Vulnerabilidades CVE
Base de datos de vulnerabilidades CVE enriquecida con datos de CISA KEV y NVD
| CVE ID | CVSS | Severidad | KEV | Avistamientos |
|---|---|---|---|---|
| CVE-2015-4627 SQL injection vulnerability in Pragyan CMS 3.0. | N/A | NONE | β | 0 |
| CVE-2015-4629 Huawei E5756S before V200R002B146D23SP00C00 allows remote attackers to read device configuration information, enable PIN/PUK authentication, and perform other unspecified actions. | N/A | NONE | β | 0 |
| CVE-2015-4697 Cross-site request forgery (CSRF) vulnerability in Google Analyticator Wordpress Plugin before 6.4.9.3 rev @1183563. | N/A | NONE | β | 0 |
| CVE-2015-4721 Multiple cross-site scripting (XSS) vulnerabilities in Concrete5 5.7.3.1. | N/A | NONE | β | 0 |
| CVE-2015-7672 Cross-site scripting (XSS) vulnerability in Centreon 2.6.1 (fixed in Centreon 18.10.0 and Centreon web 2.8.27). | N/A | NONE | β | 0 |
| CVE-2015-8079 qt5-qtwebkit before 5.4 records private browsing URLs to its favicon database, WebpageIcons.db. | 5.3 | MEDIUM | β | 0 |
| CVE-2017-12211 A vulnerability in the IPv6 Simple Network Management Protocol (SNMP) code of Cisco IOS and Cisco IOS XE Software could allow an authenticated, remote attacker to cause high CPU usage or a reload of t... | N/A | NONE | β | 0 |
| CVE-2017-12212 A vulnerability in the web framework of Cisco Unity Connection could allow an unauthenticated, remote attacker to conduct a reflected cross-site scripting (XSS) attack against a user of the web interf... | N/A | NONE | β | 0 |
| CVE-2017-0771 A denial of service vulnerability in the Android media framework (libskia). Product: Android. Versions: 7.0, 7.1.1, 7.1.2. Android ID: A-37624243. | N/A | NONE | β | 0 |
| CVE-2017-12213 A vulnerability in the dynamic access control list (ACL) feature of Cisco IOS XE Software running on Cisco Catalyst 4000 Series Switches could allow an unauthenticated, adjacent attacker to cause dyna... | N/A | NONE | β | 0 |
| CVE-2017-12216 A vulnerability in the web-based user interface of Cisco SocialMiner could allow an unauthenticated, remote attacker to have read and write access to information stored in the affected system. The vul... | N/A | NONE | β | 0 |
| CVE-2017-12217 A vulnerability in the General Packet Radio Service (GPRS) Tunneling Protocol ingress packet handler of Cisco ASR 5500 System Architecture Evolution (SAE) Gateways could allow an unauthenticated, remo... | N/A | NONE | β | 0 |
| CVE-2017-12218 A vulnerability in the malware detection functionality within Advanced Malware Protection (AMP) of Cisco AsyncOS Software for Cisco Email Security Appliances (ESAs) could allow an unauthenticated, rem... | N/A | NONE | β | 0 |
| CVE-2017-12220 A vulnerability in the web-based management interface of Cisco Firepower Management Center could allow an unauthenticated, remote attacker to conduct a reflected cross-site scripting (XSS) attack agai... | N/A | NONE | β | 0 |
| CVE-2017-12221 A vulnerability in the web framework of Cisco Firepower Management Center could allow an authenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web interfa... | N/A | NONE | β | 0 |
| CVE-2017-12223 A vulnerability in the ROM Monitor (ROMMON) code of Cisco IR800 Integrated Services Router Software could allow an unauthenticated, local attacker to boot an unsigned Hypervisor on an affected device ... | N/A | NONE | β | 0 |
| CVE-2017-12224 A vulnerability in the ability for guest users to join meetings via a hyperlink with Cisco Meeting Server could allow an authenticated, remote attacker to enter a meeting with a hyperlink URL, even th... | N/A | NONE | β | 0 |
| CVE-2017-0790 A elevation of privilege vulnerability in the Broadcom wi-fi driver. Product: Android. Versions: Android kernel. Android ID: A-37357704. References: B-V2017053101. | N/A | NONE | β | 0 |
| CVE-2017-12225 A vulnerability in the web functionality of the Cisco Prime LAN Management Solution could allow an authenticated, remote attacker to hijack another user's administrative session, aka a Session Fixatio... | N/A | NONE | β | 0 |
| CVE-2017-12227 A vulnerability in the SQL database interface for Cisco Emergency Responder could allow an authenticated, remote attacker to conduct a blind SQL injection attack. The vulnerability is due to a failure... | N/A | NONE | β | 0 |
| CVE-2017-6631 A vulnerability in the HTTP remote procedure call (RPC) service of set-top box (STB) receivers manufactured by Cisco for Yes could allow an unauthenticated, remote attacker to cause a denial of servic... | N/A | NONE | β | 0 |
| CVE-2017-6780 A vulnerability in the TCP throttling process for Cisco IoT Field Network Director (IoT-FND) could allow an unauthenticated, remote attacker to cause the system to consume additional memory, eventuall... | N/A | NONE | β | 0 |
| CVE-2017-0791 A elevation of privilege vulnerability in the Broadcom wi-fi driver. Product: Android. Versions: Android kernel. Android ID: A-37306719. References: B-V2017052302. | N/A | NONE | β | 0 |
| CVE-2017-6789 A vulnerability in the Cisco Unified Intelligence Center web interface could allow an unauthenticated, remote attacker to impact the integrity of the system by executing a Document Object Model (DOM)-... | N/A | NONE | β | 0 |
| CVE-2017-6791 A vulnerability in the Trust Verification Service (TVS) of Cisco Unified Communications Manager could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affec... | N/A | NONE | β | 0 |
| CVE-2017-6792 A vulnerability in the batch provisioning feature in Cisco Prime Collaboration Provisioning Tool could allow an authenticated, remote attacker to overwrite system files as root. The vulnerability is d... | N/A | NONE | β | 0 |
