Vulnerabilidades CVE
Base de datos de vulnerabilidades CVE enriquecida con datos de CISA KEV y NVD
| CVE ID | CVSS | Severidad | KEV | Avistamientos |
|---|---|---|---|---|
| CVE-2026-5437 An out-of-bounds read vulnerability exists in `DicomStreamReader` during DICOM meta-header parsing. When processing malformed metadata structures, the parser may read beyond the bounds of the allocate... | 7.5 | HIGH | β | 0 |
| CVE-2026-4116 Improper handling of Unicode encoding in SonicWall SMA1000 series appliances allows a remote authenticated SSLVPN user to bypass Workplace/Connect Tunnel TOTP authentication. | 7.2 | HIGH | β | 0 |
| CVE-2026-4114 Improper handling of Unicode encoding in SonicWall SMA1000 series appliances allows a remote authenticated SSLVPN admin to bypass AMC TOTP authentication. | N/A | NONE | β | 0 |
| CVE-2026-4113 An observable response discrepancy vulnerability in the SonicWall SMA1000 series appliances allows a remote attacker to enumerate SSL VPN user credentials. | 7.2 | HIGH | β | 0 |
| CVE-2026-4112 Improper neutralization of special elements used in an SQL command (βSQL Injectionβ) in SonicWall SMA1000 series appliances allows a remote authenticated attacker with read-only administrator privileg... | N/A | NONE | β | 0 |
| CVE-2026-34757 LIBPNG is a reference library for use in applications that read, create, and manipulate PNG (Portable Network Graphics) raster image files. From 1.0.9 to before 1.6.57, passing a pointer obtained from... | 5.1 | MEDIUM | β | 0 |
| CVE-2026-34578 OPNsense is a FreeBSD based firewall and routing platform. Prior to 26.1.6, OPNsense's LDAP authentication connector passes the login username directly into an LDAP search filter without calling ldap_... | 8.2 | HIGH | β | 0 |
| CVE-2025-70811 Cross Site Request Forgery vulnerability in Phpbb phbb3 v.3.3.15 allows a local attacker to execute arbitrary code via the Admin Control Panel icon management functionality. | 4.3 | MEDIUM | β | 0 |
| CVE-2025-70810 Cross Site Request Forgery vulnerability in Phpbb phbb3 v.3.3.15 allows a local attacker to execute arbitrary code via the login function and the authentication mechanism | 8.8 | HIGH | β | 0 |
| CVE-2025-62718 Axios is a promise based HTTP client for the browser and Node.js. Prior to 1.15.0 and 0.31.0, Axios does not correctly handle hostname normalization when checking NO_PROXY rules. Requests to loopback ... | 9.9 | CRITICAL | β | 0 |
| CVE-2025-50228 Jizhicms v2.5.4 is vulnerable to Server-Side Request Forgery (SSRF) in User Evaluation, Message, and Comment modules. | 9.1 | CRITICAL | β | 0 |
| CVE-2026-4660 HashiCorpβs go-getter library up to v1.8.5 may allow arbitrary file reads on the file system during certain git operations through a maliciously crafted URL. This vulnerability, CVE-2026-4660, is fixe... | 7.5 | HIGH | β | 0 |
| CVE-2025-45806 A cross-site scripting (XSS) vulnerability in rrweb-snapshot before v2.0.0-alpha.18 allows attackers to execute arbitrary web scripts or HTML via a crafted payload. | 6.1 | MEDIUM | β | 0 |
| CVE-2026-3005 The List category posts plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'catlist' shortcode in all versions up to, and including, 0.94.0 due to insufficient input sa... | 6.4 | MEDIUM | β | 0 |
| CVE-2026-2519 The Online Scheduling and Appointment Booking System β Bookly plugin for WordPress is vulnerable to price manipulation via the 'tips' parameter in all versions up to, and including, 27.0. This is due ... | 5.3 | MEDIUM | β | 0 |
| CVE-2026-24661 Mattermost Plugins versions <=2.1.3.0 fail to limit the request body size on the {{/changes}} webhook endpoint which allows an authenticated attacker to cause memory exhaustion and denial of service v... | 3.7 | LOW | β | 0 |
| CVE-2026-21388 Mattermost Plugins versions <=2.3.1 fail to limit the request body size on the {{/lifecycle}} webhook endpoint which allows an authenticated attacker to cause memory exhaustion and denial of service v... | 3.7 | LOW | β | 0 |
