Vulnerabilidades CVE
Base de datos de vulnerabilidades CVE enriquecida con datos de CISA KEV y NVD
| CVE ID | CVSS | Severidad | KEV | Avistamientos |
|---|---|---|---|---|
| CVE-2026-39942 Directus is a real-time API and App dashboard for managing SQL database content. Prior to 11.17.0, the PATCH /files/{id} endpoint accepts a user-controlled filename_disk parameter. By setting this val... | 8.5 | HIGH | β | 0 |
| CVE-2026-36232 A SQL injection vulnerability was found in the instructorClasses.php file of itsourcecode Online Student Enrollment System v1.0. The reason for this issue is that the 'classId' parameter from $_GET['c... | 9.8 | CRITICAL | β | 0 |
| CVE-2026-36233 A SQL injection vulnerability was found in the assignInstructorSubjects.php file of itsourcecode Online Student Enrollment System v1.0. The reason for this issue is that attackers can inject malicious... | 9.8 | CRITICAL | β | 0 |
| CVE-2026-36235 A SQL injection vulnerability was found in the scheduleSubList.php file of itsourcecode Online Student Enrollment System v1.0. The reason for this issue is that the 'subjcode' parameter is directly em... | 9.8 | CRITICAL | β | 0 |
| CVE-2026-36236 SourceCodester Engineers Online Portal v1.0 is vulnerable to SQL Injection in update_password.php via the new_password parameter. | 9.8 | CRITICAL | β | 0 |
| CVE-2026-27460 Tandoor Recipes is an application for managing recipes, planning meals, and building shopping lists. Prior to 2.6.5, a critical Denial of Service (DoS) vulnerability was in the recipe import functiona... | 6.5 | MEDIUM | β | 0 |
| CVE-2026-36922 Sourcecodester Cab Management System v1.0 is vulnerable to SQL injection in the file /cms/admin/categories/view_category.php. | 2.7 | LOW | β | 0 |
| CVE-2026-36923 Sourcecodester Cab Management System 1.0 is vulnerable to SQL Injection in the file /cms/admin/bookings/view_booking.php. | 2.7 | LOW | β | 0 |
| CVE-2026-38528 Krayin CRM v2.2.x was discovered to contain a SQL injection vulnerability via the rotten_lead parameter at /Lead/LeadDataGrid.php. | 7.1 | HIGH | β | 0 |
| CVE-2026-38529 A Broken Object-Level Authorization (BOLA) in the /Settings/UserController.php endpoint of Webkul Krayin CRM v2.2.x allows authenticated attackers to arbitrarily reset user passwords and perform a ful... | 8.8 | HIGH | β | 0 |
| CVE-2026-20945 Improper neutralization of input during web page generation ('cross-site scripting') in Microsoft Office SharePoint allows an authorized attacker to perform spoofing over a network. | 4.6 | MEDIUM | β | 0 |
| CVE-2026-23657 Use after free in Microsoft Office Word allows an unauthorized attacker to execute code locally. | 7.8 | HIGH | β | 0 |
| CVE-2026-27258 DNG SDK versions 1.7.1 2502 and earlier are affected by an out-of-bounds write vulnerability that could lead to application denial-of-service. An attacker could leverage this vulnerability to corrupt ... | 5.5 | MEDIUM | β | 0 |
| CVE-2026-27906 Improper input validation in Windows Hello allows an authorized attacker to bypass a security feature locally. | 4.4 | MEDIUM | β | 0 |
| CVE-2026-27907 Integer underflow (wrap or wraparound) in Windows Storage Spaces Controller allows an authorized attacker to elevate privileges locally. | 7.8 | HIGH | β | 0 |
| CVE-2026-27908 Use after free in Windows TDI Translation Driver (tdx.sys) allows an authorized attacker to elevate privileges locally. | 7.0 | HIGH | β | 0 |
| CVE-2026-32080 Use after free in Windows WalletService allows an authorized attacker to elevate privileges locally. | 7.0 | HIGH | β | 0 |
| CVE-2026-32189 Use after free in Microsoft Office Excel allows an unauthorized attacker to execute code locally. | 7.8 | HIGH | β | 0 |
| CVE-2026-33114 Untrusted pointer dereference in Microsoft Office Word allows an unauthorized attacker to execute code locally. | 8.4 | HIGH | β | 0 |
| CVE-2026-33115 Use after free in Microsoft Office Word allows an unauthorized attacker to execute code locally. | 8.4 | HIGH | β | 0 |
| CVE-2026-33116 Loop with unreachable exit condition ('infinite loop') in .NET, .NET Framework, Visual Studio allows an unauthorized attacker to deny service over a network. | 7.5 | HIGH | β | 0 |
| CVE-2026-33120 Untrusted pointer dereference in SQL Server allows an authorized attacker to execute code over a network. | 8.8 | HIGH | β | 0 |
| CVE-2026-33822 Out-of-bounds read in Microsoft Office Word allows an unauthorized attacker to disclose information locally. | 6.1 | MEDIUM | β | 0 |
| CVE-2026-33824 Double free in Windows IKE Extension allows an unauthorized attacker to execute code over a network. | 9.8 | CRITICAL | β | 0 |
| CVE-2026-33826 Improper input validation in Windows Active Directory allows an authorized attacker to execute code over an adjacent network. | 8.0 | HIGH | β | 0 |
| CVE-2016-20053 Redaxo CMS 5.2 contains a cross-site request forgery vulnerability that allows unauthenticated attackers to create administrative user accounts by tricking authenticated administrators into visiting m... | 5.3 | MEDIUM | β | 0 |
| CVE-2016-20055 IObit Advanced SystemCare 10.0.2 contains an unquoted service path vulnerability in the AdvancedSystemCareService10 service that allows local attackers to escalate privileges. Attackers can place a ma... | 7.8 | HIGH | β | 0 |
