Vulnerabilidades CVE
Base de datos de vulnerabilidades CVE enriquecida con datos de CISA KEV y NVD
| CVE ID | CVSS | Severidad | KEV | Avistamientos |
|---|---|---|---|---|
| CVE-2025-15204 A vulnerability was determined in SohuTV CacheCloud up to 3.2.0. Affected is the function doQuartzList of the file src/main/java/com/sohu/cache/web/controller/QuartzManageController.java. Executing ma... | 2.4 | LOW | β | 0 |
| CVE-2025-15205 A vulnerability was identified in code-projects Student File Management System 1.0. Affected by this vulnerability is an unknown functionality of the file /download.php. The manipulation of the argume... | 6.3 | MEDIUM | β | 0 |
| CVE-2025-69205 Micro Registration Utility (Β΅URU) is a telephone self registration utility based on asterisk. In versions up to and including commit 88db9a953f38a3026bcd6816d51c7f3b93c55893, an attacker can crafts a ... | 6.3 | MEDIUM | β | 0 |
| CVE-2025-15207 A vulnerability has been found in Campcodes Supplier Management System 1.0. Affected is an unknown function of the file /admin/view_products.php. The manipulation of the argument chkId[] leads to sql ... | 7.3 | HIGH | β | 0 |
| CVE-2025-15208 A security flaw has been discovered in code-projects Refugee Food Management System 1.0. Affected by this issue is some unknown functionality of the file /home/editrefugee.php. The manipulation of the... | 7.3 | HIGH | β | 0 |
| CVE-2025-15209 A weakness has been identified in code-projects Refugee Food Management System 1.0. This affects an unknown part of the file /home/editfood.php. This manipulation of the argument a/b/c/d causes sql in... | 6.3 | MEDIUM | β | 0 |
| CVE-2025-34987 Rejected reason: This CVE ID was rejected because it was reserved but not used for a vulnerability disclosure. | N/A | NONE | β | 0 |
| CVE-2025-15210 A security vulnerability has been detected in code-projects Refugee Food Management System 1.0. This vulnerability affects unknown code of the file /home/editrefugee.php. Such manipulation of the argu... | 6.3 | MEDIUM | β | 0 |
| CVE-2025-68120 To prevent unexpected untrusted code execution, the Visual Studio Code Go extension is now disabled in Restricted Mode. | 5.4 | MEDIUM | β | 0 |
| CVE-2025-15211 A flaw has been found in code-projects Refugee Food Management System 1.0. Impacted is an unknown function of the file /home/refugee.php. Executing manipulation of the argument refNo/Fname/Lname/sex/a... | 6.3 | MEDIUM | β | 0 |
| CVE-2025-15212 A vulnerability was detected in code-projects Refugee Food Management System 1.0. This issue affects some unknown processing of the file /home/regfood.php. Performing manipulation of the argument a re... | 6.3 | MEDIUM | β | 0 |
| CVE-2025-15213 A vulnerability has been found in code-projects Student File Management System 1.0. The affected element is an unknown function of the file /download.php of the component File Download Handler. The ma... | 4.3 | MEDIUM | β | 0 |
| CVE-2025-69217 coturn is a free open source implementation of TURN and STUN Server. Versions 4.6.2r5 through 4.7.0-r4 have a bad random number generator for nonces and port randomization after refactoring. Additiona... | 7.7 | HIGH | β | 0 |
| CVE-2025-34988 Rejected reason: This CVE ID was rejected because it was reserved but not used for a vulnerability disclosure. | N/A | NONE | β | 0 |
| CVE-2025-15214 A vulnerability was found in Campcodes Park Ticketing System 1.0. The impacted element is the function save_pricing of the file admin_class.php. The manipulation of the argument name/ride results in c... | 2.4 | LOW | β | 0 |
| CVE-2025-69234 Whale browser before 4.35.351.12 allows an attacker to escape the iframe sandbox in a sidebar environment. | 9.1 | CRITICAL | β | 0 |
| CVE-2025-69235 Whale browser before 4.35.351.12 allows an attacker to bypass the Same-Origin Policy in a sidebar environment. | 7.5 | HIGH | β | 0 |
| CVE-2025-15215 A vulnerability was determined in Tenda AC10U 15.03.06.48/15.03.06.49. This affects the function formSetPPTPUserList of the file /goform/setPptpUserList of the component HTTP POST Request Handler. Thi... | 8.8 | HIGH | β | 0 |
| CVE-2025-15216 A vulnerability was identified in Tenda AC23 16.03.07.52. This impacts the function fromSetIpMacBind of the file /goform/SetIpMacBind. Such manipulation of the argument bindnum leads to stack-based bu... | 8.8 | HIGH | β | 0 |
| CVE-2025-15219 A security vulnerability has been detected in SohuTV CacheCloud up to 3.2.0. Affected by this issue is the function doMachineList/doPodList of the file src/main/java/com/sohu/cache/web/controller/Mach... | 3.5 | LOW | β | 0 |
| CVE-2025-15220 A vulnerability was detected in SohuTV CacheCloud up to 3.2.0. This affects the function init of the file src/main/java/com/sohu/cache/web/controller/LoginController.java. The manipulation results in ... | 4.3 | MEDIUM | β | 0 |
| CVE-2025-15221 A flaw has been found in SohuTV CacheCloud up to 3.2.0. This vulnerability affects the function index of the file src/main/java/com/sohu/cache/web/controller/AppDataMigrateController.java. This manipu... | 3.5 | LOW | β | 0 |
