Vulnerabilidades CVE
Base de datos de vulnerabilidades CVE enriquecida con datos de CISA KEV y NVD
| CVE ID | CVSS | Severidad | KEV | Avistamientos |
|---|---|---|---|---|
| CVE-2017-18025 cgi-bin/drknow.cgi in Innotube ITGuard-Manager 0.0.0.1 allows remote attackers to execute arbitrary OS commands via shell metacharacters in the username field, as demonstrated by a username beginning ... | 9.8 | CRITICAL | β | 0 |
| CVE-2024-43698 Kieback & Peter's DDC4000 seriesΒ uses weak credentials, which may allow an unauthenticated attacker to get full admin rights on the system. | 9.8 | CRITICAL | β | 0 |
| CVE-2024-48779 An issue in Wanxing Technology's Yitu project Management Software 3.2.2 allows a remote attacker to execute arbitrary code via the platformpluginpath parameter to specify that the qt plugin loads the ... | 9.8 | CRITICAL | β | 0 |
| CVE-2024-40125 An arbitrary file upload vulnerability in the Media Manager function of Closed-Loop Technology CLESS Server v4.5.2 allows attackers to execute arbitrary code via uploading a crafted PHP file to the up... | 9.8 | CRITICAL | β | 0 |
| CVE-2024-46957 Mellium mellium.im/xmpp 0.0.1 through 0.21.4 allows response spoofing if the implementation uses predictable IDs because the stanza type is not checked. This is fixed in 0.22.0. | 9.8 | CRITICAL | β | 0 |
| CVE-2024-21216 Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: Core). Supported versions that are affected are 12.2.1.4.0 and 14.1.1.0.0. Easily exploitable vulnerabilit... | 9.8 | CRITICAL | β | 0 |
| CVE-2024-9105 The UltimateAI plugin for WordPress is vulnerable to authentication bypass in versions up to, and including, 2.8.3. This is due to insufficient verification on the user being supplied in the 'ultimate... | 9.8 | CRITICAL | β | 0 |
| CVE-2024-48781 An issue in Wanxing Technology Yitu Project Management Kirin Edition 2.3.6 allows a remote attacker to execute arbitrary code via a specially constructed so file/opt/EdrawProj-2/plugins/imageformat. | 9.8 | CRITICAL | β | 0 |
| CVE-2024-45410 Traefik is a golang, Cloud Native Application Proxy. When a HTTP request is processed by Traefik, certain HTTP headers such as X-Forwarded-Host or X-Forwarded-Port are added by Traefik before the requ... | 9.8 | CRITICAL | β | 0 |
| CVE-2024-9234 The GutenKit β Page Builder Blocks, Patterns, and Templates for Gutenberg Block Editor plugin for WordPress is vulnerable to arbitrary file uploads due to a missing capability check on the install_and... | 9.8 | CRITICAL | β | 0 |
| CVE-2024-46983 sofa-hessian is an internal improved version of Hessian3/4 powered by Ant Group CO., Ltd. The SOFA Hessian protocol uses a blacklist mechanism to restrict deserialization of potentially dangerous clas... | 9.8 | CRITICAL | β | 0 |
| CVE-2024-45746 An issue was discovered in Trusted Firmware-M through 2.1.0. User provided (and controlled) mailbox messages contain a pointer to a list of input arguments (in_vec) and output arguments (out_vec). The... | 9.8 | CRITICAL | β | 0 |
| CVE-2017-1000497 Pepperminty-Wiki version 0.15 is vulnerable to XXE attacks in the getsvgsize function resulting in denial of service and possibly remote code execution | 9.8 | CRITICAL | β | 0 |
| CVE-2024-25825 FydeOS for PC 17.1 R114, FydeOS for VMware 17.0 R114, FydeOS for You 17.1 R114, and OpenFyde R114 were discovered to be configured with the root password saved as a wildcard. This allows attackers to ... | 9.8 | CRITICAL | β | 0 |
| CVE-2024-9518 The UserPlus plugin for WordPress is vulnerable to privilege escalation in versions up to, and including, 2.0 due to insufficient restriction on the 'form_actions' and 'userplus_update_user_profile' f... | 9.8 | CRITICAL | β | 0 |
| CVE-2024-48257 Wavelog 1.8.5 allows Oqrs_model.php get_worked_modes station_id SQL injectioin. | 9.8 | CRITICAL | β | 0 |
