Vulnerabilidades CVE
Base de datos de vulnerabilidades CVE enriquecida con datos de CISA KEV y NVD
| CVE ID | CVSS | Severidad | KEV | Avistamientos |
|---|---|---|---|---|
| CVE-2023-23279 Canteen Management System 1.0 is vulnerable to SQL Injection via /php_action/getOrderReport.php. | 9.8 | CRITICAL | β | 0 |
| CVE-2023-24774 Funadmin v3.2.0 was discovered to contain a SQL injection vulnerability via the selectFields parameter at \controller\auth\Auth.php. | 9.8 | CRITICAL | β | 0 |
| CVE-2024-12248 Contec Health CMS8000 Patient Monitor is vulnerable to an out-of-bounds write, which could allow an attacker to send specially formatted UDP requests in order to write arbitrary data. This could resul... | 9.8 | CRITICAL | β | 0 |
| CVE-2025-0680 Affected products contain a vulnerability in the device cloud rpc command handling process that could allow remote attackers to take control over arbitrary devices connected to the cloud. | 9.8 | CRITICAL | β | 0 |
| CVE-2022-35583 wkhtmlTOpdf 0.12.6 is vulnerable to SSRF which allows an attacker to get initial access into the target's system by injecting iframe tag with initial asset IP address on it's source. This allows the a... | 9.8 | CRITICAL | β | 0 |
| CVE-2022-25899 Authentication bypass for the Open AMT Cloud Toolkit software maintained by Intel(R) before versions 2.0.2 and 2.2.2 may allow an unauthenticated user to potentially enable escalation of privilege via... | 9.8 | CRITICAL | β | 0 |
| CVE-2022-30053 In Toll Tax Management System 1.0, the id parameter appears to be vulnerable to SQL injection attacks. | 9.8 | CRITICAL | β | 0 |
| CVE-2020-21119 SQL Injection vulnerability in Kliqqi-CMS 2.0.2 in admin/admin_update_module_widgets.php in recordIDValue parameter, allows attackers to gain escalated privileges and execute arbitrary code. | 9.8 | CRITICAL | β | 0 |
| CVE-2022-26283 Simple Subscription Website v1.0 was discovered to contain a SQL injection vulnerability via the id parameter in the view_plan endpoint. This vulnerability allows attackers to dump the application's d... | 9.8 | CRITICAL | β | 0 |
| CVE-2023-24093 An access control issue in H3C A210-G A210-GV100R005 allows attackers to authenticate without a password. | 9.8 | CRITICAL | β | 0 |
| CVE-2021-43140 SQL Injection vulnerability exists in Sourcecodester. Simple Subscription Website 1.0. via the login. | 9.8 | CRITICAL | β | 0 |
| CVE-2024-49803 IBM Security Verify Access Appliance 10.0.0 through 10.0.8 could allow a remote authenticated attacker to execute arbitrary commands on the system by sending a specially crafted request. | 9.8 | CRITICAL | β | 0 |
| CVE-2022-40021 QVidium Technologies Amino A140 (prior to firmware version 1.0.0-283) was discovered to contain a command injection vulnerability. | 9.8 | CRITICAL | β | 0 |
| CVE-2023-22855 Kardex Mlog MCC 5.7.12+0-a203c2a213-master allows remote code execution. It spawns a web interface listening on port 8088. A user-controllable path is handed to a path-concatenation method (Path.Combi... | 9.8 | CRITICAL | β | 0 |
| CVE-2023-23064 TOTOLINK A720R V4.1.5cu.532_ B20210610 is vulnerable to Incorrect Access Control. | 9.8 | CRITICAL | β | 0 |
| CVE-2025-24905 WeGIA is a Web Manager for Charitable Institutions. A SQL Injection vulnerability was discovered in the WeGIA application, `get_codigobarras_cobranca.php` endpoint. This vulnerability could allow an a... | 9.8 | CRITICAL | β | 0 |
| CVE-2018-13873 An issue was discovered in the HDF HDF5 1.8.20 library. There is a buffer over-read in H5O_chunk_deserialize in H5Ocache.c. | 9.8 | CRITICAL | β | 0 |
