Vulnerabilidades CVE
Base de datos de vulnerabilidades CVE enriquecida con datos de CISA KEV y NVD
| CVE ID | CVSS | Severidad | KEV | Avistamientos |
|---|---|---|---|---|
| CVE-2025-7061 A vulnerability was found in Intelbras InControl up to 2.21.60.9. It has been declared as problematic. This vulnerability affects unknown code of the file /v1/operador/. The manipulation leads to csv ... | 2.7 | LOW | — | 0 |
| CVE-2024-2305 The Cards for Beaver Builder plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the BootstrapCard link in all versions up to, and including, 1.1.2 due to insufficient input sanitiz... | 6.4 | MEDIUM | — | 0 |
| CVE-2026-5657 iLBC codec crash in Wireshark 4.6.0 to 4.6.4 and 4.4.0 to 4.4.14 allows denial of service | 5.5 | MEDIUM | — | 0 |
| CVE-2024-2341 The Appointment Booking Calendar — Simply Schedule Appointments Booking Plugin plugin for WordPress is vulnerable to SQL Injection via the keys parameter in all versions up to, and including, 1.6.7.7 ... | 8.8 | HIGH | — | 0 |
| CVE-2026-31693 In the Linux kernel, the following vulnerability has been resolved: cifs: some missing initializations on replay In several places in the code, we have a label to signify the start of the code where... | 7.8 | HIGH | — | 0 |
| CVE-2026-6421 A vulnerability has been found in Mobatek MobaXterm Home Edition up to 26.1. This affects an unknown part in the library msimg32.dll. The manipulation leads to uncontrolled search path. An attack has ... | 7.0 | HIGH | — | 0 |
| CVE-2026-5234 The LatePoint plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 5.3.2. The vulnerability exists because the OsStripeConnectController::create... | 5.3 | MEDIUM | — | 0 |
| CVE-2026-6080 The Tutor LMS plugin for WordPress is vulnerable to SQL Injection in versions up to and including 3.9.8. This is due to insufficient escaping on the 'date' parameter combined with direct interpolation... | 6.5 | MEDIUM | — | 0 |
| CVE-2026-5797 The Quiz And Survey Master plugin for WordPress is vulnerable to Arbitrary Shortcode Execution in versions up to and including 11.1.0. This is due to insufficient input sanitization and the execution ... | 5.3 | MEDIUM | — | 0 |
| CVE-2025-7067 A vulnerability classified as problematic was found in HDF5 1.14.6. This vulnerability affects the function H5FS__sinfo_serialize_node_cb of the file src/H5FScache.c. The manipulation leads to heap-ba... | 3.3 | LOW | — | 0 |
| CVE-2024-3119 A buffer overflow vulnerability exists in all versions of sngrep since v0.4.2, due to improper handling of 'Call-ID' and 'X-Call-ID' SIP headers. The functions sip_get_callid and sip_get_xcallid in si... | 9.0 | CRITICAL | — | 0 |
| CVE-2024-3120 A stack-buffer overflow vulnerability exists in all versions of sngrep since v1.4.1. The flaw is due to inadequate bounds checking when copying 'Content-Length' and 'Warning' headers into fixed-size b... | 9.0 | CRITICAL | — | 0 |
| CVE-2024-3214 The Relevanssi – A Better Search plugin for WordPress is vulnerable to CSV Injection in all versions up to, and including, 4.22.1. This makes it possible for unauthenticated attackers to embed untrust... | 5.8 | MEDIUM | — | 0 |
| CVE-2025-7068 A vulnerability, which was classified as problematic, has been found in HDF5 1.14.6. This issue affects the function H5FL__malloc of the file src/H5FL.c. The manipulation leads to memory leak. Attacki... | 3.3 | LOW | — | 0 |
| CVE-2024-3528 A vulnerability was found in Campcodes Complete Online Student Management System 1.0 and classified as problematic. Affected by this issue is some unknown functionality of the file units_view.php. The... | 3.5 | LOW | — | 0 |
| CVE-2024-3529 A vulnerability was found in Campcodes Complete Online Student Management System 1.0. It has been classified as problematic. This affects an unknown part of the file students_view.php. The manipulatio... | 3.5 | LOW | — | 0 |
