Vulnerabilidades CVE
Base de datos de vulnerabilidades CVE enriquecida con datos de CISA KEV y NVD
| CVE ID | CVSS | Severidad | KEV | Avistamientos |
|---|---|---|---|---|
| CVE-2025-69991 phpgurukul News Portal Project V4.1 is vulnerable to SQL Injection in check_availablity.php. | 9.8 | CRITICAL | β | 0 |
| CVE-2020-25787 An issue was discovered in Tiny Tiny RSS (aka tt-rss) before 2020-09-16. It does not validate all URLs before requesting them. | 9.8 | CRITICAL | β | 0 |
| CVE-2025-65099 Claude Code is an agentic coding tool. Prior to version 1.0.39, when running on a machine with Yarn 3.0 or above, Claude Code could have been tricked to execute code contained in a project via yarn pl... | 9.8 | CRITICAL | β | 0 |
| CVE-2022-50591 Advantech iView versions prior to v5.7.04 build 6425Β contain a vulnerability within the SNMP management toolΒ that allows for remote attackers to bypass authentication checks and reach a SQL injection ... | 9.8 | CRITICAL | β | 0 |
| CVE-2025-68932 FreshRSS is a free, self-hostable RSS aggregator. Prior to version 1.28.0, FreshRSS uses cryptographically weak random number generators (mt_rand() and uniqid()) to generate remember-me authentication... | 9.8 | CRITICAL | β | 0 |
| CVE-2022-33318 Deserialization of Untrusted Data vulnerability in Mitsubishi Electric GENESIS64 versions 10.97 to 10.97.1, Mitsubishi Electric Iconics Digital Solutions GENESIS64 versions 10.97 to 10.97.1, Mitsubish... | 9.8 | CRITICAL | β | 0 |
| CVE-2020-29288 An SQL injection vulnerability was discovered in Gym Management System In manage_user.php file, GET parameter 'id' is vulnerable. | 9.8 | CRITICAL | β | 0 |
| CVE-2022-1000 Path Traversal in GitHub repository prasathmani/tinyfilemanager prior to 2.4.7. | 9.8 | CRITICAL | β | 0 |
| CVE-2021-24863 The WP Block and Stop Bad Bots Crawlers and Spiders and Anti Spam Protection Plugin StopBadBots WordPress plugin before 6.67 does not sanitise and escape the User Agent before using it in a SQL statem... | 9.8 | CRITICAL | β | 0 |
| CVE-2025-0107 An OS command injection vulnerability in Palo Alto Networks Expedition enables an unauthenticated attacker to run arbitrary OS commands as the www-data user in Expedition, which results in the disclos... | 9.8 | CRITICAL | β | 0 |
| CVE-2025-50401 Mercury D196G d196gv1-cn-up_2020-01-09_11.21.44 is vulnerable to Buffer Overflow in the function sub_404CAEDC via the parameter password. | 9.8 | CRITICAL | β | 0 |
| CVE-2025-50398 Mercury D196G d196gv1-cn-up_2020-01-09_11.21.44 is vulnerable to Buffer Overflow in the function sub_404CAEDC via the parameter fac_password. | 9.8 | CRITICAL | β | 0 |
| CVE-2025-62864 Ampere AmpereOne AC03 devices before 3.5.9.3, AmpereOne AC04 devices before 4.4.5.2, and AmpereOne M devices before 5.4.5.1 allow an incorrectly formed SMC call to UEFI-MM MMCommunicate service that c... | 9.8 | CRITICAL | β | 0 |
| CVE-2023-53899 PodcastGenerator 3.2.9 contains a blind server-side request forgery vulnerability that allows attackers to inject XML in the episode upload form. Attackers can manipulate the 'shortdesc' parameter to ... | 9.8 | CRITICAL | β | 0 |
| CVE-2023-53895 PimpMyLog 1.7.14 contains an improper access control vulnerability that allows remote attackers to create admin accounts without authorization through the configuration endpoint. Attackers can exploit... | 9.8 | CRITICAL | β | 0 |
| CVE-2025-65834 Meltytech Shotcut 25.10.31 is vulnerable to Buffer Overflow. A memory access violation occurs when processing MLT project files with manipulated width and height parameters. By setting these values to... | 9.8 | CRITICAL | β | 0 |
| CVE-2024-9932 The Wux Blog Editor plugin for WordPress is vulnerable to arbitrary file uploads due to insufficient file type validation in the 'wuxbt_insertImageNew' function in versions up to, and including, 3.0.0... | 9.8 | CRITICAL | β | 0 |
