Vulnerabilidades CVE
Base de datos de vulnerabilidades CVE enriquecida con datos de CISA KEV y NVD
| CVE ID | CVSS | Severidad | KEV | Avistamientos |
|---|---|---|---|---|
| CVE-2024-8584 Orca HCM from LEARNING DIGITAL has an Missing Authentication vulnerability, allowing unauthenticated remote attacker to exploit this functionality to create an account with administrator privilege and... | 9.8 | CRITICAL | β | 0 |
| CVE-2026-34877 An issue was discovered in Mbed TLS versions from 2.19.0 up to 3.6.5, Mbed TLS 4.0.0. Insufficient protection of serialized SSL context or session structures allows an attacker who can modify the seri... | 9.8 | CRITICAL | β | 0 |
| CVE-2021-36380 Sunhillo SureLine before 8.7.0.1.1 allows Unauthenticated OS Command Injection via shell metacharacters in ipAddr or dnsAddr /cgi/networkDiag.cgi. | 9.8 | CRITICAL | KEV | 0 |
| CVE-2018-25223 Crashmail 1.6 contains a stack-based buffer overflow vulnerability that allows remote attackers to execute arbitrary code by sending malicious input to the application. Attackers can craft payloads wi... | 9.8 | CRITICAL | β | 0 |
| CVE-2026-29014 MetInfo CMS versions 7.9, 8.0, and 8.1 contain an unauthenticated PHP code injection vulnerability that allows remote attackers to execute arbitrary code by sending crafted requests with malicious PHP... | 9.8 | CRITICAL | β | 0 |
| CVE-2018-25221 EChat Server 3.1 contains a buffer overflow vulnerability in the chat.ghp endpoint that allows remote attackers to execute arbitrary code by supplying an oversized username parameter. Attackers can se... | 9.8 | CRITICAL | β | 0 |
| CVE-2005-0496 Arkeia Network Backup Client 5.x contains hard-coded credentials that effectively serve as a back door, which allows remote attackers to access the file system and possibly execute arbitrary commands. | 9.8 | CRITICAL | β | 0 |
| CVE-2025-68263 In the Linux kernel, the following vulnerability has been resolved: ksmbd: ipc: fix use-after-free in ipc_msg_send_request ipc_msg_send_request() waits for a generic netlink reply using an ipc_msg_t... | 9.8 | CRITICAL | β | 0 |
| CVE-2025-59718 A improper verification of cryptographic signature vulnerability in Fortinet FortiOS 7.6.0 through 7.6.3, FortiOS 7.4.0 through 7.4.8, FortiOS 7.2.0 through 7.2.11, FortiOS 7.0.0 through 7.0.17, Forti... | 9.8 | CRITICAL | KEV | 0 |
| CVE-2002-2119 Novell eDirectory 8.6.2 and 8.7 use case insensitive passwords, which makes it easier for remote attackers to conduct brute force password guessing. | 9.8 | CRITICAL | β | 0 |
| CVE-2004-2214 Mbedthis AppWeb HTTP server before 1.1.3 allows remote attackers to bypass access restrictions via a URI with mixed case characters. | 9.8 | CRITICAL | β | 0 |
| CVE-2024-56000 Incorrect Privilege Assignment vulnerability in SeventhQueen K Elements k-elements allows Privilege Escalation.This issue affects K Elements: from n/a through < 5.4.0. | 9.8 | CRITICAL | β | 0 |
| CVE-2005-0408 CitrusDB 0.3.6 and earlier generates easily predictable MD5 hashes of the user name for the id_hash cookie, which allows remote attackers to bypass authentication and gain privileges by calculating th... | 9.8 | CRITICAL | β | 0 |
| CVE-2026-20093 A vulnerability in the change password functionality of Cisco Integrated Management Controller (IMC) could allow an unauthenticated, remote attacker to bypass authentication and gain access to the sys... | 9.8 | CRITICAL | β | 0 |
| CVE-2004-2154 CUPS before 1.1.21rc1 treats a Location directive in cupsd.conf as case sensitive, which allows attackers to bypass intended ACLs via a printer name containing uppercase or lowercase letters that are ... | 9.8 | CRITICAL | β | 0 |
| CVE-2024-37927 Incorrect Privilege Assignment vulnerability in NooTheme Jobmonster noo-jobmonster allows Privilege Escalation.This issue affects Jobmonster: from n/a through <= 4.7.5. | 9.8 | CRITICAL | β | 0 |