| CVE-2013-3317 Netgear WNR1000v3 with firmware before 1.0.2.60 contains an Authentication Bypass via the NtgrBak key. | 9.8 | CRITICAL | β | 0 |
| CVE-2020-8772 The InfiniteWP Client plugin before 1.9.4.5 for WordPress has a missing authorization check in iwp_mmb_set_request in init.php. Any attacker who knows the username of an administrator can log in. | 9.8 | CRITICAL | β | 0 |
| CVE-2020-5531 Mitsubishi Electric MELSEC C Controller Module and MELIPC Series MI5000 MELSEC-Q Series C Controller Module(Q24DHCCPU-V, Q24DHCCPU-VG User Ethernet port (CH1, CH2): First 5 digits of serial number 211... | 9.8 | CRITICAL | β | 0 |
| CVE-2013-1599 A Command Injection vulnerability exists in the /var/www/cgi-bin/rtpd.cgi script in D-Link IP Cameras DCS-3411/3430 firmware 1.02, DCS-5605/5635 1.01, DCS-1100L/1130L 1.04, DCS-1100/1130 1.03, DCS-110... | 9.8 | CRITICAL | β | 0 |
| CVE-2012-6451 Lorex LNC116 and LNC104 IP Cameras have a Remote Authentication Bypass Vulnerability | 9.8 | CRITICAL | β | 0 |
| CVE-2020-7245 Incorrect username validation in the registration process of CTFd v2.0.0 - v2.2.2 allows an attacker to take over an arbitrary account if the username is known and emails are enabled on the CTFd insta... | 9.8 | CRITICAL | β | 0 |
| CVE-2014-9390 Git before 1.8.5.6, 1.9.x before 1.9.5, 2.0.x before 2.0.5, 2.1.x before 2.1.4, and 2.2.x before 2.2.1 on Windows and OS X; Mercurial before 3.2.3 on Windows and OS X; Apple Xcode before 6.2 beta 3; m... | 9.8 | CRITICAL | β | 0 |
| CVE-2014-2595 Barracuda Web Application Firewall (WAF) 7.8.1.013 allows remote attackers to bypass authentication by leveraging a permanent authentication token obtained from a query string. | 9.8 | CRITICAL | β | 0 |
| CVE-2014-0234 The default configuration of broker.conf in Red Hat OpenShift Enterprise 2.x before 2.1 has a password of "mooo" for a Mongo account, which allows remote attackers to hijack the broker by providing th... | 9.8 | CRITICAL | β | 0 |
| CVE-2019-17570 An untrusted deserialization was found in the org.apache.xmlrpc.parser.XmlRpcResponseParser:addResult method of Apache XML-RPC (aka ws-xmlrpc) library. A malicious XML-RPC server could target a XML-RP... | 9.8 | CRITICAL | β | 0 |
| CVE-2020-8443 In OSSEC-HIDS 2.7 through 3.5.0, the server component responsible for log analysis (ossec-analysisd) is vulnerable to an off-by-one heap-based buffer overflow during the cleaning of crafted syslog msg... | 9.8 | CRITICAL | β | 0 |
| CVE-2020-8444 In OSSEC-HIDS 2.7 through 3.5.0, the server component responsible for log analysis (ossec-analysisd) is vulnerable to a use-after-free during processing of ossec-alert formatted msgs (received from au... | 9.8 | CRITICAL | β | 0 |
| CVE-2012-6649 WordPress WP GPX Maps Plugin 1.1.21 allows remote attackers to execute arbitrary PHP code via improper file upload. | 9.8 | CRITICAL | β | 0 |
| CVE-2020-7941 A privilege escalation issue in plone.app.contenttypes in Plone 4.3 through 5.2.1 allows users to PUT (overwrite) some content without needing write permission. | 9.8 | CRITICAL | β | 0 |
| CVE-2013-1360 An Authentication Bypass vulnerability exists in DELL SonicWALL Global Management System (GMS) 4.1, 5.0, 5.1, 6.0, and 7.0, Analyzer 7.0, Universal Management Appliance (UMA) 5.1, 6.0, and 7.0 and Vie... | 9.8 | CRITICAL | β | 0 |
| CVE-2014-5007 Directory traversal vulnerability in the agentLogUploader servlet in ZOHO ManageEngine Desktop Central (DC) and Desktop Central Managed Service Providers (MSP) edition before 9 build 90055 allows remo... | 9.8 | CRITICAL | β | 0 |
| CVE-2020-8445 In OSSEC-HIDS 2.7 through 3.5.0, the OS_CleanMSG function in ossec-analysisd doesn't remove or encode terminal control characters or newlines from processed log messages. In many cases, those characte... | 9.8 | CRITICAL | β | 0 |