| CVE-2025-11456 The ELEX WordPress HelpDesk & Customer Ticketing System plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the eh_crm_new_ticket_post() function in all... | 9.8 | CRITICAL | β | 0 |
| CVE-2025-59245 Microsoft SharePoint Online Elevation of Privilege Vulnerability | 9.8 | CRITICAL | β | 0 |
| CVE-2025-67895 Edge3 Worker RPC RCE on Airflow 2. This issue affects Apache Airflow Providers Edge3: before 2.0.0 - and only if you installed and configured it on Airflow 2. The Edge3 provider support in Airflow... | 9.8 | CRITICAL | β | 0 |
| CVE-2025-67165 An Insecure Direct Object Reference (IDOR) in Pagekit CMS v1.0.18 allows attackers to escalate privileges. | 9.8 | CRITICAL | β | 0 |
| CVE-2025-46295 Apache Commons Text versions prior to 1.10.0 included interpolation features that could be abused when applications passed untrusted input into the text-substitution API. Because some interpolators co... | 9.8 | CRITICAL | β | 0 |
| CVE-2025-67073 A Buffer overflow vulnerability in function fromAdvSetMacMtuWan of bin httpd in Tenda AC10V4.0 V16.03.10.20 allows remote attackers to cause denial of service and possibly code execution by sending a ... | 9.8 | CRITICAL | β | 0 |
| CVE-2024-36061 EnGenius EWS356-FIT devices through 1.1.30 allow blind OS command injection. This allows an attacker to execute arbitrary OS commands via shell metacharacters to the Ping and Speed Test utilities. | 9.8 | CRITICAL | β | 0 |
| CVE-2025-67793 An issue was discovered in DriveLock 24.1 through 24.1.*, 24.2 through 24.2.*, and 25.1 before 25.1.6. Users with the "Manage roles and permissions" privilege can promote themselves or other DOC users... | 9.8 | CRITICAL | β | 0 |
| CVE-2024-10924 The Really Simple Security (Free, Pro, and Pro Multisite) plugins for WordPress are vulnerable to authentication bypass in versions 9.0.0 to 9.1.1.1. This is due to improper user check error handling ... | 9.8 | CRITICAL | β | 0 |
| CVE-2025-27918 An issue was discovered in AnyDesk for Windows before 9.0.5, AnyDesk for macOS before 9.0.1, AnyDesk for Linux before 7.0.0, AnyDesk for iOS before 7.1.2, and AnyDesk for Android before 8.0.0. It has ... | 9.8 | CRITICAL | β | 0 |
| CVE-2017-0359 diffoscope before 77 writes to arbitrary locations on disk based on the contents of an untrusted archive. | 9.8 | CRITICAL | β | 0 |
| CVE-2017-14478 In the MMM::Agent::Helpers::Network::clear_ip function in MySQL Multi-Master Replication Manager (MMM) mmm_agentd 2.2.1 (for Linux), a specially crafted MMM protocol message can cause a shell command ... | 9.8 | CRITICAL | β | 0 |
| CVE-2018-9019 SQL Injection vulnerability in Dolibarr before version 7.0.2 allows remote attackers to execute arbitrary SQL commands via the sortfield parameter to /accountancy/admin/accountmodel.php, /accountancy/... | 9.8 | CRITICAL | β | 0 |
| CVE-2024-9924 The fix for CVE-2024-26261 was incomplete, and and the specific package for OAKlouds from Hgiga remains at risk. Unauthenticated remote attackers still can download arbitrary system files, which may b... | 9.8 | CRITICAL | β | 0 |
| CVE-2018-7228 A vulnerability exists in Schneider Electric's Pelco Sarix Professional in all firmware versions prior to 3.29.67 which could allow an unauthenticated, remote attacker to bypass authentication and get... | 9.8 | CRITICAL | β | 0 |
| CVE-2017-7658 In Eclipse Jetty Server, versions 9.2.x and older, 9.3.x (all non HTTP/1.x configurations), and 9.4.x (all HTTP/1.x configurations), when presented with two content-lengths headers, Jetty ignored the ... | 9.8 | CRITICAL | β | 0 |
| CVE-2018-7229 A vulnerability exists in Schneider Electric's Pelco Sarix Professional in all firmware versions prior to 3.29.67 which could allow an unauthenticated, remote attacker to bypass authentication and gai... | 9.8 | CRITICAL | β | 0 |
