Vulnerabilidades CVE
Base de datos de vulnerabilidades CVE enriquecida con datos de CISA KEV y NVD
| CVE ID | CVSS | Severidad | KEV | Avistamientos |
|---|---|---|---|---|
| CVE-2019-18387 Sourcecodester Hotel and Lodge Management System 1.0 is vulnerable to unauthenticated SQL injection and can allow remote attackers to execute arbitrary SQL commands via the id parameter to the edit pa... | 9.8 | CRITICAL | β | 0 |
| CVE-2019-1373 A remote code execution vulnerability exists in Microsoft Exchange through the deserialization of metadata via PowerShell, aka 'Microsoft Exchange Remote Code Execution Vulnerability'. | 9.8 | CRITICAL | β | 0 |
| CVE-2019-8044 Adobe Acrobat and Reader versions 2019.012.20035 and earlier, 2019.012.20035 and earlier, 2017.011.30142 and earlier, 2017.011.30143 and earlier, 2015.006.30497 and earlier, and 2015.006.30498 and ear... | 9.8 | CRITICAL | β | 0 |
| CVE-2019-12719 An issue was discovered in Picture_Manage_mvc.aspx in AUO SunVeillance Monitoring System before v1.1.9e. There is an incorrect access control vulnerability that can allow an unauthenticated user to up... | 9.8 | CRITICAL | β | 0 |
| CVE-2013-2159 Monkey HTTP Daemon: broken user name authentication | 9.8 | CRITICAL | β | 0 |
| CVE-2019-18925 Systematic IRIS WebForms 5.4 and its functionalities can be accessed and used without any form of authentication. | 9.8 | CRITICAL | β | 0 |
| CVE-2019-18655 File Sharing Wizard version 1.5.0 build 2008 is affected by a Structured Exception Handler based buffer overflow vulnerability. An unauthenticated attacker is able to perform remote command execution ... | 9.8 | CRITICAL | β | 0 |
| CVE-2019-12262 Wind River VxWorks 6.6, 6.7, 6.8, 6.9 and 7 has Incorrect Access Control in the RARP client component. IPNET security vulnerability: Handling of unsolicited Reverse ARP replies (Logical Flaw). | 9.8 | CRITICAL | β | 0 |
| CVE-2019-8042 Adobe Acrobat and Reader versions 2019.012.20035 and earlier, 2019.012.20035 and earlier, 2017.011.30142 and earlier, 2017.011.30143 and earlier, 2015.006.30497 and earlier, and 2015.006.30498 and ear... | 9.8 | CRITICAL | β | 0 |
| CVE-2019-18658 In Helm 2.x before 2.15.2, commands that deal with loading a chart as a directory or packaging a chart provide an opportunity for a maliciously designed chart to include sensitive content such as /etc... | 9.8 | CRITICAL | β | 0 |
| CVE-2011-2936 Elgg through 1.7.10 has a SQL injection vulnerability | 9.8 | CRITICAL | β | 0 |
| CVE-2011-2897 gdk-pixbuf through 2.31.1 has GIF loader buffer overflow when initializing decompression tables due to an input validation flaw | 9.8 | CRITICAL | β | 0 |
| CVE-2019-8041 Adobe Acrobat and Reader versions 2019.012.20035 and earlier, 2019.012.20035 and earlier, 2017.011.30142 and earlier, 2017.011.30143 and earlier, 2015.006.30497 and earlier, and 2015.006.30498 and ear... | 9.8 | CRITICAL | β | 0 |
| CVE-2019-18852 Certain D-Link devices have a hardcoded Alphanetworks user account with TELNET access because of /etc/config/image_sign or /etc/alpha_config/image_sign. This affects DIR-600 B1 V2.01 for WW, DIR-890L ... | 9.8 | CRITICAL | β | 0 |
| CVE-2019-15052 The HTTP client in Gradle before 5.6 sends authentication credentials originally destined for the configured host. If that host returns a 30x redirect, Gradle also sends those credentials to all subse... | 9.8 | CRITICAL | β | 0 |
| CVE-2019-8036 Adobe Acrobat and Reader versions 2019.012.20035 and earlier, 2019.012.20035 and earlier, 2017.011.30142 and earlier, 2017.011.30143 and earlier, 2015.006.30497 and earlier, and 2015.006.30498 and ear... | 9.8 | CRITICAL | β | 0 |
| CVE-2013-2166 python-keystoneclient version 0.2.3 to 0.2.5 has middleware memcache encryption bypass | 9.8 | CRITICAL | β | 0 |
