Vulnerabilidades CVE
Base de datos de vulnerabilidades CVE enriquecida con datos de CISA KEV y NVD
| CVE ID | CVSS | Severidad | KEV | Avistamientos |
|---|---|---|---|---|
| CVE-2026-25997 FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to version 3.23.0, `xf_clipboard_format_equal` reads freed `lastSentFormats` memory because `xf_clipboard_formats_free` (called f... | 9.8 | CRITICAL | β | 0 |
| CVE-2022-50981 An unauthenticated remote attacker can gain full access on the affected devices as they are shipped without a password by default and setting one is not enforced. | 9.8 | CRITICAL | β | 0 |
| CVE-2026-21656 Improper Control of Generation of Code ('Code Injection') vulnerability in Johnson Controls Frick Controls Quantum HD allows Code Injection.Β Insufficient validation of input in certain parameters may ... | 9.8 | CRITICAL | β | 0 |
| CVE-2026-21854 The Tarkov Data Manager is a tool to manage the Tarkov item data. Prior to 02 January 2025, an authentication bypass vulnerability in the login endpoint allows any unauthenticated user to gain full ad... | 9.8 | CRITICAL | β | 0 |
| CVE-2026-24108 An issue was discovered in Tenda W20E V4.0br_V15.11.0.6. Attackers may exploit the vulnerability by controlling the value of `nptr`. When this value is passed into the `getMibPrefix` function and conc... | 9.8 | CRITICAL | β | 0 |
| CVE-2023-54329 Inbit Messenger 4.6.0 - 4.9.0 contains a remote command execution vulnerability that allows unauthenticated attackers to execute arbitrary commands by exploiting a stack overflow in the messenger's pr... | 9.8 | CRITICAL | β | 0 |
| CVE-2026-23906 Affected Products and Versions * Apache Druid * Affected Versions: 0.17.0 through 35.x (all versions prior to 36.0.0) * Prerequisites: * druid-basic-security extension enabled * LDAP aut... | 9.8 | CRITICAL | β | 0 |
| CVE-2026-23518 Fleet is open source device management software. In versions prior to 4.78.3, 4.77.1, 4.76.2, 4.75.2, and 4.53.3, a vulnerability in Fleet's Windows MDM enrollment flow could allow an attacker to subm... | 9.8 | CRITICAL | β | 0 |
| CVE-2025-68541 Deserialization of Untrusted Data vulnerability in BoldThemes Ippsum ippsum allows Object Injection.This issue affects Ippsum: from n/a through <= 1.2.0. | 9.8 | CRITICAL | β | 0 |
| CVE-2020-37075 LanSend 3.2 contains a buffer overflow vulnerability in the Add Computers Wizard file import functionality that allows remote attackers to execute arbitrary code. Attackers can craft a malicious paylo... | 9.8 | CRITICAL | β | 0 |
| CVE-2026-23883 FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to version 3.21.0, `xf_Pointer_New` frees `cursorPixels` on failure, then `pointer_free` calls `xf_Pointer_Free` and frees it aga... | 9.8 | CRITICAL | β | 0 |
| CVE-2026-0794 ALGO 8180 IP Audio Alerter SIP Use-After-Free Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of ALGO 8180 IP Audio ... | 9.8 | CRITICAL | β | 0 |
| CVE-2025-11242 Server-Side Request Forgery (SSRF) vulnerability in Teknolist Computer Systems Software Publishing Industry and Trade Inc. Okulistik allows Server Side Request Forgery.This issue affects Okulistik: th... | 9.8 | CRITICAL | β | 0 |
| CVE-2026-24306 Improper access control in Azure Front Door (AFD) allows an unauthorized attacker to elevate privileges over a network. | 9.8 | CRITICAL | β | 0 |
| CVE-2026-1774 CASL Ability, versions 2.4.0 through 6.7.4, contains a prototype pollution vulnerability. | 9.8 | CRITICAL | β | 0 |
| CVE-2021-47753 phpKF CMS 3.00 Beta y6 contains an unauthenticated file upload vulnerability that allows remote attackers to execute arbitrary code by bypassing file extension checks. Attackers can upload a PHP file ... | 9.8 | CRITICAL | β | 0 |
| CVE-2026-2095 Agentflow developed by Flowring has an Authentication Bypass vulnerability, allowing unauthenticated remote attackers to exploit a specific functionality to obtain arbitrary user authentication token ... | 9.8 | CRITICAL | β | 0 |
