Vulnerabilidades CVE
Base de datos de vulnerabilidades CVE enriquecida con datos de CISA KEV y NVD
| CVE ID | CVSS | Severidad | KEV | Avistamientos |
|---|---|---|---|---|
| CVE-2021-42099 Zoho ManageEngine M365 Manager Plus before 4421 is vulnerable to file-upload remote code execution. | 9.8 | CRITICAL | β | 0 |
| CVE-2021-46394 There is a stack buffer overflow vulnerability in the formSetPPTPServer function of Tenda-AX3 router V16.03.12.10_CN. The v13 variable is directly retrieved from the http request parameter startIp. Th... | 9.8 | CRITICAL | β | 0 |
| CVE-2022-29525 Rakuten Casa version AP_F_V1_4_1 or AP_F_V2_0_0 uses a hard-coded credential which may allow a remote unauthenticated attacker to log in with the root privilege and perform an arbitrary operation. | 9.8 | CRITICAL | β | 0 |
| CVE-2023-28769 The buffer overflow vulnerability in the library βlibclinkc.soβ of the web server βzhttpdβ in Zyxel DX5401-B0 firmware versions prior to V5.17(ABYO.1)C0 could allow a remote unauthenticated attacker t... | 9.8 | CRITICAL | β | 0 |
| CVE-2023-2704 The BP Social Connect plugin for WordPress is vulnerable to authentication bypass in versions up to, and including, 1.5. This is due to insufficient verification on the user being supplied during a Fa... | 9.8 | CRITICAL | β | 0 |
| CVE-2023-37704 Tenda FH1203 V2.0.1.6 was discovered to contain a stack overflow via the deviceId parameter in the formSetClientState function. | 9.8 | CRITICAL | β | 0 |
| CVE-2023-37372 A vulnerability has been identified in RUGGEDCOM CROSSBOW (All versions < V5.4). The affected applications is vulnerable to SQL injection. This could allow an unauthenticated remote attackers to execu... | 9.8 | CRITICAL | β | 0 |
| CVE-2021-26505 Prototype pollution vulnerability in MrSwitch hello.js version 1.18.6, allows remote attackers to execute arbitrary code via hello.utils.extend function. | 9.8 | CRITICAL | β | 0 |
| CVE-2023-3265 An authentication bypass exists on CyberPower PowerPanel Enterprise by failing to sanitize meta-characters from the username, allowing an attacker to login into the application with the default user "... | 9.8 | CRITICAL | β | 0 |
| CVE-2022-30105 In Belkin N300 Firmware 1.00.08, the script located at /setting_hidden.asp, which is accessible before and after configuring the device, exhibits multiple remote command injection vulnerabilities. The... | 9.8 | CRITICAL | β | 0 |
| CVE-2023-37170 TOTOLINK A3300R V17.0.0cu.557_B20221024 was discovered to contain an unauthenticated remote code execution (RCE) vulnerability via the lang parameter in the setLanguageCfg function. | 9.8 | CRITICAL | β | 0 |
| CVE-2023-37171 TOTOLINK A3300R V17.0.0cu.557_B20221024 was discovered to contain a command injection vulnerability via the admuser parameter in the setPasswordCfg function. | 9.8 | CRITICAL | β | 0 |
| CVE-2022-30599 A flaw was found in moodle where an SQL injection risk was identified in Badges code relating to configuring criteria. | 9.8 | CRITICAL | β | 0 |
| CVE-2021-26432 Windows Services for NFS ONCRPC XDR Driver Remote Code Execution Vulnerability | 9.8 | CRITICAL | β | 0 |
| CVE-2021-41679 A SQL injection vulnerability exists in version 8.0 of openSIS when MySQL or MariaDB is used as the application database. An attacker can then issue the SQL command through the /opensis/modules/grades... | 9.8 | CRITICAL | β | 0 |
