Vulnerabilidades CVE
Base de datos de vulnerabilidades CVE enriquecida con datos de CISA KEV y NVD
| CVE ID | CVSS | Severidad | KEV | Avistamientos |
|---|---|---|---|---|
| CVE-2026-30902 Improper Privilege Management in certain Zoom Clients for Windows may allow an authenticated user to conduct an escalation of privilege via local access. | 7.8 | HIGH | β | 0 |
| CVE-2026-29069 Craft is a content management system (CMS). Prior to 5.9.0-beta.2 and 4.17.0-beta.2, the actionSendActivationEmail() endpoint is accessible to unauthenticated users and does not require a permission c... | 5.3 | MEDIUM | β | 0 |
| CVE-2026-3520 Multer is a node.js middleware for handling `multipart/form-data`. A vulnerability in Multer prior to version 2.1.1 allows an attacker to trigger a Denial of Service (DoS) by sending malformed request... | 7.5 | HIGH | β | 0 |
| CVE-2019-25498 Simple Job Script contains an SQL injection vulnerability that allows unauthenticated attackers to manipulate database queries by injecting SQL code through the landing_location parameter. Attackers c... | 8.2 | HIGH | β | 0 |
| CVE-2019-25499 Simple Job Script contains an SQL injection vulnerability that allows unauthenticated attackers to manipulate database queries by injecting SQL code through the job_id parameter. Attackers can send PO... | 8.2 | HIGH | β | 0 |
| CVE-2019-25500 Simple Job Script contains an SQL injection vulnerability that allows unauthenticated attackers to manipulate database queries by injecting SQL code through the employerid parameter. Attackers can sen... | 8.2 | HIGH | β | 0 |
| CVE-2019-25501 Simple Job Script contains an SQL injection vulnerability that allows attackers to manipulate database queries by injecting malicious SQL code through the app_id parameter. Attackers can send POST req... | 8.2 | HIGH | β | 0 |
| CVE-2025-69340 Missing Authorization vulnerability in BuddhaThemes WeDesignTech Ultimate Booking Addon wedesigntech-ultimate-booking-addon allows Exploiting Incorrectly Configured Access Control Security Levels.This... | 7.5 | HIGH | β | 0 |
| CVE-2019-25502 Simple Job Script contains a cross-site scripting vulnerability that allows unauthenticated attackers to inject malicious scripts by manipulating the job_type_value parameter in the jobs endpoint. Att... | 6.1 | MEDIUM | β | 0 |
| CVE-2019-25503 PHPads 2.0 contains an SQL injection vulnerability that allows unauthenticated attackers to execute arbitrary SQL queries by injecting malicious code through the bannerID parameter in click.php3. Atta... | 7.1 | HIGH | β | 0 |
| CVE-2019-25504 NCrypted Jobgator contains an SQL injection vulnerability that allows unauthenticated attackers to manipulate database queries by injecting SQL code through the experience parameter. Attackers can sen... | 8.2 | HIGH | β | 0 |
| CVE-2019-25505 Tradebox 5.4 contains an SQL injection vulnerability that allows authenticated attackers to manipulate database queries by injecting SQL code through the symbol parameter. Attackers can send POST requ... | 7.1 | HIGH | β | 0 |
| CVE-2019-25506 FreeSMS 2.1.2 contains a boolean-based blind SQL injection vulnerability in the password parameter that allows unauthenticated attackers to bypass authentication by injecting SQL code through the logi... | 8.2 | HIGH | β | 0 |
| CVE-2019-25507 Ashop Shopping Cart Software contains an SQL injection vulnerability that allows unauthenticated attackers to manipulate database queries by injecting SQL code through the 'shop' parameter. Attackers ... | 8.2 | HIGH | β | 0 |
| CVE-2025-70218 Stack buffer overflow vulnerability in D-Link DIR-513 v1.10 via POST to the goform/formAdvFirewall component. | 9.8 | CRITICAL | β | 0 |
| CVE-2025-70220 Stack buffer overflow vulnerability in D-Link DIR-513 v1.10 via the curTime parameter to goform/formAutoDetecWAN_wizard4. | 9.8 | CRITICAL | β | 0 |
| CVE-2026-20001 A vulnerability in the REST API of Cisco Secure FMC Software could allow an authenticated, remote attacker to conduct SQL injection attacks on an affected system. This vulnerability is due to inade... | 6.5 | MEDIUM | β | 0 |