| CVE-2005-1141 Integer overflow in the readpgm function in pnm.c for GOCR 0.40, when using the netpbm library, allows remote attackers to execute arbitrary code via a PNM file with large width and height values, whi... | 9.8 | CRITICAL | β | 0 |
| CVE-2005-0199 Integer underflow in the Lists_MakeMask() function in lists.c in ngIRCd before 0.8.2 allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a ... | 9.8 | CRITICAL | β | 0 |
| CVE-2005-0269 The file extension check in GNUBoard 3.40 and earlier only verifies extensions that contain all lowercase letters, which allows remote attackers to upload arbitrary files via file extensions that incl... | 9.8 | CRITICAL | β | 0 |
| CVE-2025-37924 In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix use-after-free in kerberos authentication Setting sess->user = NULL was introduced to fix the dangling pointer created ... | 9.8 | CRITICAL | β | 0 |
| CVE-2024-38812 TheΒ vCenter Server contains a heap-overflow vulnerability in the implementation of the DCERPC protocol.Β A malicious actor with network access to vCenter Server may trigger this vulnerability by sendin... | 9.8 | CRITICAL | KEV | 0 |
| CVE-2024-40489 There is an injection vulnerability in jeecg boot versions 3.0.0 to 3.5.3 due to lax character filtering, which allows attackers to execute arbitrary code on components through specially crafted HTTP ... | 9.8 | CRITICAL | β | 0 |
| CVE-2025-47646 Weak Password Recovery Mechanism for Forgotten Password vulnerability in Gilblas Ngunte Possi PSW Front-end Login & Registration psw-login-and-registration allows Password Recovery Exploitation.This i... | 9.8 | CRITICAL | β | 0 |
| CVE-2026-23112 In the Linux kernel, the following vulnerability has been resolved: nvmet-tcp: add bounds checks in nvmet_tcp_build_pdu_iovec nvmet_tcp_build_pdu_iovec() could walk past cmd->req.sg when a PDU lengt... | 9.8 | CRITICAL | β | 0 |
| CVE-2025-67304 In Ruckus Network Director (RND) < 4.5.0.54, the OVA appliance contains hardcoded credentials for the ruckus PostgreSQL database user. In the default configuration, the PostgreSQL service is accessibl... | 9.8 | CRITICAL | β | 0 |
| CVE-2005-0102 Integer overflow in camel-lock-helper in Evolution 2.0.2 and earlier allows local users or remote malicious POP3 servers to execute arbitrary code via a length value of -1, which leads to a zero byte ... | 9.8 | CRITICAL | β | 0 |
| CVE-2026-20160 A vulnerability in Cisco Smart Software Manager On-Prem (SSM On-Prem) could allow an unauthenticated, remote attacker to execute arbitrary commands on the underlying operating system of an affected SS... | 9.8 | CRITICAL | β | 0 |
| CVE-2025-67305 In RUCKUS Network Director (RND) < 4.5.0.56, the OVA appliance contains hardcoded SSH keys for the postgres user. These keys are identical across all deployments, allowing an attacker with network acc... | 9.8 | CRITICAL | β | 0 |
| CVE-2026-30643 An issue was discovered in DedeCMS 5.7.118 allowing attackers to execute code via crafted setup tag values in a module upload. | 9.8 | CRITICAL | β | 0 |
| CVE-2026-2287 CrewAI does not properly check that Docker is still running during runtime, and will fall back to a sandbox setting that allows for RCE exploitation. | 9.8 | CRITICAL | β | 0 |
| CVE-2002-0639 Integer overflow in sshd in OpenSSH 2.9.9 through 3.3 allows remote attackers to execute arbitrary code during challenge response authentication (ChallengeResponseAuthentication) when OpenSSH is using... | 9.8 | CRITICAL | β | 0 |
| CVE-2025-69405 Deserialization of Untrusted Data vulnerability in ThemeREX Lorem Ipsum | Books & Media Store lorem-ipsum-books-media-store allows Object Injection.This issue affects Lorem Ipsum | Books & Media Store... | 9.8 | CRITICAL | β | 0 |
| CVE-2026-0558 A vulnerability in parisneo/lollms, up to and including version 2.2.0, allows unauthenticated users to upload and process files through the `/api/files/extract-text` endpoint. This endpoint does not e... | 9.8 | CRITICAL | β | 0 |
