Vulnerabilidades CVE
Base de datos de vulnerabilidades CVE enriquecida con datos de CISA KEV y NVD
| CVE ID | CVSS | Severidad | KEV | Avistamientos |
|---|---|---|---|---|
| CVE-2026-23899 An improper access check allows unauthorized access to webservice endpoints. | 8.8 | HIGH | β | 0 |
| CVE-2026-35414 OpenSSH before 10.3 mishandles the authorized_keys principals option in uncommon scenarios involving a principals list in conjunction with a Certificate Authority that makes certain use of comma chara... | 4.2 | MEDIUM | β | 0 |
| CVE-2026-34834 Bulwark Webmail is a self-hosted webmail client for Stalwart Mail Server. Prior to version 1.4.10, the verifyIdentity() function contained logic that returned true if no session cookies were present. ... | 7.5 | HIGH | β | 0 |
| CVE-2026-27634 Piwigo is an open source photo gallery application for the web. Prior to version 16.3.0, the four date filter parameters (f_min_date_available, f_max_date_available, f_min_date_created, f_max_date_cre... | 9.8 | CRITICAL | β | 0 |
| CVE-2026-27833 Piwigo is an open source photo gallery application for the web. Prior to version 16.3.0, the pwg.history.search API method in Piwigo is registered without the admin_only option, allowing unauthenticat... | 7.5 | HIGH | β | 0 |
| CVE-2026-27834 Piwigo is an open source photo gallery application for the web. Prior to version 16.3.0, a SQL Injection vulnerability exists in the pwg.users.getList Web Service API method. The filter parameter is d... | 7.2 | HIGH | β | 0 |
| CVE-2026-31313 An authenticated stored cross-site scripting (XSS) vulnerability in the creation/editing module of Feehi CMS v2.1.1 allows attackers to execute arbitrary web scripts or HTML via injecting a crafted pa... | 5.4 | MEDIUM | β | 0 |
| CVE-2026-35390 Bulwark Webmail is a self-hosted webmail client for Stalwart Mail Server. Prior to 1.4.11, the reverse proxy (proxy.ts) set the Content-Security-Policy-Report-Only header instead of the enforcing Cont... | 5.4 | MEDIUM | β | 0 |
| CVE-2026-35391 Bulwark Webmail is a self-hosted webmail client for Stalwart Mail Server. Prior to 1.4.11, the getClientIP() function in lib/admin/session.ts trusted the first (leftmost) entry of the X-Forwarded-For ... | 7.5 | HIGH | β | 0 |
| CVE-2026-34734 HDF5 is software for managing data. In 1.14.1-2 and earlier, a heap-use-after-free was found in the h5dump helper utility. An attacker who can supply a malicious h5 file can trigger a heap use-after-f... | 7.8 | HIGH | β | 0 |
| CVE-2026-32990 Improper Input Validation vulnerability in Apache Tomcat due to an incomplete fix of CVE-2025-66614. This issue affects Apache Tomcat: from 11.0.15 through 11.0.19, from 10.1.50 through 10.1.52, from... | 5.3 | MEDIUM | β | 0 |
| CVE-2026-34486 Missing Encryption of Sensitive Data vulnerability in Apache Tomcat due to theΒ fix for CVE-2026-29146 allowing the bypass of the EncryptInterceptor. This issue affects Apache Tomcat: 11.0.20, 10.1.53... | 7.5 | HIGH | β | 0 |
| CVE-2026-35063 OpenPLC_V3 REST API endpoint checks for JWT presence but never verifies the caller's role. Any authenticated user with role=user can delete any other user, including administrators, by specifying thei... | 8.8 | HIGH | β | 0 |
| CVE-2026-29923 The pstrip64.sys driver in EnTech Taiwan PowerStrip <=3.90.736 allows local users to escalate privileges to SYSTEM via a crafted IOCTL request enabling unprivileged users to map arbitrary physical mem... | 7.8 | HIGH | β | 0 |
| CVE-2026-40107 SiYuan is a personal knowledge management system. Prior to 3.6.4, SiYuan configures Mermaid.js with securityLevel: "loose" and htmlLabels: true. In this mode, <img> tags with src attributes survive Me... | 6.5 | MEDIUM | β | 0 |
| CVE-2026-21915 A Permissive List of Allowed Input vulnerability in the CLI of Juniper Networks Support Insights (JSI) Virtual Lightweight Collector (vLWC) allows a local, high privileged attacker to escalate their p... | 6.7 | MEDIUM | β | 0 |