| CVE-2024-54756 A remote code execution (RCE) vulnerability in the ZScript function of ZDoom Team GZDoom v4.13.1 allows attackers to execute arbitrary code via supplying a crafted PK3 file containing a malicious ZScr... | 9.8 | CRITICAL | β | 0 |
| CVE-2024-32041 FreeRDP is a free implementation of the Remote Desktop Protocol. FreeRDP based clients that use a version of FreeRDP prior to 3.5.0 or 2.11.6 are vulnerable to out-of-bounds read. Versions 3.5.0 and 2... | 9.8 | CRITICAL | β | 0 |
| CVE-2024-57401 SQL Injection vulnerability in Uniclare Student portal v.2 and before allows a remote attacker to execute arbitrary code via the Forgot Password function. | 9.8 | CRITICAL | β | 0 |
| CVE-2022-46892 In Ampere AltraMax and Ampere Altra before 2.10c, improper access controls allows the OS to reinitialize a disabled root complex. | 9.8 | CRITICAL | β | 0 |
| CVE-2021-35261 File Upload Vulnerability in Yupoxion BearAdmin before commit 10176153528b0a914eb4d726e200fd506b73b075 allows attacker to execute arbitrary remote code via the Upfile function of the extend/tools/Uedi... | 9.8 | CRITICAL | β | 0 |
| CVE-2023-26092 Liima before 1.17.28 allows server-side template injection. | 9.8 | CRITICAL | β | 0 |
| CVE-2024-57595 DLINK DIR-825 REVB 2.03 devices have an OS command injection vulnerability in the CGl interface apc_client_pin.cgi, which allows remote attackers to execute arbitrary commands via the parameter "wps_p... | 9.8 | CRITICAL | β | 0 |
| CVE-2025-0674 Multiple Elber products are affected by an authentication bypass vulnerability which allows unauthorized access to the password management functionality. Attackers can exploit this issue by manipul... | 9.8 | CRITICAL | β | 0 |
| CVE-2025-1061 The Nextend Social Login Pro plugin for WordPress is vulnerable to authentication bypass in versions up to, and including, 3.1.16. This is due to insufficient verification on the user being supplied d... | 9.8 | CRITICAL | β | 0 |
| CVE-2024-13182 The WP Directorybox Manager plugin for WordPress is vulnerable to Authentication Bypass in all versions up to, and including, 2.5. This is due to incorrect authentication in the 'wp_dp_parse_request' ... | 9.8 | CRITICAL | β | 0 |
| CVE-2025-0316 The WP Directorybox Manager plugin for WordPress is vulnerable to authentication bypass in versions up to, and including, 2.5. This is due to incorrect authentication in the 'wp_dp_enquiry_agent_conta... | 9.8 | CRITICAL | β | 0 |
| CVE-2025-25286 Crayfish is a collection of Islandora 8 microservices, one of which, Homarus, provides FFmpeg as a microservice. Prior to Crayfish version 4.1.0, remote code execution may be possible in web-accessibl... | 9.8 | CRITICAL | β | 0 |
| CVE-2024-13011 The WP Foodbakery plugin for WordPress is vulnerable to arbitrary file uploads due to insufficient file type validation in the 'upload_publisher_profile_image' function in versions up to, and includin... | 9.8 | CRITICAL | β | 0 |
| CVE-2024-9862 The Miniorange OTP Verification with Firebase plugin for WordPress is vulnerable to Arbitrary User Password Change in versions up to, and including, 3.6.0. This is due to the plugin providing user-con... | 9.8 | CRITICAL | β | 0 |
| CVE-2023-24220 LuckyframeWEB v3.5 was discovered to contain a SQL injection vulnerability via the dataScope parameter at /system/RoleMapper.xml. | 9.8 | CRITICAL | β | 0 |
| CVE-2022-48323 Sunlogin Sunflower Simplified (aka Sunflower Simple and Personal) 1.0.1.43315 is vulnerable to a path traversal issue. A remote and unauthenticated attacker can execute arbitrary programs on the victi... | 9.8 | CRITICAL | β | 0 |
