Vulnerabilidades CVE
Base de datos de vulnerabilidades CVE enriquecida con datos de CISA KEV y NVD
| CVE ID | CVSS | Severidad | KEV | Avistamientos |
|---|---|---|---|---|
| CVE-2023-41816 An improper export vulnerability was reported in the Motorola Services Main application that could allow a local attacker to write to a local database.Β | 5.0 | MEDIUM | β | 0 |
| CVE-2024-4097 The Cost Calculator Builder plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the SVG upload feature in all versions up to, and including, 3.1.67 due to insufficient input sanitiza... | 7.2 | HIGH | β | 0 |
| CVE-2023-42089 Foxit PDF Reader templates Use-After-Free Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of Foxit PDF Read... | 7.8 | HIGH | β | 0 |
| CVE-2023-42090 Foxit PDF Reader XFA Doc Object Out-Of-Bounds Read Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of Foxit... | 7.1 | HIGH | β | 0 |
| CVE-2023-42091 Foxit PDF Reader XFA Doc Object Use-After-Free Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Reader. ... | 7.8 | HIGH | β | 0 |
| CVE-2023-42092 Foxit PDF Reader Doc Object Use-After-Free Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Reader. User... | 7.8 | HIGH | β | 0 |
| CVE-2023-42093 Foxit PDF Reader Annotation Use-After-Free Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of Foxit PDF Rea... | 3.3 | LOW | β | 0 |
| CVE-2023-42094 Foxit PDF Reader Annotation Use-After-Free Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Reader. User... | 7.8 | HIGH | β | 0 |
| CVE-2023-42095 Foxit PDF Reader AcroForm Out-Of-Bounds Read Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of Foxit PDF R... | 3.3 | LOW | β | 0 |
| CVE-2023-42096 Foxit PDF Reader PDF File Parsing Use-After-Free Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Reader... | 7.8 | HIGH | β | 0 |
| CVE-2023-42097 Foxit PDF Reader Annotation Use-After-Free Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Reader. User... | 7.8 | HIGH | β | 0 |
| CVE-2023-51613 D-Link DIR-X3260 prog.cgi SetDynamicDNSSettings Stack-Based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affec... | 8.0 | HIGH | β | 0 |
| CVE-2023-51614 D-Link DIR-X3260 prog.cgi SetQuickVPNSettings Password Stack-Based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code o... | 6.8 | MEDIUM | β | 0 |
| CVE-2023-51615 D-Link DIR-X3260 prog.cgi SetQuickVPNSettings PSK Stack-Based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on aff... | 6.8 | MEDIUM | β | 0 |
| CVE-2023-41817 An improper export vulnerability was reported in the Motorola Phone Calls application that could allow a local attacker to read unauthorized information. | 2.8 | LOW | β | 0 |
| CVE-2023-51616 D-Link DIR-X3260 prog.cgi SetSysEmailSettings Stack-Based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affecte... | 6.8 | MEDIUM | β | 0 |
| CVE-2023-51617 D-Link DIR-X3260 prog.cgi SetWanSettings Stack-Based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected ins... | 6.8 | MEDIUM | β | 0 |
| CVE-2023-51618 D-Link DIR-X3260 prog.cgi SetWLanRadioSecurity Stack-Based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affect... | 6.8 | MEDIUM | β | 0 |
| CVE-2023-51619 D-Link DIR-X3260 prog.cgi SetMyDLinkRegistration Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affe... | 6.8 | MEDIUM | β | 0 |
| CVE-2023-51620 D-Link DIR-X3260 prog.cgi SetIPv6PppoeSettings Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affect... | 6.8 | MEDIUM | β | 0 |
| CVE-2023-51621 D-Link DIR-X3260 prog.cgi SetDeviceSettings Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected ... | 6.8 | MEDIUM | β | 0 |
| CVE-2023-51622 D-Link DIR-X3260 prog.cgi SetTriggerPPPoEValidate Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on aff... | 6.8 | MEDIUM | β | 0 |
| CVE-2023-51623 D-Link DIR-X3260 prog.cgi SetAPClientSettings Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affecte... | 6.8 | MEDIUM | β | 0 |
| CVE-2023-41818 An improper use of the SD card for sensitive data vulnerability was reported in the Motorola Device Help application that could allow a local attacker to read system logs.Β | 5.0 | MEDIUM | β | 0 |
| CVE-2023-51624 D-Link DCS-8300LHV2 RTSP ValidateAuthorizationHeader Nonce Stack-Based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary co... | 8.8 | HIGH | β | 0 |
| CVE-2023-51625 D-Link DCS-8300LHV2 ONVIF SetSystemDateAndTime Command Injection Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected install... | 8.0 | HIGH | β | 0 |
| CVE-2023-51626 D-Link DCS-8300LHV2 RTSP ValidateAuthorizationHeader Username Stack-Based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary... | 8.8 | HIGH | β | 0 |
| CVE-2023-51627 D-Link DCS-8300LHV2 ONVIF Duration Stack-Based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installat... | 8.0 | HIGH | β | 0 |
| CVE-2023-51628 D-Link DCS-8300LHV2 ONVIF SetHostName Stack-Based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected instal... | 8.0 | HIGH | β | 0 |