| CVE-2026-20002 A vulnerability in the web-based management interface of Cisco Secure FMC Software could allow an authenticated, remote attacker to conduct SQL injection attacks on an affected system. This vulnera... | 8.1 | HIGH | β | 0 |
| CVE-2026-20003 A vulnerability in the REST API of Cisco Secure FMC Software could allow an authenticated, remote attacker to conduct SQL injection attacks on an affected system. This vulnerability is due to inade... | 4.9 | MEDIUM | β | 0 |
| CVE-2026-20006 A vulnerability in the TLS cryptography functionality of the Snort 3 Detection Engine of Cisco Secure Firewall Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause th... | 5.8 | MEDIUM | β | 0 |
| CVE-2026-20007 A vulnerability in the Snort 2 and Snort 3 deep packet inspection of Cisco Secure Firewall Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to bypass configured Snort rule... | 5.8 | MEDIUM | β | 0 |
| CVE-2026-20008 A vulnerability in a small subset of CLI commands that are used on Cisco Secure Firewall Adaptive Security Appliance (ASA) Software and Cisco Secure Firewall Threat Defense (FTD) Software could allow ... | 6.0 | MEDIUM | β | 0 |
| CVE-2026-20009 A vulnerability in the implementation of the proprietary SSH stack with SSH key-based authentication in Cisco Secure Firewall Adaptive Security Appliance (ASA) Software could allow an unauthenticated,... | 5.3 | MEDIUM | β | 0 |
| CVE-2026-20013 A vulnerability in the IKEv2 feature of Cisco Secure Firewall ASA Software and Cisco Secure FTD Software could allow an unauthenticated, remote attacker to cause a DoS condition on an affected device ... | 5.8 | MEDIUM | β | 0 |
| CVE-2026-20014 A vulnerability in the IKEv2 feature of Cisco Secure Firewall ASA Software and Cisco Secure FTD Software could allow an authenticated, remote attacker with valid VPN user credentials to cause a DoS co... | 7.7 | HIGH | β | 0 |
| CVE-2026-20015 A vulnerability in the IKEv2 feature of Cisco Secure Firewall ASA Software and Cisco Secure FTD Software could allow an unauthenticated, remote attacker to cause a DoS condition on an affected device ... | 5.8 | MEDIUM | β | 0 |
| CVE-2026-20017 A vulnerability in the CLI of Cisco Secure FTD Software could allow an authenticated, local attacker to execute arbitrary commands on the underlying operating system as root. To exploit this vulnerabi... | 6.0 | MEDIUM | β | 0 |
| CVE-2026-20018 A vulnerability in the sftunnel functionality of Cisco Secure Firewall Management Center (FMC) Software and Cisco Secure Firewall Threat Defense (FTD) Software could allow an authenticated, remote att... | 5.9 | MEDIUM | β | 0 |
| CVE-2026-20031 A vulnerability in the HTML Cascading Style Sheets (CSS) module of ClamAV could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. This vu... | 5.3 | MEDIUM | β | 0 |
| CVE-2026-20039 A vulnerability in the VPN web server of Cisco Secure Firewall Adaptive Security Appliance (ASA) Software and Cisco Secure Firewall Threat Defense (FTD) Software could allow an unauthenticated, remote... | 8.6 | HIGH | β | 0 |
| CVE-2026-20044 A vulnerability in the lockdown mechanism of Cisco Secure Firewall Management Center (FMC) Software could allow an authenticated, local attacker to perform arbitrary commands as root. This vulnerab... | 6.0 | MEDIUM | β | 0 |
| CVE-2026-20049 A vulnerability in the processing of Galois/Counter Mode (GCM)-encrypted Internet Key Exchange version 2 (IKEv2) IPsec traffic of Cisco Secure Firewall Adaptive Security Appliance (ASA) Software and C... | 7.7 | HIGH | β | 0 |
| CVE-2026-20050 A vulnerability in the Do Not Decrypt exclusion feature of the SSL decryption feature of Cisco Secure Firewall Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause a ... | 6.8 | MEDIUM | β | 0 |
| CVE-2026-20052 A vulnerability in the memory management handling for the Snort 3 Detection Engine of Cisco Secure Firewall Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause the S... | 5.8 | MEDIUM | β | 0 |
