Vulnerabilidades CVE
Base de datos de vulnerabilidades CVE enriquecida con datos de CISA KEV y NVD
| CVE ID | CVSS | Severidad | KEV | Avistamientos |
|---|---|---|---|---|
| CVE-2026-26131 Incorrect default permissions in .NET allows an authorized attacker to elevate privileges locally. | 7.8 | HIGH | β | 0 |
| CVE-2026-33977 FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to version 3.24.2, a malicious RDP server can crash the FreeRDP client by sending audio data in IMA ADPCM format with an invalid ... | 6.5 | MEDIUM | β | 0 |
| CVE-2026-33983 FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to version 3.24.2, progressive_decompress_tile_upgrade() detects a mismatch via progressive_rfx_quant_cmp_equal() but only emits ... | 6.5 | MEDIUM | β | 0 |
| CVE-2025-66442 In Mbed TLS through 4.0.0, there is a compiler-induced timing side channel (in RSA and CBC/ECB decryption) that only occurs with LLVM's select-optimize feature. TF-PSA-Crypto through 1.0.0 is also aff... | 5.1 | MEDIUM | β | 0 |
| CVE-2025-32957 baserCMS is a website development framework. Prior to version 5.2.3, the application's restore function allows users to upload a .zip file, which is then automatically extracted. A PHP file inside the... | 8.7 | HIGH | β | 0 |
| CVE-2026-21861 baserCMS is a website development framework. Prior to version 5.2.3, baserCMS contains an OS command injection vulnerability in the core update functionality. An authenticated administrator can execut... | 9.1 | CRITICAL | β | 0 |
| CVE-2026-30879 baserCMS is a website development framework. Prior to version 5.2.3, baserCMS has a cross-site scripting vulnerability in blog posts. This issue has been patched in version 5.2.3. | 6.1 | MEDIUM | β | 0 |
| CVE-2026-34395 WWBN AVideo is an open source video platform. In versions 26.0 and prior, the plugin/YPTWallet/view/users.json.php endpoint returns all platform users with their personal information and wallet balanc... | 6.5 | MEDIUM | β | 0 |
| CVE-2026-34611 WWBN AVideo is an open source video platform. In versions 26.0 and prior, the AVideo endpoint objects/emailAllUsers.json.php allows administrators to send HTML emails to every registered user on the p... | 6.5 | MEDIUM | β | 0 |
| CVE-2026-34613 WWBN AVideo is an open source video platform. In versions 26.0 and prior, the AVideo endpoint objects/pluginSwitch.json.php allows administrators to enable or disable any installed plugin. The endpoin... | 6.5 | MEDIUM | β | 0 |
| CVE-2026-34456 Reviactyl is an open-source game server management panel built using Laravel, React, FilamentPHP, Vite, and Go. From version 26.2.0-beta.1 to before version 26.2.0-beta.5, a vulnerability in the OAuth... | 9.1 | CRITICAL | β | 0 |
| CVE-2026-34515 AIOHTTP is an asynchronous HTTP client/server framework for asyncio and Python. Prior to version 3.13.4, on Windows the static resource handler may expose information about a NTLMv2 remote path. This ... | N/A | NONE | β | 0 |
| CVE-2026-34563 CI4MS is a CodeIgniter 4-based CMS skeleton that delivers a production-ready, modular architecture with RBAC authorization and theme support. Prior to version 0.31.0.0, the application fails to proper... | 9.1 | CRITICAL | β | 0 |
| CVE-2026-34565 CI4MS is a CodeIgniter 4-based CMS skeleton that delivers a production-ready, modular architecture with RBAC authorization and theme support. Prior to version 0.31.0.0, the application fails to proper... | 9.1 | CRITICAL | β | 0 |
| CVE-2026-34571 CI4MS is a CodeIgniter 4-based CMS skeleton that delivers a production-ready, modular architecture with RBAC authorization and theme support. Prior to version 0.31.0.0, a Stored Cross-Site Scripting (... | 9.9 | CRITICAL | β | 0 |
| CVE-2026-3987 A path traversal vulnerability in the Fireware OS Web UI on WatchGuard Firebox systems may allow a privileged authenticated remote attacker to execute arbitrary code in the context of an elevated syst... | N/A | NONE | β | 0 |
