= 10.5.5, 9.11.x <= 9.11.15, 10.8.x <= 10.8.0, 10.7.x <= 10.7.2, 10.6.x <= 10.6.5 fail to sanitize filenames in the archive extractor which allows authenticated users to wr... | 9.9 | CRITICAL | β | 0 |
| CVE-2025-26892 Unrestricted Upload of File with Dangerous Type vulnerability in dkszone Celestial Aura allows Using Malicious Files.This issue affects Celestial Aura: from n/a through 2.2. | 9.9 | CRITICAL | β | 0 |
| CVE-2024-29202 JumpServer is an open source bastion host and an operation and maintenance security audit system. Attackers can exploit a Jinja2 template injection vulnerability in JumpServer's Ansible to execute arb... | 9.9 | CRITICAL | β | 0 |
| CVE-2023-25765 In Jenkins Email Extension Plugin 2.93 and earlier, templates defined inside a folder were not subject to Script Security protection, allowing attackers able to define email templates in folders to by... | 9.9 | CRITICAL | β | 0 |
| CVE-2025-20051 Mattermost versions 10.4.x <= 10.4.1, 9.11.x <= 9.11.7, 10.3.x <= 10.3.2, 10.2.x <= 10.2.2 fail to properly validate input when patching and duplicating a board, which allows a user to read any arbitr... | 9.9 | CRITICAL | β | 0 |
| CVE-2024-30500 Unrestricted Upload of File with Dangerous Type vulnerability in CubeWP CubeWP β All-in-One Dynamic Content Framework.This issue affects CubeWP β All-in-One Dynamic Content Framework: from n/a through... | 9.9 | CRITICAL | β | 0 |
| CVE-2025-42922 SAP NetWeaver AS Java allows an attacker authenticated as a non-administrative user to use a flaw in an available service to upload an arbitrary file. This file when executed can lead to a full compro... | 9.9 | CRITICAL | β | 0 |
| CVE-2017-16307 Multiple exploitable buffer overflow vulnerabilities exist in the PubNub message handler for the "cc" channel of Insteon Hub running firmware version 1012. Specially crafted commands sent through the ... | 9.9 | CRITICAL | β | 0 |
| CVE-2026-21708 A vulnerability allowing a Backup Viewer to perform remote code execution (RCE) as the postgres user. | 9.9 | CRITICAL | β | 0 |
| CVE-2024-56404 In One Identity Identity Manager 9.x before 9.3, an insecure direct object reference (IDOR) vulnerability allows privilege escalation. Only On-Premise installations are affected. | 9.9 | CRITICAL | β | 0 |
| CVE-2026-39888 PraisonAI is a multi-agent teams system. Prior to 1.5.115, execute_code() in praisonaiagents.tools.python_tools defaults to sandbox_mode="sandbox", which runs user code in a subprocess wrapped with a ... | 9.9 | CRITICAL | β | 0 |
| CVE-2024-25693 There is a path traversal in Esri Portal for ArcGIS versions <= 11.2. Successful exploitation may allow a remote, authenticated attacker to traverse the file system to access files or execute code ou... | 9.9 | CRITICAL | β | 0 |
| CVE-2026-29789 Vito is a self-hosted web application that helps manage servers and deploy PHP applications into production servers. Prior to version 3.20.3, a missing authorization check in workflow site-creation ac... | 9.9 | CRITICAL | β | 0 |
| CVE-2022-43684 ServiceNow has released patches and an upgrade that address an Access Control List (ACL) bypass issue in ServiceNow Core functionality. Additional Details This issue is present in the following su... | 9.9 | CRITICAL | β | 0 |
| CVE-2026-39355 Genealogy is a family tree PHP application. Prior to 5.9.1, a critical broken access control vulnerability in the genealogy application allows any authenticated user to transfer ownership of arbitrary... | 9.9 | CRITICAL | β | 0 |
| CVE-2026-27495 n8n is an open source workflow automation platform. Prior to versions 2.10.1, 2.9.3, and 1.123.22, an authenticated user with permission to create or modify workflows could exploit a vulnerability in ... | 9.9 | CRITICAL | β | 0 |
This product uses data from the NVD API but is not endorsed or certified by the NVD.