Vulnerabilidades CVE
Base de datos de vulnerabilidades CVE enriquecida con datos de CISA KEV y NVD
| CVE ID | CVSS | Severidad | KEV | Avistamientos |
|---|---|---|---|---|
| CVE-2021-27169 An issue was discovered on FiberHome AN5506-04-FA devices with firmware RP2631. There is a gepon password for the gepon account. | 9.8 | CRITICAL | β | 0 |
| CVE-2021-27170 An issue was discovered on FiberHome HG6245D devices through RP2613. By default, there are no firewall rules for IPv6 connectivity, exposing the internal management interfaces to the Internet. | 9.8 | CRITICAL | β | 0 |
| CVE-2020-22274 JomSocial (Joomla Social Network Extention) 4.7.6 allows CSV injection via a customer's profile. | 9.8 | CRITICAL | β | 0 |
| CVE-2021-27171 An issue was discovered on FiberHome HG6245D devices through RP2613. It is possible to start a Linux telnetd as root on port 26/tcp by using the CLI interface commands of ddd and shell (or tshell). | 9.8 | CRITICAL | β | 0 |
| CVE-2021-27172 An issue was discovered on FiberHome HG6245D devices through RP2613. A hardcoded GEPON password for root is defined inside /etc/init.d/system-config.sh. | 9.8 | CRITICAL | β | 0 |
| CVE-2020-28657 In bPanel 2.0, the administrative ajax endpoints (aka ajax/aj_*.php) are accessible without authentication and allow SQL injections, which could lead to platform compromise. | 9.8 | CRITICAL | β | 0 |
| CVE-2021-27177 An issue was discovered on FiberHome HG6245D devices through RP2613. It is possible to bypass authentication by sending the decoded value of the GgpoZWxwCmxpc3QKd2hvCg== string to the telnet server. | 9.8 | CRITICAL | β | 0 |
| CVE-2020-3284 A vulnerability in the enhanced Preboot eXecution Environment (PXE) boot loader for Cisco IOS XR 64-bit Software could allow an unauthenticated, remote attacker to execute unsigned code during the PXE... | 9.8 | CRITICAL | β | 0 |
| CVE-2020-13576 A code execution vulnerability exists in the WS-Addressing plugin functionality of Genivia gSOAP 2.8.107. A specially crafted SOAP request can lead to remote code execution. An attacker can send an HT... | 9.8 | CRITICAL | β | 0 |
| CVE-2021-27730 Accellion FTA 9_12_432 and earlier is affected by argument injection via a crafted POST request to an admin endpoint. The fixed version is FTA_9_12_444 and later. | 9.8 | CRITICAL | β | 0 |
| CVE-2021-27804 JPEG XL (aka jpeg-xl) through 0.3.2 allows writable memory corruption. | 9.8 | CRITICAL | β | 0 |
| CVE-2021-1289 Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV160, RV160W, RV260, RV260P, and RV260W VPN Routers could allow an unauthenticated, remote attacker to execute a... | 9.8 | CRITICAL | β | 0 |
| CVE-2021-25309 The telnet administrator service running on port 650 on Gigaset DX600A v41.00-175 devices does not implement any lockout or throttling functionality. This situation (together with the weak password po... | 9.8 | CRITICAL | β | 0 |
| CVE-2021-27886 rakibtg Docker Dashboard before 2021-02-28 allows command injection in backend/utilities/terminal.js via shell metacharacters in the command parameter of an API request. NOTE: this is NOT a Docker, In... | 9.8 | CRITICAL | β | 0 |
| CVE-2021-3342 EPrints 3.4.2 allows remote attackers to read arbitrary files and possibly execute commands via crafted LaTeX input to a cgi/latex2png?latex= URI. | 9.8 | CRITICAL | β | 0 |
| CVE-2021-27185 The samba-client package before 4.0.0 for Node.js allows command injection because of the use of process.exec. | 9.8 | CRITICAL | β | 0 |
| CVE-2021-26703 EPrints 3.4.2 allows remote attackers to read arbitrary files and possibly execute commands via crafted JSON/XML input to a cgi/ajax/phrase URI. | 9.8 | CRITICAL | β | 0 |
