Vulnerabilidades CVE
Base de datos de vulnerabilidades CVE enriquecida con datos de CISA KEV y NVD
| CVE ID | CVSS | Severidad | KEV | Avistamientos |
|---|---|---|---|---|
| CVE-2025-58998 Deserialization of Untrusted Data vulnerability in CristiΓ‘n LΓ‘vaque s2Member s2member allows Object Injection.This issue affects s2Member: from n/a through <= 250701. | 9.8 | CRITICAL | β | 0 |
| CVE-2025-25763 crmeb CRMEB-KY v5.4.0 and before has a SQL Injection vulnerability at getRead() in /system/SystemDatabackupServices.php | 9.8 | CRITICAL | β | 0 |
| CVE-2025-51743 An issue was discovered in jishenghua JSH_ERP 2.3.1. The /materialCategory/addMaterialCategory endpoint is vulnerable to fastjson deserialization attacks. | 9.8 | CRITICAL | β | 0 |
| CVE-2025-66256 Unauthenticated Arbitrary File Upload (patch_contents.php) in DB Electronica Telecomunicazioni S.p.A. Mozart FM Transmitter versions 30, 50, 100, 300, 500, 1000, 2000, 3000, 3500, 6000, 7000 allows an... | 9.8 | CRITICAL | β | 0 |
| CVE-2025-66259 Authenticated Root Remote Code Execution via improrer user input filtering in DB Electronica Telecomunicazioni S.p.A. Mozart FM Transmitter versions 30, 50, 100, 300, 500, 1000, 2000, 3000, 3500, 6000... | 9.8 | CRITICAL | β | 0 |
| CVE-2025-66261 Unauthenticated OS Command Injection (restore_settings.php) in DB Electronica Telecomunicazioni S.p.A. Mozart FM Transmitter versions 30, 50, 100, 300, 500, 1000, 2000, 3000, 3500, 6000, 7000 allows a... | 9.8 | CRITICAL | β | 0 |
| CVE-2025-13542 The DesignThemes LMS plugin for WordPress is vulnerable to Privilege Escalation in all versions up to, and including, 1.0.4. This is due to the 'dtlms_register_user_front_end' function not restricting... | 9.8 | CRITICAL | β | 0 |
| CVE-2024-32641 Masa CMS is an open source Enterprise Content Management platform. Masa CMS versions prior to 7.2.8, 7.3.13, and 7.4.6 are vulnerable to remote code execution. The vulnerability exists in the addParam... | 9.8 | CRITICAL | β | 0 |
| CVE-2025-51742 An issue was discovered in jishenghua JSH_ERP 2.3.1. The /material/getMaterialEnableSerialNumberList endpoint passes the search query parameter directly to parseObject(), introducing a Fastjson deseri... | 9.8 | CRITICAL | β | 0 |
| CVE-2025-65294 Aqara Hub devices including Camera Hub G3 4.1.9_0027, Hub M2 4.3.6_0027, and Hub M3 4.3.6_0025 contain an undocumented remote access mechanism enabling unrestricted remote command execution. | 9.8 | CRITICAL | β | 0 |
| CVE-2025-60854 A vulnerability has been found in D-Link R15 (AX1500) 1.20.01 and below. By manipulating the model name parameter during a password change request in the web administrator page, it is possible to trig... | 9.8 | CRITICAL | β | 0 |
| CVE-2019-9792 The IonMonkey just-in-time (JIT) compiler can leak an internal JS_OPTIMIZED_OUT magic value to the running script during a bailout. This magic value can then be used by JavaScript to achieve memory co... | 9.8 | CRITICAL | β | 0 |
| CVE-2025-65358 Edoc-doctor-appointment-system v1.0.1 was discovered to contain SQl injection vulnerability via the 'docid' parameter at /admin/appointment.php. | 9.8 | CRITICAL | β | 0 |
| CVE-2025-14330 JIT miscompilation in the JavaScript Engine: JIT component. This vulnerability affects Firefox < 146, Firefox ESR < 140.6, Thunderbird < 146, and Thunderbird < 140.6. | 9.8 | CRITICAL | β | 0 |
| CVE-2019-9788 Mozilla developers and community members reported memory safety bugs present in Firefox 65, Firefox ESR 60.5, and Thunderbird 60.5. Some of these bugs showed evidence of memory corruption and we presu... | 9.8 | CRITICAL | β | 0 |
| CVE-2025-66250 Unauthenticated Arbitrary File Upload (status_contents.php) in DB Electronica Telecomunicazioni S.p.A. Mozart FM Transmitter versions 30, 50, 100, 300, 500, 1000, 2000, 3000, 3500, 6000, 7000 allows a... | 9.8 | CRITICAL | β | 0 |
| CVE-2025-60736 code-projects Online Medicine Guide 1.0 is vulnerable to SQL Injection in /login.php via the upass parameter. | 9.8 | CRITICAL | β | 0 |