| CVE-2025-69270 Information Exposure Through Query Strings in GET Request vulnerability in Broadcom DX NetOps Spectrum on Windows, Linux allows Session Hijacking.This issue affects DX NetOps Spectrum: 24.3.8 and earl... | 9.8 | CRITICAL | β | 0 |
| CVE-2026-22365 Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in axiomthemes Soleng soleng allows PHP Local File Inclusion.This issue affects So... | 9.8 | CRITICAL | β | 0 |
| CVE-2017-20216 FLIR Thermal Camera PT-Series firmware version 8.0.0.64 contains multiple unauthenticated remote command injection vulnerabilities in the controllerFlirSystem.php script. Attackers can execute arbitra... | 9.8 | CRITICAL | β | 0 |
| CVE-2026-21531 Deserialization of untrusted data in Azure SDK allows an unauthorized attacker to execute code over a network. | 9.8 | CRITICAL | β | 0 |
| CVE-2019-25268 NREL BEopt 2.8.0.0 contains a DLL hijacking vulnerability that allows attackers to load arbitrary libraries by tricking users into opening application files from remote shares. Attackers can exploit i... | 9.8 | CRITICAL | β | 0 |
| CVE-2025-15018 The Optional Email plugin for WordPress is vulnerable to Privilege Escalation via Account Takeover in all versions up to, and including, 1.3.11. This is due to the plugin not restricting its 'random_p... | 9.8 | CRITICAL | β | 0 |
| CVE-2025-47552 Deserialization of Untrusted Data vulnerability in Digital zoom studio DZS Video Gallery allows Object Injection.This issue affects DZS Video Gallery: from n/a through 12.37. | 9.8 | CRITICAL | β | 0 |
| CVE-2026-25938 FUXA is a web-based Process Visualization (SCADA/HMI/Dashboard) software. From 1.2.8 through 1.2.10, an authentication bypass vulnerability in FUXA allows an unauthenticated, remote attacker to execut... | 9.8 | CRITICAL | β | 0 |
| CVE-2026-2096 Agentflow developed by Flowring has a Missing Authentication vulnerability, allowing unauthenticated remote attackers to read, modify, and delete database contents by using a specific functionality. | 9.8 | CRITICAL | β | 0 |
| CVE-2026-23519 RustCrypto CMOV provides conditional move CPU intrinsics which are guaranteed on major platforms to execute in constant-time and not be rewritten as branches by the compiler. Prior to 0.4.4, the thumb... | 9.8 | CRITICAL | β | 0 |
| CVE-2025-67079 File upload vulnerability in Omnispace Agora Project before 25.10 allowing attackers to execute code through the MSL engine of the Imagick library via crafted PDF file to the file upload and thumbnail... | 9.8 | CRITICAL | β | 0 |
| CVE-2026-22034 Snuffleupagus is a module that raises the cost of attacks against website by killing bug classes and providing a virtual patching system. On deployments of Snuffleupagus prior to version 0.13.0 with t... | 9.8 | CRITICAL | β | 0 |
| CVE-2026-27727 mchange-commons-java, a library that provides Java utilities, includes code that mirrors early implementations of JNDI functionality, including support for remote `factoryClassLocation` values, by whi... | 9.8 | CRITICAL | β | 0 |
| CVE-2026-25893 FUXA is a web-based Process Visualization (SCADA/HMI/Dashboard) software. Prior to 1.2.10, an authentication bypass vulnerability in FUXA allows an unauthenticated, remote attacker to gain administrat... | 9.8 | CRITICAL | β | 0 |
| CVE-2025-14502 The News and Blog Designer Bundle plugin for WordPress is vulnerable to Local File Inclusion in all versions up to, and including, 1.1 via the template parameter. This makes it possible for unauthenti... | 9.8 | CRITICAL | β | 0 |
| CVE-2026-25141 Orval generates type-safe JS clients (TypeScript) from any valid OpenAPI v3 or Swagger v2 specification. Versions starting with 7.19.0 and prior to 7.21.0 and 8.2.0 have an incomplete fix for CVE-2026... | 9.8 | CRITICAL | β | 0 |
| CVE-2021-47748 Hasura GraphQL 1.3.3 contains a remote code execution vulnerability that allows attackers to execute arbitrary shell commands through SQL query manipulation. Attackers can inject commands into the run... | 9.8 | CRITICAL | β | 0 |