| CVE-2025-0711 Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority. | N/A | NONE | β | 0 |
| CVE-2026-34519 AIOHTTP is an asynchronous HTTP client/server framework for asyncio and Python. Prior to version 3.13.4, an attacker who controls the reason parameter when creating a Response may be able to inject ex... | 5.3 | MEDIUM | β | 0 |
| CVE-2026-34525 AIOHTTP is an asynchronous HTTP client/server framework for asyncio and Python. Prior to version 3.13.4, multiple Host headers were allowed in aiohttp. This issue has been patched in version 3.13.4. | 5.3 | MEDIUM | β | 0 |
| CVE-2026-34531 Flask-HTTPAuth provides Basic, Digest and Token HTTP authentication for Flask routes. Prior to version 4.8.1, in a situation where the client makes a request to a token protected resource without pass... | 6.5 | MEDIUM | β | 0 |
| CVE-2026-34736 Open edX Platform enables the authoring and delivery of online learning at any scale. From the maple release to before the ulmo release, an unauthenticated attacker can fully bypass the email verifica... | 5.3 | MEDIUM | β | 0 |
| CVE-2026-4829 Improper authentication in the external OAuth authentication flow in Devolutions Server 2026.1.11 and earlier allows an authenticated user to authenticate as other users, including administrators, via... | 5.4 | MEDIUM | β | 0 |
| CVE-2026-4989 Improper input validation in the gateway health check feature in Devolutions Server allows a low-privileged authenticated user to perform server-side request forgery (SSRF), potentially leading to inf... | 4.3 | MEDIUM | β | 0 |
| CVE-2026-5175 Improper access control in the multi-factor authentication (MFA) management API in Devolutions Server allows an authenticated attacker to delete their own configured MFA factors and reduce account pro... | 5.0 | MEDIUM | β | 0 |
| CVE-2026-34874 An issue was discovered in Mbed TLS through 3.6.5 and 4.x through 4.0.0. There is a NULL pointer dereference in distinguished name parsing that allows an attacker to write to address 0. | 7.5 | HIGH | β | 0 |
| CVE-2026-34872 An issue was discovered in Mbed TLS 3.5.x and 3.6.x through 3.6.5 and TF-PSA-Crypto 1.0. There is a lack of contributory behavior in FFDH due to improper input validation. Using finite-field Diffie-He... | 9.1 | CRITICAL | β | 0 |
| CVE-2025-66485 IBM Aspera Shares 1.9.9 through 1.11.0 is vulnerable to HTTP header injection, caused by improper validation of input by the HOST headers. Β This could allow an attacker to conduct various attacks agai... | 5.4 | MEDIUM | β | 0 |
| CVE-2025-66486 IBM Aspera Shares 1.9.9 through 1.11.0 is vulnerable to HTML injection. A remote attacker could inject malicious HTML code, which when viewed, would be executed in the victim's Web browser within the ... | 4.8 | MEDIUM | β | 0 |
| CVE-2025-66487 IBM Aspera Shares 1.9.9 through 1.11.0 does not properly rate limit the frequency that an authenticated user can send emails, which could result in email flooding or a denial of service. | 2.7 | LOW | β | 0 |
| CVE-2026-32173 Improper authentication in Azure SRE Agent allows an unauthorized attacker to disclose information over a network. | 8.6 | HIGH | β | 0 |
| CVE-2026-33105 Improper authorization in Microsoft Azure Kubernetes Service allows an unauthorized attacker to elevate privileges over a network. | 10.0 | CRITICAL | β | 0 |
| CVE-2026-35507 Shynet before 0.14.0 allows Host header injection in the password reset flow. | 6.4 | MEDIUM | β | 0 |
| CVE-2026-35508 Shynet before 0.14.0 allows XSS in urldisplay and iconify template filters, | 5.4 | MEDIUM | β | 0 |
| CVE-2026-28815 A remote attacker can supply a short X-Wing HPKE encapsulated key and trigger an out-of-bounds read in the C decapsulation path, potentially causing a crash or memory disclosure depending on runtime p... | 7.5 | HIGH | β | 0 |