| CVE-2026-34783 Ferret is a declarative system for working with web data. Prior to 2.0.0-alpha.4, a path traversal vulnerability in Ferret's IO::FS::WRITE standard library function allows a malicious website to write... | 8.1 | HIGH | β | 0 |
| CVE-2026-35036 Ech0 is an open-source, self-hosted publishing platform for personal idea sharing. Prior to 4.2.8, Ech0 implements link preview (editor fetches a page title) through GET /api/website/title. That is le... | 7.5 | HIGH | β | 0 |
| CVE-2026-35489 Tandoor Recipes is an application for managing recipes, planning meals, and building shopping lists. Prior to 2.6.4, the POST /api/food/{id}/shopping/ endpoint reads amount and unit directly from requ... | 7.3 | HIGH | β | 0 |
| CVE-2026-31040 A vulnerability was identified in stata-mcp prior to v1.13.0 where insufficient validation of user-supplied Stata do-file content can lead to command execution. | 9.8 | CRITICAL | β | 0 |
| CVE-2026-33229 XWiki Platform is a generic wiki platform offering runtime services for applications built on top of it. Prior to 17.4.8 and 17.10.1, an improperly protected scripting API allows any user with script ... | 9.8 | CRITICAL | β | 0 |
| CVE-2023-46945 QD 20230821 is vulnerable to Server-side request forgery (SSRF) via a crafted request | 9.1 | CRITICAL | β | 0 |
| CVE-2026-34578 OPNsense is a FreeBSD based firewall and routing platform. Prior to 26.1.6, OPNsense's LDAP authentication connector passes the login username directly into an LDAP search filter without calling ldap_... | 8.2 | HIGH | β | 0 |
| CVE-2026-5440 A memory exhaustion vulnerability exists in the HTTP server due to unbounded use of the `Content-Length` header. The server allocates memory directly based on the attacker supplied header value witho... | 7.5 | HIGH | β | 0 |
| CVE-2026-5441 An out-of-bounds read vulnerability exists in the `DecodePsmctRle1` function of `DicomImageDecoder.cpp`. The `PMSCT_RLE1` decompression routine, which decodes the proprietary Philips Compression forma... | 7.1 | HIGH | β | 0 |
| CVE-2026-5442 A heap buffer overflow vulnerability exists in the DICOM image decoder. Dimension fields are encoded using Value Representation (VR) Unsigned Long (UL), instead of the expected VR Unsigned Short (US),... | 9.8 | CRITICAL | β | 0 |
| CVE-2026-5444 A heap buffer overflow vulnerability exists in the PAM image parsing logic. When Orthanc processes a crafted PAM image embedded in a DICOM file, image dimensions are multiplied using 32-bit unsigned a... | 7.1 | HIGH | β | 0 |
| CVE-2026-5445 An out-of-bounds read vulnerability exists in the `DecodeLookupTable` function within `DicomImageDecoder.cpp`. The lookup-table decoding logic used for `PALETTE COLOR` images does not validate pixel i... | 9.1 | CRITICAL | β | 0 |
| CVE-2026-35041 fast-jwt provides fast JSON Web Token (JWT) implementation. From 5.0.0 to 6.2.0, a denial-of-service condition exists in fast-jwt when the allowedAud verification option is configured using a regular ... | 4.2 | MEDIUM | β | 0 |
| CVE-2026-39315 Unhead is a document head and template manager. Prior to 2.1.13, useHeadSafe() is the composable that Nuxt's own documentation explicitly recommends for rendering user-supplied content in <head> safel... | 6.1 | MEDIUM | β | 0 |
| CVE-2026-40168 Postiz is an AI social media scheduling tool. Prior to 2.21.5, the /api/public/stream endpoint is vulnerable to SSRF. Although the application validates the initially supplied URL and blocks direct pr... | 8.2 | HIGH | β | 0 |
| CVE-2026-40188 goshs is a SimpleHTTPServer written in Go. From 1.0.7 to before 2.0.0-beta.4, the SFTP command rename sanitizes only the source path and not the destination, so it is possible to write outside of the ... | 7.7 | HIGH | β | 0 |
| CVE-2026-4150 GIMP PSD File Parsing Integer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GIMP. User interaction is ... | N/A | NONE | β | 0 |
| CVE-2026-4151 GIMP ANI File Parsing Integer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GIMP. User interaction is ... | N/A | NONE | β | 0 |
| CVE-2026-4152 GIMP JP2 File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GIMP. User inter... | N/A | NONE | β | 0 |
| CVE-2026-4153 GIMP PSP File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GIMP. User inter... | N/A | NONE | β | 0 |
| CVE-2026-34625 Adobe Experience Manager versions 6.5.24, FP11.7 and earlier are affected by a DOM-based Cross-Site Scripting (XSS) vulnerability. An attacker could exploit this issue by manipulating the DOM environm... | 5.4 | MEDIUM | β | 0 |
| CVE-2026-27222 Bridge versions 16.0.2, 15.1.4 and earlier are affected by a Divide By Zero vulnerability that could lead to application denial-of-service. An attacker could exploit this vulnerability to crash the ap... | 5.5 | MEDIUM | β | 0 |
| CVE-2026-27289 Photoshop Desktop versions 27.4 and earlier are affected by an out-of-bounds read vulnerability when parsing a crafted file, which could result in a read past the end of an allocated memory structure.... | 7.8 | HIGH | β | 0 |
This product uses data from the NVD API but is not endorsed or certified by the NVD.