| CVE-2013-0803 A PHP File Upload Vulnerability exists in PolarBear CMS 2.5 via upload.php, which could let a malicious user execute arbitrary code. | 9.8 | CRITICAL | β | 0 |
| CVE-2014-8089 SQL injection vulnerability in Zend Framework before 1.12.9, 2.2.x before 2.2.8, and 2.3.x before 2.3.3, when using the sqlsrv PHP extension, allows remote attackers to execute arbitrary SQL commands ... | 9.8 | CRITICAL | β | 0 |
| CVE-2013-1359 An Authentication Bypass Vulnerability exists in DELL SonicWALL Analyzer 7.0, Global Management System (GMS) 4.1, 5.0, 5.1, 6.0, and 7.0; Universal Management Appliance (UMA) 5.1, 6.0, and 7.0 and Vie... | 9.8 | CRITICAL | β | 0 |
| CVE-2015-5334 Off-by-one error in the OBJ_obj2txt function in LibreSSL before 2.3.1 allows remote attackers to cause a denial of service (program crash) or possible execute arbitrary code via a crafted X.509 certif... | 9.8 | CRITICAL | β | 0 |
| CVE-2013-1592 A Buffer Overflow vulnerability exists in the Message Server service _MsJ2EE_AddStatistics() function when sending specially crafted SAP Message Server packets to remote TCP ports 36NN and/or 39NN in ... | 9.8 | CRITICAL | β | 0 |
| CVE-2013-3323 A Privilege Escalation Vulnerability exists in IBM Maximo Asset Management 7.5, 7.1, and 6.2, when WebSeal with Basic Authentication is used, due to a failure to invalidate the authentication session,... | 9.8 | CRITICAL | β | 0 |
| CVE-2020-7233 KMS Controls BAC-A1616BC BACnet devices have a cleartext password of snowman in the BACKDOOR_NAME variable in the BC_Logon.swf file. | 9.8 | CRITICAL | β | 0 |
| CVE-2019-16517 An issue was discovered in ConnectWise Control (formerly known as ScreenConnect) 19.3.25270.7185. There is a CORS misconfiguration, which reflected the Origin provided by incoming requests. This allow... | 9.8 | CRITICAL | β | 0 |
| CVE-2013-2057 YaBB through 2.5.2: 'guestlanguage' Cookie Parameter Local File Include Vulnerability | 9.8 | CRITICAL | β | 0 |
| CVE-2014-2025 Unrestricted file upload vulnerability in an unspecified third party tool in United Planet Intrexx Professional before 5.2 Online Update 0905 and 6.x before 6.0 Online Update 10 allows remote attacker... | 9.8 | CRITICAL | β | 0 |
| CVE-2020-8447 In OSSEC-HIDS 2.7 through 3.5.0, the server component responsible for log analysis (ossec-analysisd) is vulnerable to a use-after-free during processing of syscheck formatted msgs (received from authe... | 9.8 | CRITICAL | β | 0 |
| CVE-2013-3684 NextGEN Gallery plugin before 1.9.13 for WordPress: ngggallery.php file upload | 9.8 | CRITICAL | β | 0 |
| CVE-2014-8322 Stack-based buffer overflow in the tcp_test function in aireplay-ng.c in Aircrack-ng before 1.2 RC 1 allows remote attackers to execute arbitrary code via a crafted length parameter value. | 9.8 | CRITICAL | β | 0 |
| CVE-2020-8518 Horde Groupware Webmail Edition 5.2.22 allows injection of arbitrary PHP code via CSV data, leading to remote code execution. | 9.8 | CRITICAL | β | 0 |
| CVE-2020-7450 In FreeBSD 12.1-STABLE before r357213, 12.1-RELEASE before 12.1-RELEASE-p2, 12.0-RELEASE before 12.0-RELEASE-p13, 11.3-STABLE before r357214, and 11.3-RELEASE before 11.3-RELEASE-p6, URL handling in l... | 9.8 | CRITICAL | β | 0 |
| CVE-2019-19897 In IXP EasyInstall 6.2.13723, there is Remote Code Execution via the Agent Service. An unauthenticated attacker can communicate with the Agent Service over TCP port 20051, and execute code in the NT A... | 9.8 | CRITICAL | β | 0 |
| CVE-2014-9753 confirm.php in ATutor 2.2 and earlier allows remote attackers to bypass authentication and gain access as an existing user via the auto_login parameter. | 9.8 | CRITICAL | β | 0 |
This product uses data from the NVD API but is not endorsed or certified by the NVD.