| CVE-2021-22652 Access to the Advantech iView versions prior to v5.7.03.6112 configuration are missing authentication, which may allow an unauthorized attacker to change the configuration and obtain code execution. | 9.8 | CRITICAL | β | 0 |
| CVE-2021-26476 EPrints 3.4.2 allows remote attackers to execute OS commands via crafted LaTeX input to a cgi/cal?year= URI. | 9.8 | CRITICAL | β | 0 |
| CVE-2021-22658 Advantech iView versions prior to v5.7.03.6112 are vulnerable to a SQL injection, which may allow an attacker to escalate privileges to 'Administrator'. | 9.8 | CRITICAL | β | 0 |
| CVE-2021-28955 git-bug before 0.7.2 has an Uncontrolled Search Path Element. It will execute git.bat from the current directory in certain PATH situations (most often seen on Windows). | 9.8 | CRITICAL | β | 0 |
| CVE-2020-13963 SOPlanning before 1.47 has Incorrect Access Control because certain secret key information, and the related authentication algorithm, is public. The key for admin is hardcoded in the installation code... | 9.8 | CRITICAL | β | 0 |
| CVE-2021-25689 An out of bounds write in Teradici PCoIP soft client versions prior to version 20.10.1 could allow an attacker to remotely execute code. | 9.8 | CRITICAL | β | 0 |
| CVE-2019-10196 A flaw was found in http-proxy-agent, prior to version 2.1.0. It was discovered http-proxy-agent passes an auth option to the Buffer constructor without proper sanitization. This could result in a Den... | 9.8 | CRITICAL | β | 0 |
| CVE-2021-27228 An issue was discovered in Shinobi through ocean version 1. lib/auth.js has Incorrect Access Control. Valid API Keys are held in an internal JS Object. Therefore an attacker can use JS Proto Method na... | 9.8 | CRITICAL | β | 0 |
| CVE-2020-1909 A use-after-free in a logging library in WhatsApp for iOS prior to v2.20.111 and WhatsApp Business for iOS prior to v2.20.111 could have resulted in memory corruption, crashes and potentially code exe... | 9.8 | CRITICAL | β | 0 |
| CVE-2021-25833 A file extension handling issue was found in [server] module of ONLYOFFICE DocumentServer v4.2.0.71-v5.6.0.21. The file extension is controlled by an attacker through the request data and leads to arb... | 9.8 | CRITICAL | β | 0 |
| CVE-2021-25832 A heap buffer overflow vulnerability inside of BMP image processing was found at [core] module of ONLYOFFICE DocumentServer v4.0.0-9-v6.0.0. Using this vulnerability, an attacker is able to gain remot... | 9.8 | CRITICAL | β | 0 |
| CVE-2020-24640 There is a vulnerability caused by insufficient input validation that allows for arbitrary command execution in a containerized environment within Airwave Glass before 1.3.3. Successful exploitation c... | 9.8 | CRITICAL | β | 0 |
| CVE-2020-28340 An issue was discovered on Samsung mobile devices with O(8.x), P(9.0), Q(10.0), and R(11.0) software. Attackers can bypass Factory Reset Protection (FRP) via Secure Folder. The Samsung ID is SVE-2020-... | 9.8 | CRITICAL | β | 0 |
| CVE-2020-29016 A stack-based buffer overflow vulnerability in FortiWeb 6.3.0 through 6.3.5 and version before 6.2.4 may allow an unauthenticated, remote attacker to overwrite the content of the stack and potentially... | 9.8 | CRITICAL | β | 0 |
| CVE-2020-29015 A blind SQL injection in the user interface of FortiWeb 6.3.0 through 6.3.7 and version before 6.2.4 may allow an unauthenticated, remote attacker to execute arbitrary SQL queries or commands by sendi... | 9.8 | CRITICAL | β | 0 |
| CVE-2021-28834 Kramdown before 2.3.1 does not restrict Rouge formatters to the Rouge::Formatters namespace, and thus arbitrary classes can be instantiated. | 9.8 | CRITICAL | β | 0 |