| CVE-2025-57735 When user logged out, the JWT token the user had authtenticated with was not invalidated, which could lead to reuse of that token in case it was intercepted. In Airflow 3.2 we implemented the mechanis... | 9.1 | CRITICAL | β | 0 |
| CVE-2024-1490 An authenticated remote attacker with high privileges can exploit the OpenVPN configuration via the web-based management interface of a WAGO PLC. If user-defined scripts are permitted, OpenVPN may all... | 7.2 | HIGH | β | 0 |
| CVE-2026-4901 Hydrosystem Control System saves sensitive information into a log file. Critically, user credentials are logged allowing the attacker to obtain further authorized access into the system. Combined with... | 6.5 | MEDIUM | β | 0 |
| CVE-2026-34538 Apache Airflow versions 3.0.0 through 3.1.8 DagRun wait endpoint returns XCom result values even to users who only have DAG Run read permissions, such as the Viewer role.This behavior conflicts with t... | 6.5 | MEDIUM | β | 0 |
| CVE-2026-34185 Hydrosystem Control System is vulnerable to SQL Injection across most scripts and input parameters. Because no protections are in place, an authenticated attacker can inject arbitrary SQL commands, po... | 8.8 | HIGH | β | 0 |
| CVE-2026-34184 Hydrosystem Control System does not enforce authorization for some directories. This allows an unauthorized attacker to read all files in these directories and even execute some of them. Critically th... | 9.1 | CRITICAL | β | 0 |
| CVE-2026-34179 In Canonical LXD versions 4.12 through 6.7, the doCertificateUpdate function in lxd/certificates.go does not validate the Type field when handling PUT/PATCH requests to /1.0/certificates/{fingerprint}... | 9.1 | CRITICAL | β | 0 |
| CVE-2026-34178 In Canonical LXD before 6.8, the backup import path validates project restrictions against backup/index.yaml in the supplied tar archive but creates the instance from backup/container/backup.yaml, a s... | 9.1 | CRITICAL | β | 0 |
| CVE-2026-34177 Canonical LXD versions 4.12 through 6.7 contain an incomplete denylist in isVMLowLevelOptionForbidden (lxd/project/limits/permissions.go), which omits raw.apparmor and raw.qemu.conf from the set of ke... | 9.1 | CRITICAL | β | 0 |
| CVE-2025-62188 An Exposure of Sensitive Information to an Unauthorized Actor vulnerability exists in Apache DolphinScheduler. This vulnerability may allow unauthorized actors to access sensitive information, includ... | 7.5 | HIGH | β | 0 |
| CVE-2026-5854 A vulnerability was detected in Totolink A7100RU 7.4cu.2313_b20191024. Affected by this issue is the function setWiFiEasyCfg of the file /cgi-bin/cstecgi.cgi of the component CGI Handler. Performing a... | 9.8 | CRITICAL | β | 0 |
| CVE-2026-5853 A security vulnerability has been detected in Totolink A7100RU 7.4cu.2313_b20191024. Affected by this vulnerability is the function setIpv6LanCfg of the file /cgi-bin/cstecgi.cgi of the component CGI ... | 9.8 | CRITICAL | β | 0 |
| CVE-2026-5852 A weakness has been identified in Totolink A7100RU 7.4cu.2313_b20191024. Affected is the function setIptvCfg of the file /cgi-bin/cstecgi.cgi of the component CGI Handler. This manipulation of the arg... | 9.8 | CRITICAL | β | 0 |
| CVE-2026-5851 A security flaw has been discovered in Totolink A7100RU 7.4cu.2313_b20191024. This impacts the function setUPnPCfg of the file /cgi-bin/cstecgi.cgi of the component CGI Handler. The manipulation of th... | 9.8 | CRITICAL | β | 0 |
| CVE-2026-5850 A vulnerability was identified in Totolink A7100RU 7.4cu.2313_b20191024. This affects the function setVpnPassCfg of the file /cgi-bin/cstecgi.cgi of the component CGI Handler. The manipulation of the ... | 9.8 | CRITICAL | β | 0 |
| CVE-2026-5849 A vulnerability was determined in Tenda i12 1.0.0.11(3862). The impacted element is an unknown function of the component HTTP Handler. Executing a manipulation can lead to path traversal. The attack m... | 7.3 | HIGH | β | 0 |
| CVE-2026-5848 A vulnerability was found in jeecgboot JimuReport up to 2.3.0. The affected element is the function DriverManager.getConnection of the file /drag/onlDragDataSource/testConnection of the component Data... | 4.7 | MEDIUM | β | 0 |