| CVE-2025-66262 Arbitrary File Overwrite via Tar Extraction Path Traversal in DB Electronica Telecomunicazioni S.p.A. Mozart FM Transmitter versions 30, 50, 100, 300, 500, 1000, 2000, 3000, 3500, 6000, 7000 allows an... | 9.8 | CRITICAL | β | 0 |
| CVE-2025-65820 An issue was discovered in Meatmeet Android Mobile Application 1.1.2.0. An exported activity can be spawned with the mobile application which opens a hidden page. This page, which is not available thr... | 9.8 | CRITICAL | β | 0 |
| CVE-2023-53740 Screen SFT DAB 1.9.3 contains an authentication bypass vulnerability that allows attackers to change the admin password without providing the current credentials. Attackers can exploit the userManager... | 9.8 | CRITICAL | β | 0 |
| CVE-2025-58386 In Terminalfour 8 through 8.4.1.1, the userLevel parameter in the user management function is not subject to proper server-side authorization checks. A Power User can intercept and modify this paramet... | 9.8 | CRITICAL | β | 0 |
| CVE-2019-11733 When a master password is set, it is required to be entered again before stored passwords can be accessed in the 'Saved Logins' dialog. It was found that locally stored passwords can be copied to the ... | 9.8 | CRITICAL | β | 0 |
| CVE-2025-59695 Entrust nShield Connect XC, nShield 5c, and nShield HSMi through 13.6.11, or 13.7, allow a user with OS root access to alter firmware on the Chassis Management Board (without Authentication). This is ... | 9.8 | CRITICAL | β | 0 |
| CVE-2025-66565 Fiber Utils is a collection of common functions created for Fiber. In versions 2.0.0-rc.3 and below, when the system's cryptographic random number generator (crypto/rand) fails, both functions silentl... | 9.8 | CRITICAL | β | 0 |
| CVE-2025-13597 The AI Feeds plugin for WordPress is vulnerable to arbitrary file uploads due to missing capability check in the 'actualizador_git.php' file in all versions up to, and including, 1.0.11. This makes it... | 9.8 | CRITICAL | β | 0 |
| CVE-2025-59693 The Chassis Management Board in Entrust nShield Connect XC, nShield 5c, and nShield HSMi through 13.6.11, or 13.7, allows a physically proximate attacker to obtain debug access and escalate privileges... | 9.8 | CRITICAL | β | 0 |
| CVE-2025-64063 Primakon Pi Portal 1.0.18 API endpoints fail to enforce sufficient authorization checks when processing requests. Specifically, a standard user can exploit this flaw by sending direct HTTP requests to... | 9.8 | CRITICAL | β | 0 |
| CVE-2025-65656 dcat-admin v2.2.3-beta and before is vulnerable to file inclusion in admin/src/Extend/VersionManager.php. | 9.8 | CRITICAL | β | 0 |
| CVE-2025-61168 An issue in the cms_rest.php component of SIGB PMB v8.0.1.14 allows attackers to execute arbitrary code via unserializing an arbitrary file. | 9.8 | CRITICAL | β | 0 |
| CVE-2025-66032 Claude Code is an agentic coding tool. Prior to 1.0.93, Due to errors in parsing shell commands related to $IFS and short CLI flags, it was possible to bypass the Claude Code read-only validation and ... | 9.8 | CRITICAL | β | 0 |
| CVE-2025-65085 A Heap-based Buffer Overflow vulnerability is present in Ashlar-Vellum Cobalt, Xenon, Argon, Lithium, and Cobalt Share versions 12.6.1204.207 and prior that could allow an attacker to disclose informa... | 9.8 | CRITICAL | β | 0 |
| CVE-2025-41013 SQL injection vulnerability in TCMAN GIM v11 in version 20250304. This vulnerability allows an attacker to retrieve, create, update, and delete databases by sending a GET request using the 'idmant' pa... | 9.8 | CRITICAL | β | 0 |
| CVE-2025-14326 Use-after-free in the Audio/Video: GMP component. This vulnerability affects Firefox < 146 and Thunderbird < 146. | 9.8 | CRITICAL | β | 0 |
| CVE-2025-14324 JIT miscompilation in the JavaScript Engine: JIT component. This vulnerability affects Firefox < 146, Firefox ESR < 115.31, Firefox ESR < 140.6, Thunderbird < 146, and Thunderbird < 140.6. | 9.8 | CRITICAL | β | 0 |
