Vulnerabilidades CVE
Base de datos de vulnerabilidades CVE enriquecida con datos de CISA KEV y NVD
| CVE ID | CVSS | Severidad | KEV | Avistamientos |
|---|---|---|---|---|
| CVE-2026-34571 CI4MS is a CodeIgniter 4-based CMS skeleton that delivers a production-ready, modular architecture with RBAC authorization and theme support. Prior to version 0.31.0.0, a Stored Cross-Site Scripting (... | 9.9 | CRITICAL | — | 0 |
| CVE-2025-60306 code-projects Simple Car Rental System 1.0 has a permission bypass issue where low privilege users can forge high privilege sessions and perform sensitive operations. | 9.9 | CRITICAL | — | 0 |
| CVE-2025-55187 In DriveLock 24.1.4 before 24.1.5, 24.2.5 before 24.2.6, and 25.1.2 before 25.1.4, attackers can gain elevated privileges. | 9.9 | CRITICAL | — | 0 |
| CVE-2025-61913 Flowise is a drag & drop user interface to build a customized large language model flow. In versions prior to 3.0.8, WriteFileTool and ReadFileTool in Flowise do not restrict file path access, allowin... | 9.9 | CRITICAL | — | 0 |
| CVE-2024-55662 XWiki Platform is a generic wiki platform. Starting in version 3.3-milestone-1 and prior to versions 15.10.9 and 16.3.0, on instances where `Extension Repository Application` is installed, any user ca... | 9.9 | CRITICAL | — | 0 |
| CVE-2022-2992 A vulnerability in GitLab CE/EE affecting all versions from 11.10 prior to 15.1.6, 15.2 to 15.2.4, 15.3 to 15.3.2 allows an authenticated user to achieve remote code execution via the Import from GitH... | 9.9 | CRITICAL | — | 0 |
| CVE-2025-2605 Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability in Honeywell MB-Secure allows Privilege Abuse. This issue affects MB-Secure: from V11.04 before... | 9.9 | CRITICAL | — | 0 |
| CVE-2022-28802 Code by Zapier before 2022-08-17 allowed intra-account privilege escalation that included execution of Python or JavaScript code. In other words, Code by Zapier was providing a customer-controlled gen... | 9.9 | CRITICAL | — | 0 |
| CVE-2024-51478 YesWiki is a wiki system written in PHP. Prior to 4.4.5, the use of a weak cryptographic algorithm and a hard-coded salt to hash the password reset key allows it to be recovered and used to reset the ... | 9.9 | CRITICAL | — | 0 |
| CVE-2022-2884 A vulnerability in GitLab CE/EE affecting all versions from 11.3.4 prior to 15.1.5, 15.2 to 15.2.3, 15.3 to 15.3 to 15.3.1 allows an an authenticated user to achieve remote code execution via the Impo... | 9.9 | CRITICAL | — | 0 |
| CVE-2023-40714 A relative path traversal in Fortinet FortiSIEM versions 7.0.0, 6.7.0 through 6.7.2, 6.6.0 through 6.6.3, 6.5.1, 6.5.0 allows attacker to escalate privilege via uploading certain GUI elements | 9.9 | CRITICAL | — | 0 |
| CVE-2025-40585 A vulnerability has been identified in Energy Services (All versions with G5DFR). Affected solutions using G5DFR contain default credentials. This could allow an attacker to gain control of G5DFR comp... | 9.9 | CRITICAL | — | 0 |
| CVE-2025-34267 Flowise v3.0.1 < 3.0.8 and all versions after with 'ALLOW_BUILTIN_DEP' enabled contain an authenticated remote code execution vulnerability and node VM sandbox escape due to insecure use of integrated... | 9.9 | CRITICAL | — | 0 |
| CVE-2025-44961 In RUCKUS SmartZone (SZ) before 6.1.2p3 Refresh Build, OS command injection can occur via an IP address field provided by an authenticated user. | 9.9 | CRITICAL | — | 0 |
| CVE-2025-62645 The Restaurant Brands International (RBI) assistant platform through 2025-09-06 allows a remote authenticated attacker to obtain a token with administrative privileges for the entire platform via the ... | 9.9 | CRITICAL | — | 0 |
| CVE-2025-58428 The TLS4B ATG system's SOAP-based interface is vulnerable due to its accessibility through the web services handler. This vulnerability enables remote attackers with valid credentials to execute syste... | 9.9 | CRITICAL | — | 0 |
