Vulnerabilidades CVE
Base de datos de vulnerabilidades CVE enriquecida con datos de CISA KEV y NVD
| CVE ID | CVSS | Severidad | KEV | Avistamientos |
|---|---|---|---|---|
| CVE-2025-59786 2N Access Commander version 3.4.2 and prior improperly invalidates session tokens, allowing multiple session cookies to remain active after logout in web application. | 9.8 | CRITICAL | β | 0 |
| CVE-2025-70236 Stack buffer overflow vulnerability in D-Link DIR-513 v1.10 via the curTime parameter to goform/formSetDomainFilter. | 9.8 | CRITICAL | β | 0 |
| CVE-2025-70237 Stack buffer overflow vulnerability in D-Link DIR-513 v1.10 via the curTime parameter to goform/formSetPortTr. | 9.8 | CRITICAL | β | 0 |
| CVE-2026-26478 A shell command injection vulnerability in Mobvoi Tichome Mini smart speaker 012-18853 and 027-58389 allows remote attackers to send a specially crafted UDP datagram and execute arbitrary shell code a... | 9.8 | CRITICAL | β | 0 |
| CVE-2026-3549 Heap Overflow in TLS 1.3 ECH parsing. An integer underflow existed in ECH extension parsing logic when calculating a buffer length, which resulted in writing beyond the bounds of an allocated buffer. ... | 9.8 | CRITICAL | β | 0 |
| CVE-2026-28474 OpenClaw's Nextcloud Talk plugin versions prior to 2026.2.6 accept equality matching on the mutable actor.name display name field for allowlist validation, allowing attackers to bypass DM and room all... | 9.8 | CRITICAL | β | 0 |
| CVE-2026-3849 Stack Buffer Overflow in wc_HpkeLabeledExtract via Oversized ECH Config. A vulnerability existed in wolfSSL 5.8.4 ECH (Encrypted Client Hello) support, where a maliciously crafted ECH config could cau... | 9.8 | CRITICAL | β | 0 |
| CVE-2025-70239 Stack buffer overflow vulnerability in D-Link DIR-513 v1.10 via the curTime parameter to goform/formSetWAN_Wizard55. | 9.8 | CRITICAL | β | 0 |
| CVE-2026-23813 A vulnerability has been identified in the web-based management interface of AOS-CX switches that could potentially allow an unauthenticated remote actor to circumvent existing authentication controls... | 9.8 | CRITICAL | β | 0 |
| CVE-2025-70234 Stack buffer overflow vulnerability in D-Link DIR-513 v1.10 via the curTime parameter to goform/formSetQoS. | 9.8 | CRITICAL | β | 0 |
| CVE-2026-28785 Ghostfolio is an open source wealth management software. Prior to version 2.244.0, by bypassing symbol validation, an attacker can execute arbitrary SQL commands via the getHistorical() method, potent... | 9.8 | CRITICAL | β | 0 |
| CVE-2026-30871 OpenWrt Project is a Linux operating system targeting embedded devices. In versions prior to 24.10.6 and 25.12.1, the mdns daemon has a Stack-based Buffer Overflow vulnerability in the parse_question ... | 9.8 | CRITICAL | β | 0 |
| CVE-2026-32985 Xerte Online Toolkits versions 3.14 and earlier contain an unauthenticated arbitrary file upload vulnerability in the template import functionality that allows remote attackers to execute arbitrary co... | 9.8 | CRITICAL | β | 0 |
| CVE-2026-3381 Compress::Raw::Zlib versions through 2.219 for Perl use potentially insecure versions of zlib. Compress::Raw::Zlib includes a copy of the zlib library. Compress::Raw::Zlib version 2.220 includes zlib... | 9.8 | CRITICAL | β | 0 |
| CVE-2026-27389 Authentication Bypass Using an Alternate Path or Channel vulnerability in designthemes WeDesignTech Ultimate Booking Addon wedesigntech-ultimate-booking-addon allows Authentication Abuse.This issue af... | 9.8 | CRITICAL | β | 0 |
| CVE-2026-31871 Parse Server is an open source backend that can be deployed to any infrastructure that can run Node.js. Prior to 9.6.0-alpha.5 and 8.6.31, a SQL injection vulnerability exists in the PostgreSQL storag... | 9.8 | CRITICAL | β | 0 |