| CVE-2024-12366 PandasAI uses an interactive prompt function that is vulnerable to prompt injection and run arbitrary Python code that can lead to Remote Code Execution (RCE) instead of the intended explanation of th... | 9.8 | CRITICAL | β | 0 |
| CVE-2022-48322 NETGEAR Nighthawk WiFi Mesh systems and routers are affected by a stack-based buffer overflow vulnerability. This affects MR60 before 1.1.7.132, MS60 before 1.1.7.132, R6900P before 1.3.3.154, R7000P ... | 9.8 | CRITICAL | β | 0 |
| CVE-2024-52295 DataEase is an open source data visualization analysis tool. Prior to 2.10.2, DataEase allows attackers to forge jwt and take over services. The JWT secret is hardcoded in the code, and the UID and OI... | 9.8 | CRITICAL | β | 0 |
| CVE-2024-53320 Qualisys C++ SDK commit a32a21a was discovered to contain multiple stack buffer overflows via the GetCurrentFrame, SaveCapture, and LoadProject functions. | 9.8 | CRITICAL | β | 0 |
| CVE-2023-26093 Liima before 1.17.28 allows Hibernate query language (HQL) injection, related to colToSort in the deployment filter. | 9.8 | CRITICAL | β | 0 |
| CVE-2023-23453 Missing Authentication for Critical Function in SICK FX0-GENT v3 Firmware Version V3.04 and V3.05 allows an unprivileged remote attacker to achieve arbitrary remote code execution via maliciously craf... | 9.8 | CRITICAL | β | 0 |
| CVE-2025-25530 Buffer overflow vulnerability in Digital China DCBI-Netlog-LAB Gateway 1.0 due to the lack of length verification, which is related to saving parental control configuration information. Attackers who ... | 9.8 | CRITICAL | β | 0 |
| CVE-2022-48337 GNU Emacs through 28.2 allows attackers to execute commands via shell metacharacters in the name of a source-code file, because lib-src/etags.c uses the system C library function in its implementation... | 9.8 | CRITICAL | β | 0 |
| CVE-2025-1044 Logsign Unified SecOps Platform Authentication Bypass Vulnerability. This vulnerability allows remote attackers to bypass authentication on affected installations of Logsign Unified SecOps Platform. A... | 9.8 | CRITICAL | β | 0 |
| CVE-2023-46400 KWHotel 0.47 is vulnerable to CSV Formula Injection in the add guest function. | 9.8 | CRITICAL | β | 0 |
| CVE-2023-46401 KWHotel 0.47 is vulnerable to CSV Formula Injection in the invoice adding function. | 9.8 | CRITICAL | β | 0 |
| CVE-2023-24219 LuckyframeWEB v3.5 was discovered to contain a SQL injection vulnerability via the dataScope parameter at /system/UserMapper.xml. | 9.8 | CRITICAL | β | 0 |
| CVE-2024-13545 The Bootstrap Ultimate theme for WordPress is vulnerable to Local File Inclusion in all versions up to, and including, 1.4.9 via the path parameter. This makes it possible for unauthenticated attacker... | 9.8 | CRITICAL | β | 0 |
| CVE-2024-10285 The CE21 Suite plugin for WordPress is vulnerable to sensitive information disclosure via the plugin-log.txt in versions up to, and including, 2.2.0. This makes it possible for unauthenticated attacke... | 9.8 | CRITICAL | β | 0 |
| CVE-2023-24352 D-Link N300 WI-FI Router DIR-605L v2.13B01 was discovered to contain a stack overflow via the webpage parameter at /goform/formWPS. | 9.8 | CRITICAL | β | 0 |
| CVE-2023-24351 D-Link N300 WI-FI Router DIR-605L v2.13B01 was discovered to contain a stack overflow via the FILECODE parameter at /goform/formLogin. | 9.8 | CRITICAL | β | 0 |
| CVE-2023-24350 D-Link N300 WI-FI Router DIR-605L v2.13B01 was discovered to contain a stack overflow via the config.smtp_email_subject parameter at /goform/formSetEmail. | 9.8 | CRITICAL | β | 0 |
This product uses data from the NVD API but is not endorsed or certified by the NVD.