| CVE-2025-54469 A vulnerability was identified in NeuVector, where the enforcer used environment variables CLUSTER_RPC_PORT and CLUSTER_LAN_PORT to generate a command to be executed via popen, without first sanitisin... | 9.9 | CRITICAL | — | 0 |
| CVE-2025-55315 Inconsistent interpretation of http requests ('http request/response smuggling') in ASP.NET Core allows an authorized attacker to bypass a security feature over a network. | 9.9 | CRITICAL | — | 0 |
| CVE-2025-49708 Use after free in Microsoft Graphics Component allows an authorized attacker to elevate privileges over a network. | 9.9 | CRITICAL | — | 0 |
| CVE-2025-47699 Exposure of Sensitive System Information to an Unauthorized Control Sphere (CWE-497) in the Gallagher Morpho integration could allow an authenticated operator with limited site permissions to make cri... | 9.9 | CRITICAL | — | 0 |
| CVE-2025-44823 Nagios Log Server before 2024R1.3.2 allows authenticated users to retrieve cleartext administrative API keys via a /nagioslogserver/index.php/api/system/get_users call. This is GL:NLS#475. | 9.9 | CRITICAL | — | 0 |
| CVE-2025-68554 Unrestricted Upload of File with Dangerous Type vulnerability in zozothemes Keenarch keenarch allows Using Malicious Files.This issue affects Keenarch: from n/a through < 2.0.1. | 9.9 | CRITICAL | — | 0 |
| CVE-2026-27574 OneUptime is a solution for monitoring and managing online services. In versions 9.5.13 and below, custom JavaScript monitor feature uses Node.js's node:vm module (explicitly documented as not a secur... | 9.9 | CRITICAL | — | 0 |
| CVE-2026-28363 In OpenClaw before 2026.2.23, tools.exec.safeBins validation for sort could be bypassed via GNU long-option abbreviations (such as --compress-prog) in allowlist mode, leading to approval-free executio... | 9.9 | CRITICAL | — | 0 |
| CVE-2026-27626 OliveTin gives access to predefined shell commands from a web interface. In versions up to and including 3000.10.0, OliveTin's shell mode safety check (`checkShellArgumentSafety`) blocks several dange... | 9.9 | CRITICAL | — | 0 |
| CVE-2025-57795 Explorance Blue versions prior to 8.14.13 contain an authenticated remote file download vulnerability in a web service component. In default configurations, this flaw can be leveraged to achieve remot... | 9.9 | CRITICAL | — | 0 |
| CVE-2025-68555 Unrestricted Upload of File with Dangerous Type vulnerability in zozothemes Nutrie nutrie allows Upload a Web Shell to a Web Server.This issue affects Nutrie: from n/a through < 2.0.1. | 9.9 | CRITICAL | — | 0 |
| CVE-2026-24960 Unrestricted Upload of File with Dangerous Type vulnerability in zozothemes Charety charety allows Using Malicious Files.This issue affects Charety: from n/a through < 2.0.2. | 9.9 | CRITICAL | — | 0 |
| CVE-2026-30957 OneUptime is a solution for monitoring and managing online services. Prior to 10.0.21, OneUptime Synthetic Monitors allow a low-privileged authenticated project user to execute arbitrary commands on t... | 9.9 | CRITICAL | — | 0 |
| CVE-2026-29789 Vito is a self-hosted web application that helps manage servers and deploy PHP applications into production servers. Prior to version 3.20.3, a missing authorization check in workflow site-creation ac... | 9.9 | CRITICAL | — | 0 |
| CVE-2026-30956 OneUptime is a solution for monitoring and managing online services. Prior to 10.0.21, a low‑privileged user can bypass authorization and tenant isolation in OneUptime v10.0.20 and earlier by sending ... | 9.9 | CRITICAL | — | 0 |
| CVE-2025-62878 A malicious user can manipulate the parameters.pathPattern to create PersistentVolumes in arbitrary locations on the host node, potentially overwriting sensitive files or gaining access to unintended ... | 9.9 | CRITICAL | — | 0 |
| CVE-2026-24841 Dokploy is a free, self-hostable Platform as a Service (PaaS). In versions prior to 0.26.6, a critical command injection vulnerability exists in Dokploy's WebSocket endpoint `/docker-container-termina... | 9.9 | CRITICAL | — | 0 |
