Vulnerabilidades CVE
Base de datos de vulnerabilidades CVE enriquecida con datos de CISA KEV y NVD
| CVE ID | CVSS | Severidad | KEV | Avistamientos |
|---|---|---|---|---|
| CVE-2025-40665 Time-based blind SQL injection vulnerabilities in TCMAN's GIM v11. These allow an attacker to retrieve, create, update and delete databases throughΒ ArbolID parameter in /GIMWeb/PC/frmCorrectivosList.a... | 9.8 | CRITICAL | β | 0 |
| CVE-2025-40666 Time-based blind SQL injection vulnerabilities in TCMAN's GIM v11. These allow an attacker to retrieve, create, update and delete databases throughΒ ArbolID parameter in/GIMWeb/PC/frmPreventivosList.as... | 9.8 | CRITICAL | β | 0 |
| CVE-2022-35156 Bus Pass Management System 1.0 was discovered to contain a SQL Injection vulnerability via the searchdata parameter at /buspassms/download-pass.php.. | 9.8 | CRITICAL | β | 0 |
| CVE-2021-43301 Stack overflow in PJSUA API when calling pjsua_playlist_create. An attacker-controlled 'file_names' argument may cause a buffer overflow since it is copied to a fixed-size stack buffer without any siz... | 9.8 | CRITICAL | β | 0 |
| CVE-2025-55835 File Upload vulnerability in SueamCMS v.0.1.2 allows a remote attacker to execute arbitrary code via the lack of filtering. | 9.8 | CRITICAL | β | 0 |
| CVE-2022-23303 The implementations of SAE in hostapd before 2.10 and wpa_supplicant before 2.10 are vulnerable to side channel attacks as a result of cache access patterns. NOTE: this issue exists because of an inco... | 9.8 | CRITICAL | β | 0 |
| CVE-2022-23304 The implementations of EAP-pwd in hostapd before 2.10 and wpa_supplicant before 2.10 are vulnerable to side-channel attacks as a result of cache access patterns. NOTE: this issue exists because of an ... | 9.8 | CRITICAL | β | 0 |
| CVE-2021-43300 Stack overflow in PJSUA API when calling pjsua_recorder_create. An attacker-controlled 'filename' argument may cause a buffer overflow since it is copied to a fixed-size stack buffer without any size ... | 9.8 | CRITICAL | β | 0 |
| CVE-2020-22669 Modsecurity owasp-modsecurity-crs 3.2.0 (Paranoia level at PL1) has a SQL injection bypass vulnerability. Attackers can use the comment characters and variable assignments in the SQL syntax to bypass ... | 9.8 | CRITICAL | β | 0 |
| CVE-2025-48938 go-gh is a collection of Go modules to make authoring GitHub CLI extensions easier. A security vulnerability has been identified in versions prior to 2.12.1 where an attacker-controlled GitHub Enterpr... | 9.8 | CRITICAL | β | 0 |
| CVE-2023-4340 Broadcom RAID Controller is vulnerable to Privilege escalation by taking advantage of the Session prints in the log file | 9.8 | CRITICAL | β | 0 |
| CVE-2023-4341 Broadcom RAID Controller is vulnerable to Privilege escalation to root due to creation of insecure folders by Web GUI | 9.8 | CRITICAL | β | 0 |
| CVE-2021-43303 Buffer overflow in PJSUA API when calling pjsua_call_dump. An attacker-controlled 'buffer' argument may cause a buffer overflow, since supplying an output buffer smaller than 128 characters may overfl... | 9.8 | CRITICAL | β | 0 |
| CVE-2023-7017 Sciener locks' firmware update mechanism do not authenticate or validate firmware updates if passed to the lock through the Bluetooth Low Energy service. A challenge request can be sent to the lock wi... | 9.8 | CRITICAL | β | 0 |
| CVE-2022-34974 D-Link DIR810LA1_FW102B22 was discovered to contain a command injection vulnerability via the Ping_addr function. | 9.8 | CRITICAL | β | 0 |
| CVE-2022-0839 Improper Restriction of XML External Entity Reference in GitHub repository liquibase/liquibase prior to 4.8.0. | 9.8 | CRITICAL | β | 0 |
| CVE-2023-4342 Broadcom RAID Controller web interface is vulnerable due to insecure defaults of lacking HTTP strict-transport-security policy | 9.8 | CRITICAL | β | 0 |