| CVE-2026-35627 OpenClaw before 2026.3.22 performs cryptographic and dispatch operations on inbound Nostr direct messages before enforcing sender and pairing policy validation. Attackers can trigger unauthorized pre-... | 6.5 | MEDIUM | β | 0 |
| CVE-2026-40152 PraisonAIAgents is a multi-agent teams system. Prior to 1.5.128, he list_files() tool in FileTools validates the directory parameter against workspace boundaries via _validate_path(), but passes the p... | 5.3 | MEDIUM | β | 0 |
| CVE-2019-25607 Axessh 4.2 contains a stack-based buffer overflow vulnerability in the log file name field that allows local attackers to execute arbitrary code by supplying an excessively long filename. Attackers ca... | 8.4 | HIGH | β | 0 |
| CVE-2019-25563 PCHelpWareV2 1.0.0.5 contains a denial of service vulnerability that allows local attackers to crash the application by supplying a malformed image file. Attackers can trigger the vulnerability throug... | 6.2 | MEDIUM | β | 0 |
| CVE-2019-25608 Iperius Backup 6.1.0 contains a privilege escalation vulnerability that allows low-privilege users to execute arbitrary programs with elevated privileges by creating backup jobs. Attackers can configu... | 8.4 | HIGH | β | 0 |
| CVE-2019-25609 JetAudio jetCast Server 2.0 contains a stack-based buffer overflow vulnerability in the Log Directory configuration field that allows local attackers to overwrite structured exception handling pointer... | 8.4 | HIGH | β | 0 |
| CVE-2019-25610 NetNumber Titan Master 7.9.1 contains a path traversal vulnerability in the drp endpoint that allows authenticated users to download arbitrary files by injecting directory traversal sequences. Attacke... | 6.5 | MEDIUM | β | 0 |
| CVE-2019-25612 Admin Express 1.2.5.485 contains a local structured exception handling buffer overflow vulnerability that allows local attackers to execute arbitrary code by supplying an alphanumeric encoded payload ... | 7.8 | HIGH | β | 0 |
| CVE-2019-25615 Lavavo CD Ripper 4.20 contains a structured exception handling (SEH) buffer overflow vulnerability that allows local attackers to execute arbitrary code by supplying a malicious string in the License ... | 8.4 | HIGH | β | 0 |
| CVE-2019-25616 AnMing MP3 CD Burner 2.0 contains a buffer overflow vulnerability that allows local attackers to crash the application by supplying an oversized string. Attackers can paste a 6000-byte payload into th... | 6.2 | MEDIUM | β | 0 |
| CVE-2026-34042 act is a project which allows for local running of github actions. Prior to version 0.2.86, act's built in actions/cache server listens to connections on all interfaces and allows anyone who can conne... | 8.2 | HIGH | β | 0 |
| CVE-2026-21767 HCL BigFix Platform is affected byΒ insufficient authentication.Β The application might allow users to access sensitive areas of the application without proper authentication. | 4.0 | MEDIUM | β | 0 |
| CVE-2026-33613 Due to the improper neutralisation of special elements used in an OS command, a remote attacker can exploit an RCE vulnerability in the generateSrpArray function, resulting in full system compromise. ... | 7.2 | HIGH | β | 0 |
| CVE-2026-33614 An unauthenticated remote attacker can exploit an unauthenticated SQL Injection vulnerability in the getinfo endpoint due to improper neutralization of special elements in a SQL SELECT command. This c... | 7.5 | HIGH | β | 0 |
| CVE-2026-33615 An unauthenticated remote attacker can exploit an unauthenticated SQL Injection vulnerability in the setinfo endpoint due to improper neutralization of special elements in a SQL UPDATE command. This c... | 9.1 | CRITICAL | β | 0 |
| CVE-2026-33616 An unauthenticated remote attacker can exploit an unauthenticated blind SQL Injection vulnerability in the mb24api endpoint due to improper neutralization of special elements in a SQL SELECT command. ... | 7.5 | HIGH | β | 0 |
| CVE-2026-33617 An unauthenticated remote attacker can access a configuration file containing database credentials. This can result in a some loss of confidentiality, but there is no endpoint exposed to use these cre... | 5.3 | MEDIUM | β | 0 |