| CVE-2026-35535 In Sudo through 1.9.17p2 before 3e474c2, a failure of a setuid, setgid, or setgroups call, during a privilege drop before running the mailer, is not a fatal error and can lead to privilege escalation. | 7.4 | HIGH | β | 0 |
| CVE-2026-35536 In Tornado before 6.5.5, cookie attribute injection could occur because the domain, path, and samesite arguments to .RequestHandler.set_cookie were not checked for crafted characters. | 7.2 | HIGH | β | 0 |
| CVE-2026-2366 A flaw was found in Keycloak. An authorization bypass vulnerability in the Keycloak Admin API allows any authenticated user, even those without administrative privileges, to enumerate the organization... | 3.1 | LOW | β | 0 |
| CVE-2026-1668 The web interface on multiple Omada switches does not adequately validate certain external inputs, which may lead to out-of-bound memory access when processing crafted requests. Under specific condit... | 9.8 | CRITICAL | β | 0 |
| CVE-2025-71264 Mumble before 1.6.870 is prone to an out-of-bounds array access, which may result in denial of service (client crash). | 3.7 | LOW | β | 0 |
| CVE-2026-23242 In the Linux kernel, the following vulnerability has been resolved: RDMA/siw: Fix potential NULL pointer dereference in header processing If siw_get_hdr() returns -EINVAL before set_rx_fpdu_context(... | 7.5 | HIGH | β | 0 |
| CVE-2026-29782 OpenSTAManager is an open source management software for technical assistance and invoicing. Prior to version 2.10.2, the oauth2.php file in OpenSTAManager is an unauthenticated endpoint ($skip_permis... | 7.2 | HIGH | β | 0 |
| CVE-2026-3692 In Progress Flowmon versions prior to 12.5.8, a vulnerability exists whereby an authenticated low-privileged user may craft a request during the report generation process that results in unintended co... | 8.8 | HIGH | β | 0 |
| CVE-2026-34877 An issue was discovered in Mbed TLS versions from 2.19.0 up to 3.6.5, Mbed TLS 4.0.0. Insufficient protection of serialized SSL context or session structures allows an attacker who can modify the seri... | 9.8 | CRITICAL | β | 0 |
| CVE-2025-67102 A SQL injection vulnerability in the alldayoffs feature in Jorani up to v1.0.4, allows an authenticated attacker to execute arbitrary SQL commands via the entity parameter. | 7.6 | HIGH | β | 0 |
| CVE-2025-67304 In Ruckus Network Director (RND) < 4.5.0.54, the OVA appliance contains hardcoded credentials for the ruckus PostgreSQL database user. In the default configuration, the PostgreSQL service is accessibl... | 9.8 | CRITICAL | β | 0 |
| CVE-2025-67305 In RUCKUS Network Director (RND) < 4.5.0.56, the OVA appliance contains hardcoded SSH keys for the postgres user. These keys are identical across all deployments, allowing an attacker with network acc... | 9.8 | CRITICAL | β | 0 |
| CVE-2026-27413 Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Cozmoslabs Profile Builder Pro allows Blind SQL Injection.This issue affects Profile Builder Pro: ... | 9.3 | CRITICAL | β | 0 |
| CVE-2026-23175 In the Linux kernel, the following vulnerability has been resolved: net: cpsw: Execute ndo_set_rx_mode callback in a work queue Commit 1767bb2d47b7 ("ipv6: mcast: Don't hold RTNL for IPV6_ADD_MEMBER... | 7.0 | HIGH | β | 0 |
| CVE-2026-23178 In the Linux kernel, the following vulnerability has been resolved: HID: i2c-hid: fix potential buffer overflow in i2c_hid_get_report() `i2c_hid_xfer` is used to read `recv_len + sizeof(__le16)` byt... | 7.8 | HIGH | β | 0 |
| CVE-2026-23180 In the Linux kernel, the following vulnerability has been resolved: dpaa2-switch: add bounds check for if_id in IRQ handler The IRQ handler extracts if_id from the upper 16 bits of the hardware stat... | 7.0 | HIGH | β | 0 |
This product uses data from the NVD API but is not endorsed or certified by the NVD.