| CVE-2023-51629 D-Link DCS-8300LHV2 ONVIF Hardcoded PIN Authentication Bypass Vulnerability. This vulnerability allows network-adjacent attackers to bypass authentication on affected installations of D-Link DCS-8300L... | 8.8 | HIGH | β | 0 |
| CVE-2023-51633 Centreon sysName Cross-Site Scripting Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Centreon. User interaction ... | 9.6 | CRITICAL | β | 0 |
| CVE-2023-25457 Missing Authorization vulnerability in Richteam Slider Carousel β Responsive Image Slider.This issue affects Slider Carousel β Responsive Image Slider: from n/a through 1.5.1. | 5.3 | MEDIUM | β | 0 |
| CVE-2024-33946 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in WPify s.R.O. WPify Woo Czech allows Reflected XSS.This issue affects WPify Woo Czech: from n/a thr... | 7.1 | HIGH | β | 0 |
| CVE-2024-23912 Out-of-bounds Read vulnerability in Merge DICOM Toolkit C/C++ on Windows. When MC_Open_File() function is used to read a malformed DICOM data, it might result in over-reading memory buffer and could ... | 4.0 | MEDIUM | β | 0 |
| CVE-2024-23913 Use of Out-of-range Pointer Offset vulnerability in Merge DICOM Toolkit C/C++ on Windows. When deprecated MC_XML_To_Message() function is used to read a malformed DICOM XML file, it might result in m... | 4.0 | MEDIUM | β | 0 |
| CVE-2024-23914 Use of Externally-Controlled Format String vulnerability in Merge DICOM Toolkit C/C++ on Windows. When MC_Open_Association() function is used to open DICOM Association and gets DICOM Application Cont... | 5.7 | MEDIUM | β | 0 |
| CVE-2023-41819 A PendingIntent hijacking vulnerability was reported in the Motorola Face Unlock application that could allow a local attacker to access unauthorized content providers.Β | 6.1 | MEDIUM | β | 0 |
| CVE-2024-32986 PWAsForFirefox is a tool to install, manage and use Progressive Web Apps (PWAs) in Mozilla Firefox. Due to improper sanitization of web app properties (such as name, description, shortcuts), web apps ... | 9.6 | CRITICAL | β | 0 |
| CVE-2024-34062 tqdm is an open source progress bar for Python and CLI. Any optional non-boolean CLI arguments (e.g. `--delim`, `--buf-size`, `--manpath`) are passed through python's `eval`, allowing arbitrary code e... | 4.8 | MEDIUM | β | 0 |
| CVE-2023-41820 An implicit intent vulnerability was reported in the Motorola Ready For application that could allow a local attacker to read information about connected Bluetooth audio devices.Β | 5.0 | MEDIUM | β | 0 |
| CVE-2024-34063 vodozemac is an implementation of Olm and Megolm in pure Rust. Versions 0.5.0 and 0.5.1 of vodozemac have degraded secret zeroization capabilities, due to changes in third-party cryptographic dependen... | 2.5 | LOW | β | 0 |
| CVE-2024-34072 sagemaker-python-sdk is a library for training and deploying machine learning models on Amazon SageMaker. The sagemaker.base_deserializers.NumpyDeserializer module before v2.218.0 allows potentially u... | 7.8 | HIGH | β | 0 |
| CVE-2024-34073 sagemaker-python-sdk is a library for training and deploying machine learning models on Amazon SageMaker. In affected versions the capture_dependencies function in `sagemaker.serve.save_retrive.versio... | 7.8 | HIGH | β | 0 |
| CVE-2024-4461 Unquoted path or search item vulnerability in SugarSync versions prior to 4.1.3 for Windows. This misconfiguration could allow an unauthorized local user to inject arbitrary code into the unquoted ser... | 7.8 | HIGH | β | 0 |
| CVE-2024-4466 SQL injection vulnerability in Gescen on the centrosdigitales.net platform. This vulnerability allows an attacker to send a specially crafted SQL query to the pass parameter and retrieve all the data ... | 9.8 | CRITICAL | β | 0 |
| CVE-2024-33786 An arbitrary file upload vulnerability in Zhongcheng Kexin Ticketing Management Platform 20.04 allows attackers to execute arbitrary code via uploading a crafted file. | 9.8 | CRITICAL | β | 0 |
| CVE-2024-33787 Hengan Weighing Management Information Query Platform 2019-2021 53.25 was discovered to contain a SQL injection vulnerability via the tuser_Number parameter at search_user.aspx. | 8.2 | HIGH | β | 0 |
| CVE-2022-48671 In the Linux kernel, the following vulnerability has been resolved: cgroup: Add missing cpus_read_lock() to cgroup_attach_task_all() syzbot is hitting percpu_rwsem_assert_held(&cpu_hotplug_lock) war... | 5.5 | MEDIUM | β | 0 |
| CVE-2022-48672 In the Linux kernel, the following vulnerability has been resolved: of: fdt: fix off-by-one error in unflatten_dt_nodes() Commit 78c44d910d3e ("drivers/of: Fix depth when unflattening devicetree") f... | 7.8 | HIGH | β | 0 |
| CVE-2022-48673 In the Linux kernel, the following vulnerability has been resolved: net/smc: Fix possible access to freed memory in link clear After modifying the QP to the Error state, all RX WR would be completed... | 5.5 | MEDIUM | β | 0 |
This product uses data from the NVD API but is not endorsed or certified by the NVD.