| CVE-2026-34831 Rack is a modular Ruby web server interface. Prior to versions 2.2.23, 3.1.21, and 3.2.6, Rack::Files#fail sets the Content-Length response header using String#size instead of String#bytesize. When th... | 4.8 | MEDIUM | β | 0 |
| CVE-2026-34601 xmldom is a pure JavaScript W3C standard-based (XML DOM Level 2 Core) `DOMParser` and `XMLSerializer` module. In xmldom versions 0.6.0 and prior and @xmldom/xmldom prior to versions 0.8.12 and 0.9.9, ... | 7.5 | HIGH | β | 0 |
| CVE-2026-34725 DbGate is cross-platform database manager. From version 7.0.0 to before version 7.1.5, a stored XSS vulnerability exists in DbGate because attacker-controlled SVG icon strings are rendered as raw HTML... | 8.2 | HIGH | β | 0 |
| CVE-2026-34735 The Hytale Modding Wiki is a free service for Hytale mods to host their documentation & wikis. In version 1.2.0 and prior, the quickUpload() endpoint validates uploaded files by checking their MIME ty... | N/A | NONE | β | 0 |
| CVE-2018-25242 One Search 1.1.0.0 contains a denial of service vulnerability that allows local attackers to crash the application by submitting excessively long input strings to the search functionality. Attackers c... | 6.2 | MEDIUM | β | 0 |
| CVE-2026-35623 OpenClaw before 2026.3.25 contains a missing rate limiting vulnerability in webhook authentication that allows attackers to brute-force weak webhook passwords without throttling. Remote attackers can ... | 4.8 | MEDIUM | β | 0 |
| CVE-2026-35625 OpenClaw before 2026.3.25 contains a privilege escalation vulnerability where silent local shared-auth reconnects auto-approve scope-upgrade requests, widening paired device permissions from operator.... | 7.8 | HIGH | β | 0 |
| CVE-2026-40393 In Mesa before 25.3.6 and 26 before 26.0.1, out-of-bounds memory access can occur in WebGPU because the amount of to-be-allocated data depends on an untrusted party, and is then used for alloca. | 8.1 | HIGH | β | 0 |
| CVE-2026-27238 InDesign Desktop versions 20.5.2, 21.2 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploita... | 7.8 | HIGH | β | 0 |
| CVE-2026-27283 InDesign Desktop versions 20.5.2, 21.2 and earlier are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this... | 7.8 | HIGH | β | 0 |
| CVE-2019-25566 TransMac 12.3 contains a buffer overflow vulnerability in the volume name field that allows local attackers to crash the application by supplying an excessively long string. Attackers can create a mal... | 6.2 | MEDIUM | β | 0 |
| CVE-2026-27776 IM-LogicDesigner module of intra-mart Accel Platform contains insecure deserialization issue. This can be exploited only when IM-LogicDesigner is deployed on the system. Arbitrary code may be executed... | 8.8 | HIGH | β | 0 |
| CVE-2025-52642 HCL AION is affected by a vulnerability where internal filesystem paths may be exposed through application responses or system behaviour. Exposure of internal paths may reveal environment structure de... | 3.3 | LOW | β | 0 |
| CVE-2026-30701 The web interface of the WiFi Extender WDR201A (HW V2.1, FW LFMZX28040922V1.02) contains hardcoded credential disclosure mechanisms (in the form of Server Side Include) within multiple server-side web... | 9.1 | CRITICAL | β | 0 |
| CVE-2026-30702 The WiFi Extender WDR201A (HW V2.1, FW LFMZX28040922V1.02) implements a broken authentication mechanism in its web management interface. The login page does not properly enforce session validation, al... | 9.8 | CRITICAL | β | 0 |
| CVE-2026-30703 A command injection vulnerability exists in the web management interface of the WiFi Extender WDR201A (HW V2.1, FW LFMZX28040922V1.02). The adm.cgi endpoint improperly sanitizes user-supplied input pr... | 9.8 | CRITICAL | β | 0 |
| CVE-2026-32027 OpenClaw versions prior to 2026.2.26 contain an authorization bypass vulnerability where DM pairing-store identities are incorrectly eligible for group allowlist authorization checks. Attackers can ex... | 6.5 | MEDIUM | β | 0 |
This product uses data from the NVD API but is not endorsed or certified by the NVD.