| CVE-2026-20053 Multiple Cisco products are affected by a vulnerability in the Snort 3 VBA feature that could allow an unauthenticated, remote attacker to cause the Snort 3 Detection Engine to crash. This vulnerab... | 5.8 | MEDIUM | β | 0 |
| CVE-2026-20054 Multiple Cisco products are affected by a vulnerability in the Snort 3 VBA feature that could allow an unauthenticated, remote attacker to cause the Snort 3 Detection Engine to crash. This vu... | 5.8 | MEDIUM | β | 0 |
| CVE-2026-20057 Multiple Cisco products are affected by a vulnerability in the Snort 3 Visual Basic for Applications (VBA) feature which could allow an unauthenticated, remote attacker to cause the Snort 3 Detection ... | 5.8 | MEDIUM | β | 0 |
| CVE-2026-20058 Multiple Cisco products are affected by vulnerabilities in the Snort 3 VBA feature that could allow an unauthenticated, remote attacker to cause the Snort 3 Detection Engine to crash. These vulnera... | 5.8 | MEDIUM | β | 0 |
| CVE-2026-20064 A vulnerability in of Cisco Secure Firewall Threat Defense (FTD) Software could allow an authenticated, local attacker to cause the device to unexpectedly reload, causing a denial of service (DoS) con... | 6.5 | MEDIUM | β | 0 |
| CVE-2026-20062 A vulnerability in the CLI of Cisco Secure Firewall Adaptive Security Appliance (ASA) Software in multiple context mode could allow an authenticated, local attacker with administrative privileges in o... | 7.2 | HIGH | β | 0 |
| CVE-2026-20063 A vulnerability in the CLI of Cisco Secure FTD Software could allow an authenticated, local attacker to execute arbitrary commands on the underlying operating system as root. To exploit this vulnerabi... | 6.0 | MEDIUM | β | 0 |
| CVE-2026-20065 Multiple Cisco products are affected by a vulnerability in the Snort 3 Detection Engine that could allow an unauthenticated, remote attacker to cause the Snort 3 Detection Engine to restart, resulting... | 5.8 | MEDIUM | β | 0 |
| CVE-2026-20066 Multiple Cisco products are affected by a vulnerability in the Snort 3 Detection Engine that could allow an unauthenticated, remote attacker to cause the Snort 3 Detection Engine to restart, resulting... | 5.8 | MEDIUM | β | 0 |
| CVE-2026-20067 Multiple Cisco products are affected by a vulnerability in the Snort 3 detection engine that could allow an unauthenticated, remote attacker to cause the Snort 3 Detection Engine to restart, resulting... | 5.8 | MEDIUM | β | 0 |
| CVE-2026-20068 Multiple Cisco products are affected by a vulnerability in the Snort 3 detection engine that could allow an unauthenticated, remote attacker to cause the Snort 3 Detection Engine to restart, resulting... | 5.8 | MEDIUM | β | 0 |
| CVE-2026-20069 A vulnerability in the VPN web services component of Cisco Secure Firewall Adaptive Security Appliance (ASA) Software and Cisco Secure Firewall Threat Defense (FTD) Software could allow an unauthentic... | 4.3 | MEDIUM | β | 0 |
| CVE-2026-20070 A vulnerability in the VPN web services component of Cisco Secure Firewall Adaptive Security Appliance (ASA) Software and Cisco Secure Firewall Threat Defense (FTD) Software could allow an unauthentic... | 6.1 | MEDIUM | β | 0 |
| CVE-2026-20073 A vulnerability in Cisco Secure Firewall Adaptive Security Appliance (ASA) Software and Cisco Secure Firewall Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to send traf... | 5.8 | MEDIUM | β | 0 |
| CVE-2026-20079 A vulnerability in the web interface of Cisco Secure Firewall Management Center (FMC) Software could allow an unauthenticated, remote attacker to bypass authentication and execute script files on an a... | 10.0 | CRITICAL | β | 0 |
| CVE-2026-22457 Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in Mikado-Themes Wanderland wanderland allows PHP Local File Inclusion.This issue ... | 8.1 | HIGH | β | 0 |
This product uses data from the NVD API but is not endorsed or certified by the NVD.