| CVE-2023-37172 TOTOLINK A3300R V17.0.0cu.557_B20221024 was discovered to contain a command injection vulnerability via the ip parameter in the setDiagnosisCfg function. | 9.8 | CRITICAL | β | 0 |
| CVE-2022-24704 The rad_packet_recv function in opt/src/accel-pppd/radius/packet.c suffers from a buffer overflow vulnerability, whereby user input len is copied into a fixed buffer &attr->val.integer without any bou... | 9.8 | CRITICAL | β | 0 |
| CVE-2022-23992 XCOM Data Transport for Windows, Linux, and UNIX 11.6 releases contain a vulnerability due to insufficient input validation that could potentially allow remote attackers to execute arbitrary commands ... | 9.8 | CRITICAL | β | 0 |
| CVE-2022-28945 An issue in Webbank WeCube v3.2.2 allows attackers to execute a directory traversal via a crafted ZIP file. | 9.8 | CRITICAL | β | 0 |
| CVE-2021-38457 The server permits communication without any authentication procedure, allowing the attacker to initiate a session with the server without providing any form of authentication. | 9.8 | CRITICAL | β | 0 |
| CVE-2021-46463 njs through 0.7.1, used in NGINX, was discovered to contain a control flow hijack caused by a Type Confusion vulnerability in njs_promise_perform_then(). | 9.8 | CRITICAL | β | 0 |
| CVE-2021-0276 A stack-based Buffer Overflow vulnerability in Juniper Networks SBR Carrier with EAP (Extensible Authentication Protocol) authentication configured, allows an attacker sending specific packets causing... | 9.8 | CRITICAL | β | 0 |
| CVE-2021-41755 dynamicMarkt <= 3.10 is affected by SQL injection in the kat1 parameter of index.php. | 9.8 | CRITICAL | β | 0 |
| CVE-2023-37173 TOTOLINK A3300R V17.0.0cu.557_B20221024 was discovered to contain a command injection vulnerability via the command parameter in the setTracerouteCfg function. | 9.8 | CRITICAL | β | 0 |
| CVE-2021-42377 An attacker-controlled pointer free in Busybox's hush applet leads to denial of service and possible code execution when processing a crafted shell command, due to the shell mishandling the &&& string... | 9.8 | CRITICAL | β | 0 |
| CVE-2022-29516 The web console of FUJITSU Network IPCOM series (IPCOM EX2 IN(3200, 3500), IPCOM EX2 LB(1100, 3200, 3500), IPCOM EX2 SC(1100, 3200, 3500), IPCOM EX2 NW(1100, 3200, 3500), IPCOM EX2 DC, IPCOM EX2 DC, I... | 9.8 | CRITICAL | β | 0 |
| CVE-2022-23902 Tongda2000 v11.10 was discovered to contain a SQL injection vulnerability in export_data.php via the d_name parameter. | 9.8 | CRITICAL | β | 0 |
| CVE-2021-39392 The management tool in MyLittleBackup up to and including 1.7 allows remote attackers to execute arbitrary code because machineKey is hardcoded (the same for all customers' installations) in web.confi... | 9.8 | CRITICAL | β | 0 |
| CVE-2022-1795 Use After Free in GitHub repository gpac/gpac prior to v2.1.0-DEV. | 9.8 | CRITICAL | β | 0 |
| CVE-2022-24206 Tongda2000 v11.10 was discovered to contain a SQL injection vulnerability in /mobile_seal/get_seal.php via the DEVICE_LIST parameter. | 9.8 | CRITICAL | β | 0 |
| CVE-2022-31788 IdeaLMS 2022 allows SQL injection via the IdeaLMS/ChatRoom/ClassAccessControl/6?isBigBlueButton=0&ClassID= pathname. | 9.8 | CRITICAL | β | 0 |
| CVE-2021-43202 In JetBrains TeamCity before 2021.1.3, the X-Frame-Options header is missing in some cases. | 9.8 | CRITICAL | β | 0 |
| CVE-2022-25403 HMS v1.0 was discovered to contain a SQL injection vulnerability via the component admin.php. | 9.8 | CRITICAL | β | 0 |