| CVE-2026-28229 Argo Workflows is an open source container-native workflow engine for orchestrating parallel jobs on Kubernetes. Prior to 4.0.2 and 3.7.11, Workflow templates endpoints allow any client to retrieve Wo... | 9.8 | CRITICAL | β | 0 |
| CVE-2026-32746 telnetd in GNU inetutils through 2.7 allows an out-of-bounds write in the LINEMODE SLC (Set Local Characters) suboption handler because add_slc does not check whether the buffer is full. | 9.8 | CRITICAL | β | 0 |
| CVE-2026-4254 A weakness has been identified in Tenda AC8 up to 16.03.50.11. This vulnerability affects the function doSystemCmd of the file /goform/SysToolChangePwd of the component HTTP Endpoint. This manipulatio... | 9.8 | CRITICAL | β | 0 |
| CVE-2026-31840 Parse Server is an open source backend that can be deployed to any infrastructure that can run Node.js. Prior to 9.6.0-alpha.2 and 8.6.28, an attacker can use a dot-notation field name in combination ... | 9.8 | CRITICAL | β | 0 |
| CVE-2026-23767 ESC/POS, a printer control language designed by Seiko Epson Corporation, lacks mechanisms for user authentication and command authorization, does not provide controls to restrict sources or destinatio... | 9.8 | CRITICAL | β | 0 |
| CVE-2026-32512 Deserialization of Untrusted Data vulnerability in Edge-Themes Pelicula pelicula-video-production-and-movie-theme allows Object Injection.This issue affects Pelicula: from n/a through < 1.10. | 9.8 | CRITICAL | β | 0 |
| CVE-2026-31856 Parse Server is an open source backend that can be deployed to any infrastructure that can run Node.js. A SQL injection vulnerability exists in the PostgreSQL storage adapter when processing Increment... | 9.8 | CRITICAL | β | 0 |
| CVE-2026-30694 An issue in DedeCMS v.5.7.118 and before allows a remote attacker to execute arbitrary code via the array_filter component | 9.8 | CRITICAL | β | 0 |
| CVE-2018-25159 Epross AVCON6 systems management platform contains an object-graph navigation language (OGNL) injection vulnerability that allows unauthenticated attackers to execute arbitrary commands by injecting m... | 9.8 | CRITICAL | β | 0 |
| CVE-2026-0110 In MM_DATA_IND of cn_NrSmMsgHdlrFromMM.cpp, there is a possible EoP due to memory corruption. This could lead to remote escalation of privilege with no additional execution privileges needed. User int... | 9.8 | CRITICAL | β | 0 |
| CVE-2025-54001 Deserialization of Untrusted Data vulnerability in ThemeREX Classter classter allows Object Injection.This issue affects Classter: from n/a through <= 2.5. | 9.8 | CRITICAL | β | 0 |
| CVE-2025-70082 An issue in Lantronix EDS3000PS v.3.1.0.0R2 allows an attacker to execute arbitrary code and obtain sensitive information via the ltrx_evo component | 9.8 | CRITICAL | β | 0 |
| CVE-2026-27944 Nginx UI is a web user interface for the Nginx web server. Prior to version 2.3.3, the /api/backup endpoint is accessible without authentication and discloses the encryption keys required to decrypt t... | 9.8 | CRITICAL | β | 0 |
| CVE-2026-28443 OpenReplay is a self-hosted session replay suite. Prior to version 1.20.0, the POST /{projectId}/cards/search endpoint has a SQL injection in the sort.field parameter. This issue has been patched in v... | 9.8 | CRITICAL | β | 0 |
| CVE-2026-0953 The Tutor LMS Pro plugin for WordPress is vulnerable to authentication bypass in all versions up to, and including, 3.9.5 via the Social Login addon. This is due to the plugin failing to verify that t... | 9.8 | CRITICAL | β | 0 |
| CVE-2026-28514 Rocket.Chat is an open-source, secure, fully customizable communications platform. Prior to versions 7.8.6, 7.9.8, 7.10.7, 7.11.4, 7.12.4, 7.13.3, and 8.0.0, a critical authentication bypass vulnerabi... | 9.8 | CRITICAL | β | 0 |