| CVE-2024-3530 A vulnerability was found in Campcodes Complete Online Student Management System 1.0. It has been declared as problematic. This vulnerability affects unknown code of the file Marks_view.php. The manip... | 3.5 | LOW | — | 0 |
| CVE-2024-3531 A vulnerability was found in Campcodes Complete Online Student Management System 1.0. It has been rated as problematic. This issue affects some unknown processing of the file courses_view.php. The man... | 3.5 | LOW | — | 0 |
| CVE-2024-3532 A vulnerability classified as problematic has been found in Campcodes Complete Online Student Management System 1.0. Affected is an unknown function of the file attendance_view.php. The manipulation o... | 3.5 | LOW | — | 0 |
| CVE-2024-3533 A vulnerability classified as problematic was found in Campcodes Complete Online Student Management System 1.0. Affected by this vulnerability is an unknown functionality of the file academic_year_vie... | 3.5 | LOW | — | 0 |
| CVE-2017-11349 dataTaker DT8x dEX 1.72.007 allows remote attackers to compose programs or schedules, for purposes such as sending e-mail messages or making outbound connections to FTP servers for uploading data. | 9.8 | CRITICAL | — | 0 |
| CVE-2026-4545 A security flaw has been discovered in Flos Freeware Notepad2 4.2.25. This affects an unknown function in the library PROPSYS.dll. Performing a manipulation results in uncontrolled search path. The at... | 7.0 | HIGH | — | 0 |
| CVE-2024-25935 Missing Authorization vulnerability in Metagauss RegistrationMagic.This issue affects RegistrationMagic: from n/a through 5.2.5.9. | 4.3 | MEDIUM | — | 0 |
| CVE-2024-3541 A vulnerability classified as problematic has been found in Campcodes Church Management System 1.0. This affects an unknown part of the file /admin/admin_user.php. The manipulation of the argument fir... | 3.5 | LOW | — | 0 |
| CVE-2024-3542 A vulnerability classified as problematic was found in Campcodes Church Management System 1.0. This vulnerability affects unknown code of the file /admin/add_visitor.php. The manipulation of the argum... | 3.5 | LOW | — | 0 |
| CVE-2024-0159 Dell Alienware Command Center, versions 5.5.52.0 and prior, contain improper access control vulnerability, leading to Denial of Service on local system. | 6.7 | MEDIUM | — | 0 |
| CVE-2024-22450 Dell Alienware Command Center, versions prior to 6.2.7.0, contain an uncontrolled search path element vulnerability. A local malicious user could potentially inject malicious files in the file search ... | 7.4 | HIGH | — | 0 |
| CVE-2024-22448 Dell BIOS contains an Out-of-Bounds Write vulnerability. A local authenticated malicious user with admin privileges could potentially exploit this vulnerability, leading to denial of service. | 4.7 | MEDIUM | — | 0 |
| CVE-2024-20759 Adobe Commerce versions 2.4.6-p4, 2.4.5-p6, 2.4.4-p7, 2.4.7-beta3 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a high-privileged attacker to in... | 8.1 | HIGH | — | 0 |
| CVE-2022-4975 A flaw was found in the Red Hat Advanced Cluster Security (RHACS) portal. When rendering a table view in the portal, for example, on any of the /main/configmanagement/* endpoints, the front-end genera... | 8.9 | HIGH | — | 0 |
| CVE-2024-1625 An Insecure Direct Object Reference (IDOR) vulnerability exists in the lunary-ai/lunary application version 0.3.0, allowing unauthorized deletion of any organization's project. The vulnerability is du... | 6.5 | MEDIUM | — | 0 |
| CVE-2024-1741 lunary-ai/lunary version 1.0.1 is vulnerable to improper authorization, allowing removed members to read, create, modify, and delete prompt templates using an old authorization token. Despite being re... | 9.1 | CRITICAL | — | 0 |
| CVE-2024-3612 A vulnerability was found in SourceCodester Warehouse Management System 1.0. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the file barang.php. The... | 3.5 | LOW | — | 0 |
| CVE-2024-3613 A vulnerability was found in SourceCodester Warehouse Management System 1.0. It has been rated as problematic. Affected by this issue is some unknown functionality of the file supplier.php. The manipu... | 3.5 | LOW | — | 0 |