| CVE-2020-21125 An arbitrary file creation vulnerability in UReport 2.2.9 allows attackers to execute arbitrary code. | 9.8 | CRITICAL | β | 0 |
| CVE-2020-21124 UReport 2.2.9 allows attackers to execute arbitrary code due to a lack of access control to the designer page. | 9.8 | CRITICAL | β | 0 |
| CVE-2022-30600 A flaw was found in moodle where logic used to count failed login attempts could result in the account lockout threshold being bypassed. | 9.8 | CRITICAL | β | 0 |
| CVE-2022-33002 The KGExplore package in PyPI v0.1.1 to v0.1.2 was discovered to contain a code execution backdoor via the request package. This vulnerability allows attackers to access sensitive user information and... | 9.8 | CRITICAL | β | 0 |
| CVE-2020-21121 Pligg CMS 2.0.2 contains a time-based SQL injection vulnerability via the $recordIDValue parameter in the admin_update_module_widgets.php file. | 9.8 | CRITICAL | β | 0 |
| CVE-2021-45005 Artifex MuJS v1.1.3 was discovered to contain a heap buffer overflow which is caused by conflicting JumpList of nested try/finally statements. | 9.8 | CRITICAL | β | 0 |
| CVE-2021-37592 Suricata before 5.0.8 and 6.x before 6.0.4 allows TCP evasion via a client with a crafted TCP/IP stack that can send a certain sequence of segments. | 9.8 | CRITICAL | β | 0 |
| CVE-2022-28956 An issue in the getcfg.php component of D-Link DIR816L_FW206b01 allows attackers to access the device via a crafted payload. | 9.8 | CRITICAL | β | 0 |
| CVE-2021-44530 An injection vulnerability exists in a third-party library used in UniFi Network Version 6.5.53 and earlier (Log4J CVE-2021-44228) allows a malicious actor to control the application. | 9.8 | CRITICAL | β | 0 |
| CVE-2022-1357 The affected On-Premise cnMaestro allows an unauthenticated attacker to access the cnMaestro server and execute arbitrary code in the privileges of the web server. This lack of validation could allow ... | 9.8 | CRITICAL | β | 0 |
| CVE-2022-32563 An issue was discovered in Couchbase Sync Gateway 3.x before 3.0.2. Admin credentials are not verified when using X.509 client-certificate authentication from Sync Gateway to Couchbase Server. When Sy... | 9.8 | CRITICAL | β | 0 |
| CVE-2021-35368 OWASP ModSecurity Core Rule Set 3.1.x before 3.1.2, 3.2.x before 3.2.1, and 3.3.x before 3.3.2 is affected by a Request Body Bypass via a trailing pathname. | 9.8 | CRITICAL | β | 0 |
| CVE-2022-30052 In Home Clean Service System 1.0, the password parameter is vulnerable to SQL injection attacks. | 9.8 | CRITICAL | β | 0 |
| CVE-2021-41756 dynamicMarkt <= 3.10 is affected by SQL injection in the kat parameter of index.php. | 9.8 | CRITICAL | β | 0 |
| CVE-2022-29644 TOTOLINK A3100R V4.1.2cu.5050_B20200504 and V4.1.2cu.5247_B20211129 were discovered to contain a hard coded password for the telnet service stored in the component /web_cste/cgi-bin/product.ini. | 9.8 | CRITICAL | β | 0 |
| CVE-2021-37760 A Session ID leak in the audit log in Graylog before 4.1.2 allows attackers to escalate privileges (to the access level of the leaked session ID). | 9.8 | CRITICAL | β | 0 |
| CVE-2022-23336 S-CMS v5.0 was discovered to contain a SQL injection vulnerability in member_pay.php via the O_id parameter. | 9.8 | CRITICAL | β | 0 |
This product uses data from the NVD API but is not endorsed or certified by the NVD.