| CVE-2026-5847 A vulnerability has been found in code-projects Movie Ticketing System 1.0. Impacted is an unknown function of the file /db/moviedb.sql of the component SQL Database Backup File Handler. Such manipula... | 4.3 | MEDIUM | β | 0 |
| CVE-2026-5844 A vulnerability was found in D-Link DIR-882 1.01B02. Impacted is the function sprintf of the file prog.cgi of the component HNAP1 SetNetworkSettings Handler. The manipulation of the argument IPAddress... | 7.2 | HIGH | β | 0 |
| CVE-2026-5842 A security vulnerability has been detected in decolua 9router up to 0.3.47. The impacted element is an unknown function of the file /api of the component Administrative API Endpoint. The manipulation ... | 7.3 | HIGH | β | 0 |
| CVE-2026-5841 A weakness has been identified in Tenda i3 1.0.0.6(2204). The affected element is the function R7WebsSecurityHandler of the component HTTP Handler. Executing a manipulation can lead to path traversal.... | 7.3 | HIGH | β | 0 |
| CVE-2026-5840 A security flaw has been discovered in PHPGurukul News Portal Project 4.1. Impacted is an unknown function of the file /admin/check_availability.php. Performing a manipulation of the argument Username... | 4.7 | MEDIUM | β | 0 |
| CVE-2026-5839 A vulnerability was identified in PHPGurukul News Portal Project 4.1. This issue affects some unknown processing of the file /admin/add-subcategory.php. Such manipulation of the argument sucatdescript... | 4.7 | MEDIUM | β | 0 |
| CVE-2026-5838 A vulnerability was determined in PHPGurukul News Portal Project 4.1. This vulnerability affects unknown code of the file /admin/add-subadmins.php. This manipulation of the argument sadminusername cau... | 4.7 | MEDIUM | β | 0 |
| CVE-2026-5742 The UsersWP plugin for WordPress is vulnerable to Stored Cross-Site Scripting in versions up to and including 1.2.60. This is due to insufficient input sanitization of user-supplied URL fields and imp... | 6.4 | MEDIUM | β | 0 |
| CVE-2026-4336 The Ultimate FAQ Accordion plugin for WordPress is vulnerable to Stored Cross-Site Scripting via FAQ content in all versions up to, and including, 2.4.7. This is due to the plugin calling html_entity_... | 6.4 | MEDIUM | β | 0 |
| CVE-2026-1830 The Quick Playground plugin for WordPress is vulnerable to Remote Code Execution in all versions up to, and including, 1.3.1. This is due to insufficient authorization checks on REST API endpoints tha... | 9.8 | CRITICAL | β | 0 |
| CVE-2026-5837 A vulnerability was found in PHPGurukul News Portal Project 4.1. This affects an unknown part of the file /news-details.php. The manipulation of the argument Comment results in sql injection. The atta... | 7.3 | HIGH | β | 0 |
| CVE-2026-5836 A vulnerability has been found in code-projects Online Shoe Store 1.0. Affected by this issue is some unknown functionality of the file /admin/admin_product.php. The manipulation of the argument produ... | 2.4 | LOW | β | 0 |
| CVE-2026-5835 A flaw has been found in code-projects Online Shoe Store 1.0. Affected by this vulnerability is an unknown functionality of the file /admin/admin_football.php. Executing a manipulation of the argument... | 2.4 | LOW | β | 0 |
| CVE-2026-5834 A vulnerability was detected in code-projects Online Shoe Store 1.0. Affected is an unknown function of the file /admin/admin_running.php. Performing a manipulation of the argument product_name result... | 2.4 | LOW | β | 0 |
| CVE-2026-5833 A security vulnerability has been detected in awwaiid mcp-server-taskwarrior up to 1.0.1. This impacts the function server.setRequestHandler of the file index.ts. Such manipulation of the argument Ide... | 5.3 | MEDIUM | β | 0 |
| CVE-2026-5357 The Download Manager plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'sid' parameter of the 'wpdm_members' shortcode in versions up to and including 3.3.52. This is due to in... | 6.4 | MEDIUM | β | 0 |
This product uses data from the NVD API but is not endorsed or certified by the NVD.