| CVE-2025-40795 A vulnerability has been identified in SIMATIC PCS neo V4.1 (All versions), SIMATIC PCS neo V5.0 (All versions), SIMATIC PCS neo V6.0 (All versions), User Management Component (UMC) (All versions < V2... | 9.8 | CRITICAL | β | 0 |
| CVE-2022-34835 In Das U-Boot through 2022.07-rc5, an integer signedness error and resultant stack-based buffer overflow in the "i2c md" command enables the corruption of the return address pointer of the do_i2c_md f... | 9.8 | CRITICAL | β | 0 |
| CVE-2022-0547 OpenVPN 2.1 until v2.4.12 and v2.5.6 may enable authentication bypass in external authentication plug-ins when more than one of them makes use of deferred authentication replies, which allows an exter... | 9.8 | CRITICAL | β | 0 |
| CVE-2025-48877 Discourse is an open-source discussion platform. Prior to version 3.4.4 of the `stable` branch, version 3.5.0.beta5 of the `beta` branch, and version 3.5.0.beta6-dev of the `tests-passed` branch, Code... | 9.8 | CRITICAL | β | 0 |
| CVE-2022-29081 Zoho ManageEngine Access Manager Plus before 4302, Password Manager Pro before 12007, and PAM360 before 5401 are vulnerable to access-control bypass on a few Rest API URLs (for SSOutAction. SSLAction.... | 9.8 | CRITICAL | β | 0 |
| CVE-2022-30230 A vulnerability has been identified in SICAM GridEdge (Classic) (All versions < V2.6.6). The affected application does not require authenticated access for privileged functions. This could allow an un... | 9.8 | CRITICAL | β | 0 |
| CVE-2025-36890 Elevation of Privilege | 9.8 | CRITICAL | β | 0 |
| CVE-2022-31031 PJSIP is a free and open source multimedia communication library written in C language implementing standard based protocols such as SIP, SDP, RTP, STUN, TURN, and ICE. In versions prior to and includ... | 9.8 | CRITICAL | β | 0 |
| CVE-2022-30767 nfs_lookup_reply in net/nfs.c in Das U-Boot through 2022.04 (and through 2022.07-rc2) has an unbounded memcpy with a failed length check, leading to a buffer overflow. NOTE: this issue exists because ... | 9.8 | CRITICAL | β | 0 |
| CVE-2025-6519 E3 Site Supervisor (firmware version < 2.31F01) has a default admin user "ONEDAY" with a daily generated password. An attacker can predictably generate the password for ONEDAY. The oneday user cannot ... | 9.8 | CRITICAL | β | 0 |
| CVE-2025-52549 E3 Site Supervisor Control (firmware version < 2.31F01) generates the root linux password on each boot. An attacker can generate the root linux password for a vulnerable device based on known or easy ... | 9.8 | CRITICAL | β | 0 |
| CVE-2022-29246 Azure RTOS USBX is a USB host, device, and on-the-go (OTG) embedded stack. Prior to version 6.1.11, he USBX DFU UPLOAD functionality may be utilized to introduce a buffer overflow resulting in overwri... | 9.8 | CRITICAL | β | 0 |
| CVE-2022-29021 A buffer overflow vulnerability exists in the razerkbd driver of OpenRazer up to version v3.3.0 allows attackers to cause a Denial of Service (DoS) and possibly escalate their privileges via a crafted... | 9.8 | CRITICAL | β | 0 |
| CVE-2022-29023 A buffer overflow vulnerability exists in the razermouse driver of OpenRazer up to version v3.3.0 allows attackers to cause a Denial of Service (DoS) and possibly escalate their privileges via a craft... | 9.8 | CRITICAL | β | 0 |
| CVE-2023-39453 A use-after-free vulnerability exists in the tif_parse_sub_IFD functionality of Accusoft ImageGear 20.1. A specially crafted malformed file can lead to arbitrary code execution. An attacker can delive... | 9.8 | CRITICAL | β | 0 |
| CVE-2023-35002 A heap-based buffer overflow vulnerability exists in the pictwread functionality of Accusoft ImageGear 20.1. A specially crafted malformed file can lead to arbitrary code execution. An attacker can pr... | 9.8 | CRITICAL | β | 0 |