| CVE-2019-8031 Adobe Acrobat and Reader versions 2019.012.20035 and earlier, 2019.012.20035 and earlier, 2017.011.30142 and earlier, 2017.011.30143 and earlier, 2015.006.30497 and earlier, and 2015.006.30498 and ear... | 9.8 | CRITICAL | β | 0 |
| CVE-2019-8030 Adobe Acrobat and Reader versions 2019.012.20035 and earlier, 2019.012.20035 and earlier, 2017.011.30142 and earlier, 2017.011.30143 and earlier, 2015.006.30497 and earlier, and 2015.006.30498 and ear... | 9.8 | CRITICAL | β | 0 |
| CVE-2019-7965 Adobe Acrobat and Reader versions 2019.012.20035 and earlier, 2019.012.20035 and earlier, 2017.011.30142 and earlier, 2017.011.30143 and earlier, 2015.006.30497 and earlier, and 2015.006.30498 and ear... | 9.8 | CRITICAL | β | 0 |
| CVE-2019-8214 Adobe Acrobat and Reader versions , 2019.012.20040 and earlier, 2017.011.30148 and earlier, 2017.011.30148 and earlier, 2015.006.30503 and earlier, and 2015.006.30503 and earlier have an use after fre... | 9.8 | CRITICAL | β | 0 |
| CVE-2019-8029 Adobe Acrobat and Reader versions 2019.012.20035 and earlier, 2019.012.20035 and earlier, 2017.011.30142 and earlier, 2017.011.30143 and earlier, 2015.006.30497 and earlier, and 2015.006.30498 and ear... | 9.8 | CRITICAL | β | 0 |
| CVE-2019-8003 Adobe Acrobat and Reader versions 2019.012.20035 and earlier, 2019.012.20035 and earlier, 2017.011.30142 and earlier, 2017.011.30143 and earlier, 2015.006.30497 and earlier, and 2015.006.30498 and ear... | 9.8 | CRITICAL | β | 0 |
| CVE-2019-16700 The slub_events (aka SLUB: Event Registration) extension through 3.0.2 for TYPO3 allows uploading of arbitrary files to the webserver. For versions 1.2.2 and below, this results in Remote Code Executi... | 9.8 | CRITICAL | β | 0 |
| CVE-2019-15260 A vulnerability in Cisco Aironet Access Points (APs) Software could allow an unauthenticated, remote attacker to gain unauthorized access to a targeted device with elevated privileges. The vulnerabili... | 9.8 | CRITICAL | β | 0 |
| CVE-2019-8006 Adobe Acrobat and Reader versions 2019.012.20035 and earlier, 2019.012.20035 and earlier, 2017.011.30142 and earlier, 2017.011.30143 and earlier, 2015.006.30497 and earlier, and 2015.006.30498 and ear... | 9.8 | CRITICAL | β | 0 |
| CVE-2019-17270 Yachtcontrol through 2019-10-06: It's possible to perform direct Operating System commands as an unauthenticated user via the "/pages/systemcall.php?command={COMMAND}" page and parameter, where {COMMA... | 9.8 | CRITICAL | β | 0 |
| CVE-2019-8215 Adobe Acrobat and Reader versions , 2019.012.20040 and earlier, 2017.011.30148 and earlier, 2017.011.30148 and earlier, 2015.006.30503 and earlier, and 2015.006.30503 and earlier have an use after fre... | 9.8 | CRITICAL | β | 0 |
| CVE-2019-8009 Adobe Acrobat and Reader versions 2019.012.20035 and earlier, 2019.012.20035 and earlier, 2017.011.30142 and earlier, 2017.011.30143 and earlier, 2015.006.30497 and earlier, and 2015.006.30498 and ear... | 9.8 | CRITICAL | β | 0 |
| CVE-2012-1577 lib/libc/stdlib/random.c in OpenBSD returns 0 when seeded with 0. | 9.8 | CRITICAL | β | 0 |
| CVE-2019-4521 Platform System Manager in IBM Cloud Pak System 2.3 is potentially vulnerable to CVS Injection. A remote attacker could execute arbitrary commands on the system, caused by improper validation of csv f... | 9.8 | CRITICAL | β | 0 |
| CVE-2019-18394 A Server Side Request Forgery (SSRF) vulnerability in FaviconServlet.java in Ignite Realtime Openfire through 4.4.2 allows attackers to send arbitrary HTTP GET requests. | 9.8 | CRITICAL | β | 0 |
| CVE-2019-18671 Insufficient checks in the USB packet handling of the ShapeShift KeepKey hardware wallet before firmware 6.2.2 allow out-of-bounds writes in the .bss segment via crafted messages. The vulnerability co... | 9.8 | CRITICAL | β | 0 |
| CVE-2019-8015 Adobe Acrobat and Reader versions 2019.012.20035 and earlier, 2019.012.20035 and earlier, 2017.011.30142 and earlier, 2017.011.30143 and earlier, 2015.006.30497 and earlier, and 2015.006.30498 and ear... | 9.8 | CRITICAL | β | 0 |