| CVE-2026-23534 FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to version 3.21.0, a client-side heap buffer overflow occurs in the ClearCodec bands decode path when crafted band coordinates al... | 9.8 | CRITICAL | β | 0 |
| CVE-2023-54330 Inbit Messenger versions 4.6.0 to 4.9.0 contain a remote stack-based buffer overflow vulnerability that allows unauthenticated attackers to execute arbitrary code by sending malformed network packets.... | 9.8 | CRITICAL | β | 0 |
| CVE-2026-23533 FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to version 3.21.0, a client-side heap buffer overflow occurs in the RDPGFX ClearCodec decode path when maliciously crafted residu... | 9.8 | CRITICAL | β | 0 |
| CVE-2026-25894 FUXA is a web-based Process Visualization (SCADA/HMI/Dashboard) software. An insecure default configuration in FUXA allows an unauthenticated, remote attacker to gain administrative access and execute... | 9.8 | CRITICAL | β | 0 |
| CVE-2019-25282 V-SOL GPON/EPON OLT Platform v2.03 contains an open redirect vulnerability in the script that allows attackers to manipulate the 'parent' GET parameter. Attackers can craft malicious links that redire... | 9.8 | CRITICAL | β | 0 |
| CVE-2025-70457 A Remote Code Execution (RCE) vulnerability exists in Sourcecodester Modern Image Gallery App v1.0 within the gallery/upload.php component. The application fails to properly validate uploaded file con... | 9.8 | CRITICAL | β | 0 |
| CVE-2020-37000 Free MP3 CD Ripper 2.8 contains a stack buffer overflow vulnerability that allows remote attackers to execute arbitrary code by crafting a malicious WAV file with oversized payload. Attackers can leve... | 9.8 | CRITICAL | β | 0 |
| CVE-2025-61506 An issue was discovered in MediaCrush thru 1.0.1 allowing remote unauthenticated attackers to upload arbitrary files of any size to the /upload endpoint. | 9.8 | CRITICAL | β | 0 |
| CVE-2020-36997 BacklinkSpeed 2.4 contains a buffer overflow vulnerability that allows attackers to corrupt the Structured Exception Handler (SEH) chain through malicious file import. Attackers can craft a specially ... | 9.8 | CRITICAL | β | 0 |
| CVE-2026-2805 Invalid pointer in the DOM: Core & HTML component. This vulnerability affects Firefox < 148 and Thunderbird < 148. | 9.8 | CRITICAL | β | 0 |
| CVE-2026-25814 PlaciPy is a placement management system designed for educational institutions. In version 1.0.0, User-controlled query parameters are passed directly into DynamoDB query/filter construction without v... | 9.8 | CRITICAL | β | 0 |
| CVE-2019-25296 The WP Cost Estimation plugin for WordPress is vulnerable to arbitrary file uploads and deletion due to missing file type validation in the lfb_upload_form and lfb_removeFile AJAX actions in versions ... | 9.8 | CRITICAL | β | 0 |
| CVE-2021-47851 Mini Mouse 9.2.0 contains a remote code execution vulnerability that allows attackers to execute arbitrary commands through an unauthenticated HTTP endpoint. Attackers can leverage the /op=command end... | 9.8 | CRITICAL | β | 0 |
| CVE-2025-60534 Blue Access Cobalt v02.000.195 suffers from an authentication bypass vulnerability, which allows an attacker to selectively proxy requests in order to operate functionality on the web application with... | 9.8 | CRITICAL | β | 0 |
| CVE-2026-25875 PlaciPy is a placement management system designed for educational institutions. In version 1.0.0, The admin authorization middleware trusts client-controlled JWT claims (role and scope) without enforc... | 9.8 | CRITICAL | β | 0 |
| CVE-2025-69079 Deserialization of Untrusted Data vulnerability in ThemeREX Sound | Musical Instruments Online Store musicplace allows Object Injection.This issue affects Sound | Musical Instruments Online Store: fro... | 9.8 | CRITICAL | β | 0 |
This product uses data from the NVD API but is not endorsed or certified by the NVD.