| CVE-2017-6793 A vulnerability in the Inventory Management feature of Cisco Prime Collaboration Provisioning Tool could allow an authenticated, remote attacker to view sensitive information on the system. The vulner... | N/A | NONE | β | 0 |
| CVE-2017-6794 A vulnerability in the CLI command-parsing code of Cisco Meeting Server could allow an authenticated, local attacker to perform command injection and escalate their privileges to root. The attacker mu... | N/A | NONE | β | 0 |
| CVE-2017-6795 A vulnerability in the USB-modem code of Cisco IOS XE Software running on Cisco ASR 920 Series Aggregation Services Routers could allow an authenticated, local attacker to overwrite arbitrary files on... | N/A | NONE | β | 0 |
| CVE-2017-6796 A vulnerability in the USB-modem code of Cisco IOS XE Software running on Cisco ASR 920 Series Aggregation Services Routers could allow an authenticated, local attacker to inject and execute arbitrary... | N/A | NONE | β | 0 |
| CVE-2017-14219 XSS (persistent) on the Intelbras Wireless N 150Mbps router with firmware WRN 240 allows attackers to steal wireless credentials without being connected to the network, related to userRpm/popupSiteSur... | N/A | NONE | β | 0 |
| CVE-2017-11611 Wolf CMS 0.8.3.1 allows Cross-Site Scripting (XSS) attacks. The vulnerability exists due to insufficient sanitization of the file name in a "create-file-popup" action, and the directory name in a "cre... | N/A | NONE | β | 0 |
| CVE-2017-9095 XXE in Diving Log 6.0 allows attackers to remotely view local files through a crafted dive.xml file that is mishandled during a Subsurface import. | 5.5 | MEDIUM | β | 0 |
| CVE-2017-11161 Multiple SQL injection vulnerabilities in Synology Photo Station before 6.7.4-3433 and 6.3-2968 allow remote attackers to execute arbitrary SQL commands via the (1) article_id parameter to label.php; ... | N/A | NONE | β | 0 |
| CVE-2016-5759 The mkdumprd script called "dracut" in the current working directory "." allows local users to trick the administrator into executing code as root. | N/A | NONE | β | 0 |
| CVE-2017-14167 Integer overflow in the load_multiboot function in hw/i386/multiboot.c in QEMU (aka Quick Emulator) allows local guest OS users to execute arbitrary code on the host via crafted multiboot header addre... | 8.8 | HIGH | β | 0 |
| CVE-2017-12146 The driver_override implementation in drivers/base/platform.c in the Linux kernel before 4.12.1 allows local users to gain privileges by leveraging a race condition between a read operation and a stor... | 7.0 | HIGH | β | 0 |
| CVE-2017-0752 A elevation of privilege vulnerability in the Android framework (windowmanager). Product: Android. Versions: 4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2. Android ID: A-62196835. | N/A | NONE | β | 0 |
| CVE-2017-0753 A remote code execution vulnerability in the Android libraries (libgdx). Product: Android. Versions: 7.1.1, 7.1.2, 8.0. Android ID: A-62218744. | N/A | NONE | β | 0 |
| CVE-2017-0755 A elevation of privilege vulnerability in the Android libraries (libminikin). Product: Android. Versions: 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2, 8.0. Android ID: A-32178311. | N/A | NONE | β | 0 |
| CVE-2017-0756 A remote code execution vulnerability in the Android media framework (libstagefright). Product: Android. Versions: 4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2. Android ID: A-34621073. | N/A | NONE | β | 0 |
| CVE-2017-0757 A remote code execution vulnerability in the Android media framework (libavc). Product: Android. Versions: 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2. Android ID: A-36006815. | N/A | NONE | β | 0 |
| CVE-2017-0758 A remote code execution vulnerability in the Android media framework (libhevc). Product: Android. Versions: 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2. Android ID: A-36492741. | N/A | NONE | β | 0 |
| CVE-2017-0784 A elevation of privilege vulnerability in the Android system (nfc). Product: Android. Versions: 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2. Android ID: A-37287958. | N/A | NONE | β | 0 |
| CVE-2017-0759 A remote code execution vulnerability in the Android media framework (libstagefright). Product: Android. Versions: 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2. Android ID: A-36715268. | N/A | NONE | β | 0 |
| CVE-2017-0760 A remote code execution vulnerability in the Android media framework (libstagefright). Product: Android. Versions: 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2. Android ID: A-37237396. | N/A | NONE | β | 0 |
| CVE-2017-0761 A remote code execution vulnerability in the Android media framework (libavc). Product: Android. Versions: 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2, 8.0. Android ID: A-38448381. | N/A | NONE | β | 0 |
| CVE-2017-0762 A remote code execution vulnerability in the Android media framework (libhevc). Product: Android. Versions: 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2. Android ID: A-62214264. | N/A | NONE | β | 0 |
| CVE-2017-0763 A remote code execution vulnerability in the Android media framework (libhevc). Product: Android. Versions: 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2, 8.0. Android ID: A-62534693. | N/A | NONE | β | 0 |
| CVE-2017-0765 A remote code execution vulnerability in the Android media framework (libstagefright). Product: Android. Versions: 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2, 8.0. Android ID: A-62872863. | N/A | NONE | β | 0 |
This product uses data from the NVD API but is not endorsed or certified by the NVD.