| CVE-2025-69404 Deserialization of Untrusted Data vulnerability in ThemeREX Extreme Store extremestore allows Object Injection.This issue affects Extreme Store: from n/a through <= 1.5.10. | 9.8 | CRITICAL | β | 0 |
| CVE-2025-69101 Authentication Bypass Using an Alternate Path or Channel vulnerability in AmentoTech Workreap Core workreap_core allows Authentication Abuse.This issue affects Workreap Core: from n/a through <= 3.4.1... | 9.8 | CRITICAL | β | 0 |
| CVE-2025-68869 Incorrect Privilege Assignment vulnerability in LazyCoders LLC LazyTasks lazytasks-project-task-management allows Privilege Escalation.This issue affects LazyTasks: from n/a through <= 1.2.37. | 9.8 | CRITICAL | β | 0 |
| CVE-2002-1820 register.php in Ultimate PHP Board (UPB) 1.0 and 1.0b uses an administrative account Admin with a capital "A," but allows a remote attacker to impersonate the administrator by registering an account n... | 9.8 | CRITICAL | β | 0 |
| CVE-2026-33640 Outline is a service that allows for collaborative documentation. Outline implements an Email OTP login flow for users not associated with an Identity Provider. Starting in version 0.86.0 and prior to... | 9.8 | CRITICAL | β | 0 |
| CVE-2026-32987 OpenClaw before 2026.3.13 allows bootstrap setup codes to be replayed during device pairing verification in src/infra/device-bootstrap.ts. Attackers can verify a valid bootstrap code multiple times be... | 9.8 | CRITICAL | β | 0 |
| CVE-2025-60214 Deserialization of Untrusted Data vulnerability in BoldThemes Goldenblatt goldenblatt allows Object Injection.This issue affects Goldenblatt: from n/a through < 1.3.0. | 9.8 | CRITICAL | β | 0 |
| CVE-2025-60216 Deserialization of Untrusted Data vulnerability in BoldThemes Addison addison allows Object Injection.This issue affects Addison: from n/a through < 1.4.8. | 9.8 | CRITICAL | β | 0 |
| CVE-2026-3300 The Everest Forms Pro plugin for WordPress is vulnerable to Remote Code Execution via PHP Code Injection in all versions up to, and including, 1.9.12. This is due to the Calculation Addon's process_fi... | 9.8 | CRITICAL | β | 0 |
| CVE-2026-20998 Improper authentication in Smart Switch prior to version 3.7.69.15 allows remote attackers to bypass authentication. | 9.8 | CRITICAL | β | 0 |
| CVE-2026-4851 GRID::Machine versions through 0.127 for Perl allows arbitrary code execution via unsafe deserialization. GRID::Machine provides Remote Procedure Calls (RPC) over SSH for Perl. The client connects to... | 9.8 | CRITICAL | β | 0 |
| CVE-2002-1347 Multiple buffer overflows in Cyrus SASL library 2.1.9 and earlier allow remote attackers to cause a denial of service and possibly execute arbitrary code via (1) long inputs during user name canonical... | 9.8 | CRITICAL | β | 0 |
| CVE-2026-2286 CrewAI contains a server-side request forgery vulnerability that enables content acquisition from internal and cloud services, facilitated by the RAG search tools not properly validating URLs provided... | 9.8 | CRITICAL | β | 0 |
| CVE-2026-27697 baserCMS is a website development framework. Prior to version 5.2.3, baserCMS has a SQL injection vulnerability in blog posts. This issue has been patched in version 5.2.3. | 9.8 | CRITICAL | β | 0 |
| CVE-2002-0391 Integer overflow in xdr_array function in RPC servers for operating systems that use libc, glibc, or other code based on SunRPC including dietlibc, allows remote attackers to execute arbitrary code by... | 9.8 | CRITICAL | β | 0 |
| CVE-2026-30457 An issue in the /parser/dwoo component of Daylight Studio FuelCMS v1.5.2 allows attackers to execute arbitrary code via crafted PHP code. | 9.8 | CRITICAL | β | 0 |
| CVE-2017-20225 TiEmu 2.08 and prior contains a stack-based buffer overflow vulnerability that allows attackers to execute arbitrary code by exploiting inadequate boundary checks on user-supplied input. Attackers can... | 9.8 | CRITICAL | β | 0 |
This product uses data from the NVD API but is not endorsed or certified by the NVD.