| CVE-2025-67041 An issue was discovered in Lantronix EDS3000PS 3.1.0.0R2. The host parameter of the TFTP client in the Filesystem Browser page is not properly sanitized. This can be exploited to escape from the origi... | 9.8 | CRITICAL | β | 0 |
| CVE-2026-22897 A command injection vulnerability has been reported to affect QuNetSwitch. The remote attackers can then exploit the vulnerability to execute arbitrary commands. We have already fixed the vulnerabili... | 9.8 | CRITICAL | β | 0 |
| CVE-2026-28391 OpenClaw versions prior to 2026.2.2 fail to properly validate Windows cmd.exe metacharacters in allowlist-gated exec requests (non-default configuration), allowing attackers to bypass command approval... | 9.8 | CRITICAL | β | 0 |
| CVE-2026-21622 Insufficient Session Expiration vulnerability in hexpm hexpm/hexpm ('Elixir.Hexpm.Accounts.PasswordReset' module) allows Account Takeover. Password reset tokens generated via the "Reset your password... | 9.8 | CRITICAL | β | 0 |
| CVE-2025-67114 Use of a deterministic credential generation algorithm in /ftl/bin/calc_f2 in Small Cell Sercomm SCE4255W (FreedomFi Englewood) firmware before DG3934v3@2308041842 allows remote attackers to derive va... | 9.8 | CRITICAL | β | 0 |
| CVE-2026-3826 IFTOP developed by WellChoose has a Local File Inclusion vulnerability, allowing unauthenticated remote attackers to execute arbitrary code on the server. | 9.8 | CRITICAL | β | 0 |
| CVE-2025-70233 Stack buffer overflow vulnerability in D-Link DIR-513 v1.10 via the curTime parameter to goform/formSetEnableWizard. | 9.8 | CRITICAL | β | 0 |
| CVE-2025-70218 Stack buffer overflow vulnerability in D-Link DIR-513 v1.10 via POST to the goform/formAdvFirewall component. | 9.8 | CRITICAL | β | 0 |
| CVE-2025-70220 Stack buffer overflow vulnerability in D-Link DIR-513 v1.10 via the curTime parameter to goform/formAutoDetecWAN_wizard4. | 9.8 | CRITICAL | β | 0 |
| CVE-2025-70240 Stack buffer overflow vulnerability in D-Link DIR-513 v1.10 via the curTime parameter to goform/formSetWAN_Wizard51. | 9.8 | CRITICAL | β | 0 |
| CVE-2026-21536 Microsoft Devices Pricing Program Remote Code Execution Vulnerability | 9.8 | CRITICAL | β | 0 |
| CVE-2025-70024 An issue pertaining to CWE-89: Improper Neutralization of Special Elements used in an SQL Command was discovered in benkeen generatedata 4.0.14. | 9.8 | CRITICAL | β | 0 |
| CVE-2025-67035 An issue was discovered in Lantronix EDS5000 2.1.0.0R3. The SSH Client and SSH Server pages are affected by multiple OS injection vulnerabilities due to missing sanitization of input parameters. An at... | 9.8 | CRITICAL | β | 0 |
| CVE-2026-28501 WWBN AVideo is an open source video platform. Prior to version 24.0, an unauthenticated SQL Injection vulnerability exists in AVideo within the objects/videos.json.php and objects/video.php components... | 9.8 | CRITICAL | β | 0 |
| CVE-2025-70232 Stack buffer overflow vulnerability in D-Link DIR-513 v1.10 via the curTime parameter to goform/formSetMACFilter. | 9.8 | CRITICAL | β | 0 |
| CVE-2026-31877 Frappe is a full-stack web application framework. Prior to 15.84.0 and 14.99.0, a specially crafted request made to a certain endpoint could result in SQL injection, allowing an attacker to extract in... | 9.8 | CRITICAL | β | 0 |
| CVE-2019-25468 NetGain EM Plus 10.1.68 contains a remote code execution vulnerability that allows unauthenticated attackers to execute arbitrary system commands by submitting malicious parameters to the script_test.... | 9.8 | CRITICAL | β | 0 |
| CVE-2026-30741 A remote code execution (RCE) vulnerability in OpenClaw Agent Platform v2026.2.6 allows attackers to execute arbitrary code via a Request-Side prompt injection attack. | 9.8 | CRITICAL | β | 0 |
This product uses data from the NVD API but is not endorsed or certified by the NVD.