| CVE-2021-25831 A file extension handling issue was found in [core] module of ONLYOFFICE DocumentServer v4.0.0-9-v5.6.3. An attacker must request the conversion of the crafted file from PPTT into PPTX format. Using t... | 9.8 | CRITICAL | β | 0 |
| CVE-2020-28347 tdpServer on TP-Link Archer A7 AC1750 devices before 201029 allows remote attackers to execute arbitrary code via the slave_mac parameter. NOTE: this issue exists because of an incomplete fix for CVE-... | 9.8 | CRITICAL | β | 0 |
| CVE-2021-25830 A file extension handling issue was found in [core] module of ONLYOFFICE DocumentServer v4.2.0.236-v5.6.4.13. An attacker must request the conversion of the crafted file from DOCT into DOCX format. Us... | 9.8 | CRITICAL | β | 0 |
| CVE-2021-27132 SerComm AG Combo VD625 AGSOT_2.1.0 devices allow CRLF injection (for HTTP header injection) in the download function via the Content-Disposition header. | 9.8 | CRITICAL | β | 0 |
| CVE-2021-3197 An issue was discovered in SaltStack Salt before 3002.5. The salt-api's ssh client is vulnerable to a shell injection by including ProxyCommand in an argument, or via ssh_options provided in an API re... | 9.8 | CRITICAL | β | 0 |
| CVE-2020-24384 A10 Networks ACOS and aGalaxy management Graphical User Interfaces (GUIs) have an unauthenticated Remote Code Execution (RCE) vulnerability that could be used to compromise affected ACOS systems. ACOS... | 9.8 | CRITICAL | β | 0 |
| CVE-2021-3148 An issue was discovered in SaltStack Salt before 3002.5. Sending crafted web requests to the Salt API can result in salt.utils.thin.gen_thin() command injection because of different handling of single... | 9.8 | CRITICAL | β | 0 |
| CVE-2021-20658 SolarView Compact SV-CPT-MC310 prior to Ver.6.5 allows an attacker to execute arbitrary OS commands with the web server privilege via unspecified vectors. | 9.8 | CRITICAL | β | 0 |
| CVE-2021-25283 An issue was discovered in through SaltStack Salt before 3002.5. The jinja renderer does not protect against server side template injection attacks. | 9.8 | CRITICAL | β | 0 |
| CVE-2020-22276 WeForms Wordpress Plugin 1.4.7 allows CSV injection via a form's entry. | 9.8 | CRITICAL | β | 0 |
| CVE-2021-25281 An issue was discovered in through SaltStack Salt before 3002.5. salt-api does not honor eauth credentials for the wheel_async client. Thus, an attacker can remotely run any wheel modules on the maste... | 9.8 | CRITICAL | β | 0 |
| CVE-2020-2300 Jenkins Active Directory Plugin 2.19 and earlier does not prohibit the use of an empty password in Windows/ADSI mode, which allows attackers to log in to Jenkins as any user depending on the configura... | 9.8 | CRITICAL | β | 0 |
| CVE-2019-25022 An issue was discovered in Scytl sVote 2.1. An attacker can inject code that gets executed by creating an election-event and injecting a payload over an event alias, because the application calls Runt... | 9.8 | CRITICAL | β | 0 |
| CVE-2021-27198 An issue was discovered in Visualware MyConnection Server before v11.1a. Unauthenticated Remote Code Execution can occur via Arbitrary File Upload in the web service when using a myspeed/sf?filename= ... | 9.8 | CRITICAL | β | 0 |
| CVE-2021-28794 The unofficial ShellCheck extension before 0.13.4 for Visual Studio Code mishandles shellcheck.executablePath. | 9.8 | CRITICAL | β | 0 |
| CVE-2021-28035 An issue was discovered in the stack_dst crate before 0.6.1 for Rust. Because of the push_inner behavior, a drop of uninitialized memory can occur upon a val.clone() panic. | 9.8 | CRITICAL | β | 0 |
| CVE-2021-26904 LMA ISIDA Retriever 5.2 allows SQL Injection. | 9.8 | CRITICAL | β | 0 |
This product uses data from the NVD API but is not endorsed or certified by the NVD.