Vulnerabilidades CVE
Base de datos de vulnerabilidades CVE enriquecida con datos de CISA KEV y NVD
| CVE ID | CVSS | Severidad | KEV | Avistamientos |
|---|---|---|---|---|
| CVE-2017-18793 NETGEAR R7800 devices before 1.0.2.36 are affected by command injection. | 6.7 | MEDIUM | β | 0 |
| CVE-2017-18794 Certain NETGEAR devices are affected by command injection. This affects R6300v2 before 1.0.4.8_10.0.77, R6400 before 1.0.1.24, R6700 before 1.0.1.26, R7000 before 1.0.9.10, R7100LG before 1.0.0.32, R7... | 8.4 | HIGH | β | 0 |
| CVE-2017-18795 Certain NETGEAR devices are affected by command injection. This affects D6220 before 1.0.0.28 and D6100 before 1.0.0.50_0.0.50. | 6.7 | MEDIUM | β | 0 |
| CVE-2017-18796 Certain NETGEAR devices are affected by command injection. This affects R6400 before 1.0.1.24, R6700 before 1.0.1.26, R6900 before 1.0.1.28, R7000 before 1.0.9.10, R7000P before 1.0.1.16, R6900P befor... | 6.7 | MEDIUM | β | 0 |
| CVE-2017-18797 Certain NETGEAR devices are affected by an attacker's ability to read arbitrary files. This affects R6400 before 1.0.1.24, R7900 before 1.0.1.18, R8000 before 1.0.3.54, and R8500 before 1.0.2.100. | 6.2 | MEDIUM | β | 0 |
| CVE-2017-18798 Certain NETGEAR devices are affected by incorrect configuration of security settings. This affects R6700v2 before 1.1.0.38, R6800 before 1.1.0.38, D7000 before 1.0.1.50, and D1500 before 1.0.0.25. | 6.2 | MEDIUM | β | 0 |
| CVE-2017-18799 Certain NETGEAR devices are affected by incorrect configuration of security settings. This affects R6200v2 before 1.0.3.14, R6250 before 1.0.4.8, R6300v2 before 1.0.4.8, R6700 before 1.1.1.20, R7000 b... | 7.5 | HIGH | β | 0 |
| CVE-2017-18800 Certain NETGEAR devices are affected by reflected XSS. This affects R6700v2 before 1.1.0.42 and R6800 before 1.1.0.42. | 6.1 | MEDIUM | β | 0 |
| CVE-2017-18801 Certain NETGEAR devices are affected by command injection. This affects R6220 before 1.1.0.50, R6700v2 before 1.1.0.38, R6800 before 1.1.0.38, WNDR3700v5 before 1.1.0.48, and D7000 before 1.0.1.50. | 6.7 | MEDIUM | β | 0 |
| CVE-2019-17525 The login page on D-Link DIR-615 T1 20.10 devices allows remote attackers to bypass the CAPTCHA protection mechanism and conduct brute-force attacks. | 8.8 | HIGH | β | 0 |
| CVE-2019-4327 "HCL AppScan Enterprise uses hard-coded credentials which can be exploited by attackers to get unauthorized access to application's encrypted files." | 7.5 | HIGH | β | 0 |
| CVE-2020-10569 SysAid On-Premise 20.1.11, by default, allows the AJP protocol port, which is vulnerable to a GhostCat attack. Additionally, it allows unauthenticated access to upload files, which can be used to exec... | 9.8 | CRITICAL | β | 0 |
| CVE-2020-11008 Affected versions of Git have a vulnerability whereby Git can be tricked into sending private credentials to a host controlled by an attacker. This bug is similar to CVE-2020-5260(GHSA-qm7j-c969-7j4q)... | 4.0 | MEDIUM | β | 0 |
| CVE-2020-5301 SimpleSAMLphp versions before 1.18.6 contain an information disclosure vulnerability. The module controller in `SimpleSAML\Module` that processes requests for pages hosted by modules, has code to iden... | 3.0 | LOW | β | 0 |
| CVE-2018-21140 Certain NETGEAR devices are affected by incorrect configuration of security settings. This affects D3600 before 1.0.0.76 and D6000 before 1.0.0.76. | 6.5 | MEDIUM | β | 0 |
| CVE-2018-21141 Certain NETGEAR devices are affected by denial of service. This affects R6100 before 1.0.1.22, R7500 before 1.0.0.122, R7800 before 1.0.2.42, R8900 before 1.0.3.10, R9000 before 1.0.3.10, WNDR3700v4 b... | 4.5 | MEDIUM | β | 0 |