| CVE-2019-8016 Adobe Acrobat and Reader versions 2019.012.20035 and earlier, 2019.012.20035 and earlier, 2017.011.30142 and earlier, 2017.011.30143 and earlier, 2015.006.30497 and earlier, and 2015.006.30498 and ear... | 9.8 | CRITICAL | β | 0 |
| CVE-2019-8017 Adobe Acrobat and Reader versions 2019.012.20035 and earlier, 2019.012.20035 and earlier, 2017.011.30142 and earlier, 2017.011.30143 and earlier, 2015.006.30497 and earlier, and 2015.006.30498 and ear... | 9.8 | CRITICAL | β | 0 |
| CVE-2019-8028 Adobe Acrobat and Reader versions 2019.012.20035 and earlier, 2019.012.20035 and earlier, 2017.011.30142 and earlier, 2017.011.30143 and earlier, 2015.006.30497 and earlier, and 2015.006.30498 and ear... | 9.8 | CRITICAL | β | 0 |
| CVE-2019-16674 An issue was discovered on Weidmueller IE-SW-VL05M 3.6.6 Build 16102415, IE-SW-VL08MT 3.5.2 Build 16102415, and IE-SW-PL10M 3.3.16 Build 16102416 devices. Authentication Information used in a cookie i... | 9.8 | CRITICAL | β | 0 |
| CVE-2018-7282 The username parameter of the TITool PrintMonitor solution during the login request is vulnerable to and/or time-based blind SQLi. | 9.8 | CRITICAL | β | 0 |
| CVE-2013-2167 python-keystoneclient version 0.2.3 to 0.2.5 has middleware memcache signing bypass | 9.8 | CRITICAL | β | 0 |
| CVE-2019-8022 Adobe Acrobat and Reader versions 2019.012.20035 and earlier, 2019.012.20035 and earlier, 2017.011.30142 and earlier, 2017.011.30143 and earlier, 2015.006.30497 and earlier, and 2015.006.30498 and ear... | 9.8 | CRITICAL | β | 0 |
| CVE-2019-8023 Adobe Acrobat and Reader versions 2019.012.20035 and earlier, 2019.012.20035 and earlier, 2017.011.30142 and earlier, 2017.011.30143 and earlier, 2015.006.30497 and earlier, and 2015.006.30498 and ear... | 9.8 | CRITICAL | β | 0 |
| CVE-2019-8024 Adobe Acrobat and Reader versions 2019.012.20035 and earlier, 2019.012.20035 and earlier, 2017.011.30142 and earlier, 2017.011.30143 and earlier, 2015.006.30497 and earlier, and 2015.006.30498 and ear... | 9.8 | CRITICAL | β | 0 |
| CVE-2019-8025 Adobe Acrobat and Reader versions 2019.012.20035 and earlier, 2019.012.20035 and earlier, 2017.011.30142 and earlier, 2017.011.30143 and earlier, 2015.006.30497 and earlier, and 2015.006.30498 and ear... | 9.8 | CRITICAL | β | 0 |
| CVE-2019-8026 Adobe Acrobat and Reader versions 2019.012.20035 and earlier, 2019.012.20035 and earlier, 2017.011.30142 and earlier, 2017.011.30143 and earlier, 2015.006.30497 and earlier, and 2015.006.30498 and ear... | 9.8 | CRITICAL | β | 0 |
| CVE-2019-5096 An exploitable code execution vulnerability exists in the processing of multi-part/form-data requests within the base GoAhead web server application in versions v5.0.1, v.4.1.1 and v3.6.5. A specially... | 9.8 | CRITICAL | β | 0 |
| CVE-2019-8195 Adobe Acrobat and Reader versions , 2019.012.20040 and earlier, 2017.011.30148 and earlier, 2017.011.30148 and earlier, 2015.006.30503 and earlier, and 2015.006.30503 and earlier have an untrusted poi... | 9.8 | CRITICAL | β | 0 |
| CVE-2019-8220 Adobe Acrobat and Reader versions, 2019.012.20040 and earlier, 2017.011.30148 and earlier, 2017.011.30148 and earlier, 2015.006.30503 and earlier, and 2015.006.30503 and earlier have an use after free... | 9.8 | CRITICAL | β | 0 |
| CVE-2019-8221 Adobe Acrobat and Reader versions , 2019.012.20040 and earlier, 2017.011.30148 and earlier, 2017.011.30148 and earlier, 2015.006.30503 and earlier, and 2015.006.30503 and earlier have an use after fre... | 9.8 | CRITICAL | β | 0 |
| CVE-2019-12017 A remote code execution vulnerability exists in MapR CLDB code, specifically in the JSON framework that is used in the CLDB code that handles login and ticket issuance. An attacker can use the 'class'... | 9.8 | CRITICAL | β | 0 |
This product uses data from the NVD API but is not endorsed or certified by the NVD.