| CVE-2023-32653 An out-of-bounds write vulnerability exists in the dcm_pixel_data_decode functionality of Accusoft ImageGear 20.1. A specially crafted malformed file can lead to arbitrary code execution. A victim wou... | 9.8 | CRITICAL | β | 0 |
| CVE-2023-28815 Some versions of Hikvision's iSecure Center Product contain insufficient parameter validation, resulting in a command injection vulnerability. Attackers may exploit this to gain platform privileges an... | 9.8 | CRITICAL | β | 0 |
| CVE-2025-11533 The WP Freeio plugin for WordPress is vulnerable to Privilege Escalation in all versions up to, and including, 1.2.21. This is due to the process_register() function not restricting what user roles a ... | 9.8 | CRITICAL | β | 0 |
| CVE-2025-6553 The Ovatheme Events Manager plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the process_checkout() function in all versions up to, and including, 1.... | 9.8 | CRITICAL | β | 0 |
| CVE-2025-6439 The WooCommerce Designer Pro plugin for WordPress, used by the Pricom - Printing Company & Design Services WordPress theme, is vulnerable to arbitrary file deletion due to insufficient file path valid... | 9.8 | CRITICAL | β | 0 |
| CVE-2024-30922 SQL Injection vulnerability in DerbyNet v9.0 allows a remote attacker to execute arbitrary code via the where Clause in Award Document Rendering. | 9.8 | CRITICAL | β | 0 |
| CVE-2023-40890 A stack-based buffer overflow vulnerability exists in the lookup_sequence function of ZBar 0.23.90. Specially crafted QR codes may lead to information disclosure and/or arbitrary code execution. To tr... | 9.8 | CRITICAL | β | 0 |
| CVE-2023-40889 A heap-based buffer overflow exists in the qr_reader_match_centers function of ZBar 0.23.90. Specially crafted QR codes may lead to information disclosure and/or arbitrary code execution. To trigger t... | 9.8 | CRITICAL | β | 0 |
| CVE-2025-6919 Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Cats Information Technology Software Development Technologies Aykome License Tracking System allow... | 9.8 | CRITICAL | β | 0 |
| CVE-2025-61045 TOTOLINK X18 V9.1.0cu.2053_B20230309 was discovered to contain a command injection vulnerability via the mac parameter in the setEasyMeshAgentCfg function. | 9.8 | CRITICAL | β | 0 |
| CVE-2025-61044 TOTOLINK X18 V9.1.0cu.2053_B20230309 was discovered to contain a command injection vulnerability via the agentName parameter in the setEasyMeshAgentCfg function. | 9.8 | CRITICAL | β | 0 |
| CVE-2023-40267 GitPython before 3.1.32 does not block insecure non-multi options in clone and clone_from. NOTE: this issue exists because of an incomplete fix for CVE-2022-24439. | 9.8 | CRITICAL | β | 0 |
| CVE-2025-27258 Ericsson Network Manager (ENM) versions prior to ENM 25.1 GA contain a vulnerability, if exploited, can result in an escalation of privilege. | 9.8 | CRITICAL | β | 0 |
| CVE-2023-4325 Broadcom RAID Controller web interface is vulnerable due to usage of Libcurl with LSA has known vulnerabilities | 9.8 | CRITICAL | β | 0 |
| CVE-2022-46295 Multiple out-of-bounds write vulnerabilities exist in the translationVectors parsing functionality in multiple supported formats of Open Babel 3.1.1 and master commit 530dbfa3. A specially-crafted mal... | 9.8 | CRITICAL | β | 0 |
| CVE-2022-46294 Multiple out-of-bounds write vulnerabilities exist in the translationVectors parsing functionality in multiple supported formats of Open Babel 3.1.1 and master commit 530dbfa3. A specially-crafted mal... | 9.8 | CRITICAL | β | 0 |
| CVE-2022-46293 Multiple out-of-bounds write vulnerabilities exist in the translationVectors parsing functionality in multiple supported formats of Open Babel 3.1.1 and master commit 530dbfa3. A specially-crafted mal... | 9.8 | CRITICAL | β | 0 |
This product uses data from the NVD API but is not endorsed or certified by the NVD.