| CVE-2018-21143 NETGEAR GS810EMX devices before 1.0.0.5 are affected by disclosure of sensitive information. | 6.5 | MEDIUM | β | 0 |
| CVE-2018-21145 Certain NETGEAR devices are affected by a stack-based buffer overflow by an authenticated user. This affects D7800 before 1.0.1.34, DM200 before 1.0.0.50, R6100 before 1.0.1.22, R7500 before 1.0.0.122... | 6.8 | MEDIUM | β | 0 |
| CVE-2018-21146 Certain NETGEAR devices are affected by command injection by an authenticated user. This affects D7800 before 1.0.1.34, R7800 before 1.0.2.42, R8900 before 1.0.3.10, R9000 before 1.0.3.10, WNDR4300v2 ... | 6.8 | MEDIUM | β | 0 |
| CVE-2018-21147 Certain NETGEAR devices are affected by a stack-based buffer overflow by an authenticated user. This affects D7800 before 1.0.1.34, R7500v2 before 1.0.3.26, R7800 before 1.0.2.42, R8900 before 1.0.3.1... | 6.8 | MEDIUM | β | 0 |
| CVE-2018-21148 Certain NETGEAR devices are affected by a stack-based buffer overflow by an authenticated user. This affects D7800 before 1.0.1.34, DM200 before 1.0.0.50, R6100 before 1.0.1.22, R7500 before 1.0.0.122... | 6.8 | MEDIUM | β | 0 |
| CVE-2020-12051 The CentralAuth extension through REL1_34 for MediaWiki allows remote attackers to obtain sensitive hidden account information via an api.php?action=query&meta=globaluserinfo&guiuser= request. In othe... | 7.5 | HIGH | β | 0 |
| CVE-2020-11693 JetBrains YouTrack before 2020.1.659 was vulnerable to DoS that could be caused by attaching a malformed TIFF file to an issue. | 7.5 | HIGH | β | 0 |
| CVE-2019-20102 The attachment-uploading feature in Atlassian Confluence Server from version 6.14.0 through version 6.14.3, and version 6.15.0 before version 6.15.5 allows remote attackers to achieve stored cross-sit... | 6.1 | MEDIUM | β | 0 |
| CVE-2020-12059 An issue was discovered in Ceph through 13.2.9. A POST request with an invalid tagging XML can crash the RGW process by triggering a NULL pointer exception. | 7.5 | HIGH | β | 0 |
| CVE-2017-18788 Certain NETGEAR devices are affected by command injection by an authenticated user. This affects D3600 before 1.0.0.67, D6000 before 1.0.0.67, D6100 before 1.0.0.56, D6200 before 1.1.00.24, D6220 befo... | 6.7 | MEDIUM | β | 0 |
| CVE-2017-18789 Certain NETGEAR devices are affected by disclosure of sensitive information. This affects R6250 before V1.0.4.8, R6400 before V1.0.1.22, R6400v2 before V1.0.2.32, R7100LG before V1.0.0.32, R7300 befor... | 5.5 | MEDIUM | β | 0 |
| CVE-2020-11416 JetBrains Space through 2020-04-22 allows stored XSS in Chats. | 5.4 | MEDIUM | β | 0 |
| CVE-2020-11795 In JetBrains Space through 2020-04-22, the session timeout period was configured improperly. | 7.5 | HIGH | β | 0 |
| CVE-2025-47489 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in markkinchin Beds24 Online Booking beds24-online-booking allows Stored XSS.This issue affects Beds2... | N/A | NONE | β | 0 |
| CVE-2020-11539 An issue was discovered on Tata Sonata Smart SF Rush 1.12 devices. It has been identified that the smart band has no pairing (mode 0 Bluetooth LE security level) The data being transmitted over the ai... | 8.1 | HIGH | β | 0 |
| CVE-2020-11685 In JetBrains GoLand before 2019.3.2, the plugin repository was accessed via HTTP instead of HTTPS. | 7.5 | HIGH | β | 0 |
| CVE-2020-11686 In JetBrains TeamCity before 2019.1.4, a project administrator was able to retrieve some TeamCity server settings. | 2.7 | LOW | β | 0 |