| CVE-2026-24849 OpenEMR is a free and open source electronic health records and medical practice management application. Prior to version 7.0.4, the `disposeDocument()` method in `EtherFaxActions.php` allows authenti... | 9.9 | CRITICAL | — | 0 |
| CVE-2025-66956 Insecure Access Control in Contact Plan, E-Mail, SMS and Fax components in Asseco SEE Live 2.0 allows remote attackers to access and execute attachments via a computable URL. | 9.9 | CRITICAL | — | 0 |
| CVE-2026-32621 Apollo Federation is an architecture for declaratively composing APIs into a unified graph. Prior to 2.9.6, 2.10.5, 2.11.6, 2.12.3, and 2.13.2, a vulnerability exists in query plan execution within th... | 9.9 | CRITICAL | — | 0 |
| CVE-2026-28466 OpenClaw versions prior to 2026.2.14 contain a vulnerability in the gateway in which it fails to sanitize internal approval fields in node.invoke parameters, allowing authenticated clients to bypass e... | 9.9 | CRITICAL | — | 0 |
| CVE-2025-68553 Unrestricted Upload of File with Dangerous Type vulnerability in zozothemes Lendiz lendiz allows Upload a Web Shell to a Web Server.This issue affects Lendiz: from n/a through < 2.0.1. | 9.9 | CRITICAL | — | 0 |
| CVE-2026-32731 ApostropheCMS is an open-source content management framework. Prior to version 3.5.3 of `@apostrophecms/import-export`, The `extract()` function in `gzip.js` constructs file-write paths using `fs.crea... | 9.9 | CRITICAL | — | 0 |
| CVE-2026-26137 Server-side request forgery (ssrf) in Microsoft Exchange allows an authorized attacker to elevate privileges over a network. | 9.9 | CRITICAL | — | 0 |
| CVE-2026-32536 Unrestricted Upload of File with Dangerous Type vulnerability in halfdata Green Downloads halfdata-paypal-green-downloads allows Using Malicious Files.This issue affects Green Downloads: from n/a thro... | 9.9 | CRITICAL | — | 0 |
| CVE-2026-32523 Unrestricted Upload of File with Dangerous Type vulnerability in denishua WPJAM Basic wpjam-basic allows Using Malicious Files.This issue affects WPJAM Basic: from n/a through <= 6.9.2. | 9.9 | CRITICAL | — | 0 |
| CVE-2026-32922 OpenClaw before 2026.3.11 contains a privilege escalation vulnerability in device.token.rotate that allows callers with operator.pairing scope to mint tokens with broader scopes by failing to constrai... | 9.9 | CRITICAL | — | 0 |
| CVE-2025-62016 Unrestricted Upload of File with Dangerous Type vulnerability in hogash KALLYAS kallyas.This issue affects KALLYAS: from n/a through <= 4.22.0. | 9.9 | CRITICAL | — | 0 |
| CVE-2025-0987 Authorization Bypass Through User-Controlled Key vulnerability in CB Project Ltd. Co. CVLand allows Parameter Injection.This issue affects CVLand: from 2.1.0 through 20251103. NOTE: The vendor was con... | 9.9 | CRITICAL | — | 0 |
| CVE-2025-62056 Unrestricted Upload of File with Dangerous Type vulnerability in blazethemes News Event news-event.This issue affects News Event: from n/a through <= 1.0.1. | 9.9 | CRITICAL | — | 0 |
| CVE-2026-22797 An issue was discovered in OpenStack keystonemiddleware 10.5 through 10.7 before 10.7.2, 10.8 and 10.9 before 10.9.1, and 10.10 through 10.12 before 10.12.1. The external_oauth2_token middleware fails... | 9.9 | CRITICAL | — | 0 |
| CVE-2025-68986 Unrestricted Upload of File with Dangerous Type vulnerability in zozothemes Miion miion allows Upload a Web Shell to a Web Server.This issue affects Miion: from n/a through <= 1.2.7. | 9.9 | CRITICAL | — | 0 |
| CVE-2026-22907 An attacker may gain unauthorized access to the host filesystem, potentially allowing them to read and modify system data. | 9.9 | CRITICAL | — | 0 |
| CVE-2025-68909 Unrestricted Upload of File with Dangerous Type vulnerability in blazethemes Blogistic blogistic allows Using Malicious Files.This issue affects Blogistic: from n/a through <= 1.0.5. | 9.9 | CRITICAL | — | 0 |
This product uses data from the NVD API but is not endorsed or certified by the NVD.