| CVE-2024-11348 Eura7 CMSmanager in version 4.6 and below is vulnerable to Reflected XSS attacks through manipulation of return GET request parameter sent to a specific endpoint. The vulnerability has been fixed by a... | N/A | NONE | — | 0 |
| CVE-2024-3614 A vulnerability classified as problematic has been found in SourceCodester Warehouse Management System 1.0. This affects an unknown part of the file customer.php. The manipulation of the argument nama... | 3.5 | LOW | — | 0 |
| CVE-2024-3616 A vulnerability classified as problematic was found in SourceCodester Warehouse Management System 1.0. This vulnerability affects unknown code of the file pengguna.php. The manipulation of the argumen... | 3.5 | LOW | — | 0 |
| CVE-2024-3617 A vulnerability, which was classified as critical, has been found in SourceCodester Kortex Lite Advocate Office Management System 1.0. This issue affects some unknown processing of the file /control/d... | 4.7 | MEDIUM | — | 0 |
| CVE-2024-3618 A vulnerability, which was classified as critical, was found in SourceCodester Kortex Lite Advocate Office Management System 1.0. Affected is an unknown function of the file /control/activate_case.php... | 4.7 | MEDIUM | — | 0 |
| CVE-2024-30390 An Improper Restriction of Excessive Authentication Attempts vulnerability in Juniper Networks Junos OS Evolved allows an unauthenticated, network-based attacker to cause a limited Denial of Service (... | 5.3 | MEDIUM | — | 0 |
| CVE-2024-3619 A vulnerability has been found in SourceCodester Kortex Lite Advocate Office Management System 1.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /c... | 4.7 | MEDIUM | — | 0 |
| CVE-2024-3620 A vulnerability was found in SourceCodester Kortex Lite Advocate Office Management System 1.0 and classified as critical. Affected by this issue is some unknown functionality of the file /control/adds... | 4.7 | MEDIUM | — | 0 |
| CVE-2024-3621 A vulnerability was found in SourceCodester Kortex Lite Advocate Office Management System 1.0. It has been classified as critical. This affects an unknown part of the file /control/register_case.php. ... | 4.7 | MEDIUM | — | 0 |
| CVE-2024-30916 An issue was discovered in eProsima FastDDS v.2.14.0 and before, allows a local attacker to cause a denial of service (DoS) and obtain sensitive information via a crafted max_samples parameter in Dura... | 7.1 | HIGH | — | 0 |
| CVE-2024-40620 CVE-2024-40620 IMPACT A vulnerability exists in the affected product due to lack of encryption of sensitive information. The vulnerability results in data being sent between the Console and the Dashb... | 7.5 | HIGH | — | 0 |
| CVE-2024-21598 An Improper Validation of Syntactic Correctness of Input vulnerability in the Routing Protocol Daemon (rpd) of Juniper Networks Junos OS and Junos OS Evolved allows a network-based, unauthenticated at... | 7.5 | HIGH | — | 0 |
| CVE-2024-21605 An Exposure of Resource to Wrong Sphere vulnerability in the Packet Forwarding Engine (PFE) of Juniper Networks Junos OS on SRX 300 Series allows an unauthenticated, adjacent attacker to cause a Denia... | 6.5 | MEDIUM | — | 0 |
| CVE-2024-21615 An Incorrect Default Permissions vulnerability in Juniper Networks Junos OS and Junos OS Evolved allows a local, low-privileged attacker to access confidential information on the system. On all Junos... | 5.0 | MEDIUM | — | 0 |
| CVE-2024-21618 An Access of Memory Location After End of Buffer vulnerability in the Layer-2 Control Protocols Daemon (l2cpd) of Juniper Networks Junos OS and Junos OS Evolved allows an adjacent, unauthenticated att... | 6.5 | MEDIUM | — | 0 |
| CVE-2024-3690 A vulnerability classified as critical was found in PHPGurukul Small CRM 3.0. Affected by this vulnerability is an unknown functionality of the component Change Password Handler. The manipulation lead... | 6.3 | MEDIUM | — | 0 |
This product uses data from the NVD API but is not endorsed or certified by the NVD.