| CVE-2020-11687 In JetBrains TeamCity before 2019.2.2, password values were shown in an unmasked format on several pages. | 7.5 | HIGH | β | 0 |
| CVE-2020-11688 In JetBrains TeamCity before 2019.2.1, the application state is kept alive after a user ends his session. | 7.5 | HIGH | β | 0 |
| CVE-2020-11689 In JetBrains TeamCity before 2019.2.1, a user without appropriate permissions was able to import settings from the settings.kts file. | 6.5 | MEDIUM | β | 0 |
| CVE-2020-11690 In JetBrains IntelliJ IDEA before 2020.1, the license server could be resolved to an untrusted host in some cases. | 9.8 | CRITICAL | β | 0 |
| CVE-2020-11691 In JetBrains Hub before 2020.1.12099, content spoofing in the Hub OAuth error message was possible. | 7.5 | HIGH | β | 0 |
| CVE-2020-11692 In JetBrains YouTrack before 2020.1.659, DB export was accessible to read-only administrators. | 2.7 | LOW | β | 0 |
| CVE-2020-11938 In JetBrains TeamCity 2018.2 through 2019.2.1, a project administrator was able to see scrambled password parameters used in a project. The issue was resolved in 2019.2.2. | 4.9 | MEDIUM | β | 0 |
| CVE-2017-18769 Certain NETGEAR devices are affected by an attacker's ability to read arbitrary files. This affects D6220 before 1.0.0.40, D6400 before 1.0.0.74, D7000 before 1.0.1.60, D7800 before 1.0.1.34, D8500 be... | 4.6 | MEDIUM | β | 0 |
| CVE-2017-18770 Certain NETGEAR devices are affected by a buffer overflow by an authenticated user. This affects R7800 before 1.0.2.36, PLW1000v2 before 1.0.0.14, and PLW1010v2 before 1.0.0.14. | 6.8 | MEDIUM | β | 0 |
| CVE-2017-18772 Certain NETGEAR devices are affected by authentication bypass. This affects EX3700 before 1.0.0.64, EX3800 before 1.0.0.64, EX6120 before 1.0.0.32, EX6130 before 1.0.0.16, R6300v2 before 1.0.4.12, R67... | 8.8 | HIGH | β | 0 |
| CVE-2017-18773 Certain NETGEAR devices are affected by command injection by an authenticated user. This affects D6100 before V1.0.0.55, D7800 before V1.0.1.24, EX6150v2 before 1.0.0.48, R6100 before 1.0.1.14, R7500 ... | 6.7 | MEDIUM | β | 0 |
| CVE-2017-18775 Certain NETGEAR devices are affected by CSRF. This affects R6100 before 1.0.1.12, R7500 before 1.0.0.108, WNDR3700v4 before 1.0.2.86, WNDR4300v1 before 1.0.2.88, WNDR4300v2 before 1.0.0.48, WNDR4500v3... | 8.8 | HIGH | β | 0 |
| CVE-2017-18776 Certain NETGEAR devices are affected by authentication bypass. This affects D6100 before V1.0.0.55, D7000 before V1.0.1.50, D7800 before V1.0.1.24, JNR1010v2 before 1.1.0.40, JWNR2010v5 before 1.1.0.4... | 8.4 | HIGH | β | 0 |
| CVE-2017-18777 Certain NETGEAR devices are affected by administrative password disclosure. This affects D6220 before V1.0.0.28, D6400 before V1.0.0.60, D8500 before V1.0.3.29, DGN2200v4 before 1.0.0.82, DGN2200Bv4 b... | 7.8 | HIGH | β | 0 |
| CVE-2017-18778 Certain NETGEAR devices are affected by incorrect configuration of security settings. This affects D6220 before 1.0.0.28, D6400 before 1.0.0.60, D7000 before 1.0.1.52, D7000v2 before 1.0.0.38, D7800 b... | 5.5 | MEDIUM | β | 0 |
| CVE-2017-18779 Certain NETGEAR devices are affected by a buffer overflow. This affects D6200 before 1.1.00.24, D7000 before 1.0.1.52, JNR1010v2 before 1.1.0.44, JR6150 before 1.0.1.12, JWNR2010v5 before 1.1.0.44, PR... | 7.8 | HIGH | β | 0 |
| CVE-2017-18784 Certain NETGEAR devices are affected by XSS. This affects D6200 before 1.1.00.24, D7000 before 1.0.1.52, JNR1010v2 before 1.1.0.44, JWNR2010v5 before 1.1.0.44, PR2000 before 1.0.0.20, R6020 before 1.0... | 6.1 | MEDIUM | β | 0 |
This product uses data from the NVD API but is not endorsed or certified by the NVD.