| CVE-2024-47167 Gradio is an open-source Python package designed for quick prototyping. This vulnerability relates to **Server-Side Request Forgery (SSRF)** in the `/queue/join` endpoint. Gradioβs `async_save_url_to_... | 9.8 | CRITICAL | β | 0 |
| CVE-2018-7750 transport.py in the SSH server implementation of Paramiko before 1.17.6, 1.18.x before 1.18.5, 2.0.x before 2.0.8, 2.1.x before 2.1.5, 2.2.x before 2.2.3, 2.3.x before 2.3.2, and 2.4.x before 2.4.1 do... | 9.8 | CRITICAL | β | 0 |
| CVE-2018-7232 A vulnerability exists in Schneider Electric's Pelco Sarix Professional in all firmware versions prior to 3.29.67 which could allow execution of commands due to lack of validation of the shell meta ch... | 9.8 | CRITICAL | β | 0 |
| CVE-2018-8871 In Delta Electronics Automation TPEditor version 1.89 or prior, parsing a malformed program file may cause heap-based buffer overflow vulnerability, which may allow remote code execution. | 9.8 | CRITICAL | β | 0 |
| CVE-2018-7233 A vulnerability exists in Schneider Electric's Pelco Sarix Professional in all firmware versions prior to 3.29.67 which could allow execution of commands due to lack of validation of the shell meta ch... | 9.8 | CRITICAL | β | 0 |
| CVE-2024-46088 An arbitrary file upload vulnerability in the ProductAction.entphone interface of Zhejiang University Entersoft Customer Resource Management System v2002 to v2024 allows attackers to execute arbitrary... | 9.8 | CRITICAL | β | 0 |
| CVE-2016-8717 An exploitable Use of Hard-coded Credentials vulnerability exists in the Moxa AWK-3131A Wireless Access Point running firmware 1.1. The device operating system contains an undocumented, privileged (ro... | 9.8 | CRITICAL | β | 0 |
| CVE-2017-18342 In PyYAML before 5.1, the yaml.load() API could execute arbitrary code if used with untrusted data. The load() function has been deprecated in version 5.1 and the 'UnsafeLoader' has been introduced fo... | 9.8 | CRITICAL | β | 0 |
| CVE-2018-1000533 klaussilveira GitList version <= 0.6 contains a Passing incorrectly sanitized input to system function vulnerability in `searchTree` function that can result in Execute any code as PHP user. This atta... | 9.8 | CRITICAL | β | 0 |
| CVE-2024-9234 The GutenKit β Page Builder Blocks, Patterns, and Templates for Gutenberg Block Editor plugin for WordPress is vulnerable to arbitrary file uploads due to a missing capability check on the install_and... | 9.8 | CRITICAL | β | 0 |
| CVE-2017-14474 In the MMM::Agent::Helpers::_execute function in MySQL Multi-Master Replication Manager (MMM) mmm_agentd 2.2.1, a specially crafted MMM protocol message can cause a shell command injection resulting i... | 9.8 | CRITICAL | β | 0 |
| CVE-2024-46532 SQL Injection vulnerability in OpenHIS v.1.0 allows an attacker to execute arbitrary code via the refund function in the PayController.class.php component. | 9.8 | CRITICAL | β | 0 |
| CVE-2024-42640 angular-base64-upload prior to v0.1.21 is vulnerable to unauthenticated remote code execution via demo/server.php. Exploiting this vulnerability allows an attacker to upload arbitrary content to the s... | 9.8 | CRITICAL | β | 0 |
| CVE-2018-11743 The init_copy function in kernel.c in mruby 1.4.1 makes initialize_copy calls for TT_ICLASS objects, which allows attackers to cause a denial of service (mrb_hash_keys uninitialized pointer and applic... | 9.8 | CRITICAL | β | 0 |
| CVE-2018-1000544 rubyzip gem rubyzip version 1.2.1 and earlier contains a Directory Traversal vulnerability in Zip::File component that can result in write arbitrary files to the filesystem. This attack appear to be e... | 9.8 | CRITICAL | β | 0 |
| CVE-2024-9518 The UserPlus plugin for WordPress is vulnerable to privilege escalation in versions up to, and including, 2.0 due to insufficient restriction on the 'form_actions' and 'userplus_update_user_profile' f... | 9.8 | CRITICAL | β | 0 |
This product uses data from the NVD API but is not endorsed or certified by the NVD.