| CVE-2025-11788 Heap-based buffer overflow vulnerability in Circutor SGE-PLC1000/SGE-PLC50 v9.0.2. In the 'ShowSupervisorParameters()' function, there is an unlimited user input that is copied to a fixed-size buffer ... | 9.8 | CRITICAL | β | 0 |
| CVE-2025-65084 An Out-of-Bounds Write vulnerability is present in Ashlar-Vellum Cobalt, Xenon, Argon, Lithium, and Cobalt Share versions 12.6.1204.207 and prior that could allow an attacker to disclose information o... | 9.8 | CRITICAL | β | 0 |
| CVE-2025-66208 Collabora Online - Built-in CODE Server (richdocumentscode) provides a built-in server with all of the document editing features of Collabora Online. In versions prior to 25.04.702, Collabora Online h... | 9.8 | CRITICAL | β | 0 |
| CVE-2025-11786 Stack-based buffer overflow vulnerability in Circutor SGE-PLC1000/SGE-PLC50 v9.0.2. In the 'SetUserPassword()' function, the 'newPassword' parameter is directly embedded in a shell command string usin... | 9.8 | CRITICAL | β | 0 |
| CVE-2025-63742 SQL Injection vulnerability in function setwxqyAction in file webmain/task/api/loginAction.php in Xinhu Rainrock RockOA 2.7.0 allowing attackers gain sensitive information, including administrator acc... | 9.8 | CRITICAL | β | 0 |
| CVE-2025-11785 Stack-based buffer overflow vulnerability in Circutor SGE-PLC1000/SGE-PLC50 v9.0.2. In the 'ShowMeterPasswords()' function, there is an unlimited user input that is copied to a fixed-size buffer via '... | 9.8 | CRITICAL | β | 0 |
| CVE-2025-11784 Stack-based buffer overflow vulnerability in Circutor SGE-PLC1000/SGE-PLC50 v9.0.2. In the 'ShowMeterDatabase()' function, there is an unlimited user input that is copied to a fixed-size buffer via 's... | 9.8 | CRITICAL | β | 0 |
| CVE-2025-11783 Stack-based buffer overflow vulnerability in Circutor SGE-PLC1000/SGE-PLC50 v9.0.2. The vulnerability is found in the 'AddEvent()' function when copying the user-controlled username input to a fixed-s... | 9.8 | CRITICAL | β | 0 |
| CVE-2025-11782 Stack-based buffer overflow vulnerability in Circutor SGE-PLC1000/SGE-PLC50 v9.0.2. The 'ShowDownload()' function uses βsprintf()β to format a string that includes the user-controlled input of 'GetPar... | 9.8 | CRITICAL | β | 0 |
| CVE-2020-36897 QiHang Media Web Digital Signage 3.0.9 contains an unauthenticated remote code execution vulnerability in the QH.aspx file that allows attackers to upload malicious ASPX scripts. Attackers can exploit... | 9.8 | CRITICAL | β | 0 |
| CVE-2025-13486 The Advanced Custom Fields: Extended plugin for WordPress is vulnerable to Remote Code Execution in versions 0.9.0.5 through 0.9.1.1 via the prepare_form() function. This is due to the function accept... | 9.8 | CRITICAL | β | 0 |
| CVE-2020-36892 Eibiz i-Media Server Digital Signage 3.8.0 contains an unauthenticated privilege escalation vulnerability in the updateUser object that allows attackers to modify user roles. Attackers can exploit the... | 9.8 | CRITICAL | β | 0 |
| CVE-2025-13595 The CIBELES AI plugin for WordPress is vulnerable to arbitrary file uploads due to missing capability check in the 'actualizador_git.php' file in all versions up to, and including, 1.10.8. This makes ... | 9.8 | CRITICAL | β | 0 |
| CVE-2025-11780 Stack-based buffer overflow vulnerability in Circutor SGE-PLC1000/SGE-PLC50 v9.0.2. In the 'showMeterReport()' function, there is an unlimited user input that is copied to a fixed-size buffer via 'spr... | 9.8 | CRITICAL | β | 0 |
| CVE-2025-11779 Stack-based buffer overflow vulnerability in CircutorSGE-PLC1000/SGE-PLC50 v9.0.2. The 'SetLan' function is invoked when a new configuration is applied. This new configuration function is activated by... | 9.8 | CRITICAL | β | 0 |
| CVE-2025-11778 Stack-based buffer overflow in Circutor SGE-PLC1000/SGE-PLC50 v0.9.2. This vulnerability allows an attacker to remotely exploit memory corruption through the 'read_packet()' function of the TACACSPLUS... | 9.8 | CRITICAL | β | 0 |
This product uses data from the NVD API but is not endorsed or certified by the NVD.