| CVE-2025-14312 The Advance WP Query Search Filter WordPress plugin through 1.0.10 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which cou... | 6.1 | MEDIUM | β | 0 |
| CVE-2025-14313 The Advance WP Query Search Filter WordPress plugin through 1.0.10 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which cou... | 6.1 | MEDIUM | β | 0 |
| CVE-2025-15222 A vulnerability has been found in Dromara Sa-Token up to 1.44.0. This issue affects the function ObjectInputStream.readObject of the file SaSerializerTemplateForJdkUseBase64.java. Such manipulation le... | 5.0 | MEDIUM | β | 0 |
| CVE-2025-15229 A vulnerability has been found in Tenda CH22 up to 1.0.0.1. Affected by this vulnerability is the function fromDhcpListClient of the file /goform/DhcpListClient. Such manipulation of the argument LIST... | 5.3 | MEDIUM | β | 0 |
| CVE-2025-15232 A vulnerability was identified in Tenda M3 1.0.0.13(4903). This vulnerability affects the function formSetAdPushInfo of the file /goform/setAdPushInfo. The manipulation of the argument mac/terminal le... | 8.8 | HIGH | β | 0 |
| CVE-2025-15355 ISOinsight developed by NetVision Information has a Reflected Cross-site Scripting vulnerability, allowing unauthenticated remote attackers to execute arbitrary JavaScript codes in user's browser thro... | 6.1 | MEDIUM | β | 0 |
| CVE-2025-15102 DVP-12SE11T - Password Protection Bypass | 9.1 | CRITICAL | β | 0 |
| CVE-2025-34989 Rejected reason: This CVE ID was rejected because it was reserved but not used for a vulnerability disclosure. | N/A | NONE | β | 0 |
| CVE-2025-34990 Rejected reason: This CVE ID was rejected because it was reserved but not used for a vulnerability disclosure. | N/A | NONE | β | 0 |
| CVE-2025-15103 DVP-12SE11T - Authentication Bypass via Partial Password Disclosure | 8.1 | HIGH | β | 0 |
| CVE-2025-15241 A security vulnerability has been detected in CloudPanel Community Edition up to 2.5.1. The affected element is an unknown function of the file /admin/users of the component HTTP Header Handler. Such ... | 3.5 | LOW | β | 0 |
| CVE-2025-15358 DVP-12SE11T - Denial of Service Vulnerability | 7.5 | HIGH | β | 0 |
| CVE-2025-15359 DVP-12SE11T - Out-of-bound memory write Vulnerability | 9.1 | CRITICAL | β | 0 |
| CVE-2025-15244 A vulnerability has been found in PHPEMS up to 11.0. This impacts an unknown function of the component Purchase Request Handler. The manipulation leads to race condition. The attack may be initiated r... | 3.7 | LOW | β | 0 |
| CVE-2025-15245 A vulnerability was found in D-Link DCS-850L 1.02.09. Affected is the function uploadfirmware of the component Firmware Update Service. The manipulation of the argument DownloadFile results in path tr... | 3.5 | LOW | β | 0 |
| CVE-2022-50784 In the Linux kernel, the following vulnerability has been resolved: wifi: iwlwifi: mei: fix potential NULL-ptr deref after clone If cloning the SKB fails, don't try to use it, but rather return as i... | N/A | NONE | β | 0 |
| CVE-2025-34991 Rejected reason: This CVE ID was rejected because it was reserved but not used for a vulnerability disclosure. | N/A | NONE | β | 0 |
| CVE-2025-34992 Rejected reason: This CVE ID was rejected because it was reserved but not used for a vulnerability disclosure. | N/A | NONE | β | 0 |
| CVE-2025-34993 Rejected reason: This CVE ID was rejected because it was reserved but not used for a vulnerability disclosure. | N/A | NONE | β | 0 |
| CVE-2022-50785 In the Linux kernel, the following vulnerability has been resolved: fsi: occ: Prevent use after free Use get_device and put_device in the open and close functions to make sure the device doesn't get... | N/A | NONE | β | 0 |
| CVE-2022-50786 In the Linux kernel, the following vulnerability has been resolved: media: s5p-mfc: Clear workbit to handle error condition During error on CLOSE_INSTANCE command, ctx_work_bits was not getting clea... | N/A | NONE | β | 0 |
| CVE-2023-54162 In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix possible memory leak in smb2_lock() argv needs to be free when setup_async_work fails or when the current process is wo... | N/A | NONE | β | 0 |
| CVE-2025-14509 The Lucky Wheel for WooCommerce β Spin a Sale plugin for WordPress is vulnerable to PHP Code Injection in all versions up to, and including, 1.1.13. This is due to the plugin using eval() to execute u... | 7.2 | HIGH | β | 0 |
| CVE-2022-50597 Rejected reason: ** REJECT ** DO NOT USE THIS CVE RECORD. ConsultIDs: none. Reason: This record was in a CNA pool that was not assigned to any issues during 2022. Notes: none. | N/A | NONE | β | 0 |
| CVE-2022-50598 Rejected reason: ** REJECT ** DO NOT USE THIS CVE RECORD. ConsultIDs: none. Reason: This record was in a CNA pool that was not assigned to any issues during 2022. Notes: none. | N/A | NONE | β | 0 |
| CVE-2022-50599 Rejected reason: ** REJECT ** DO NOT USE THIS CVE RECORD. ConsultIDs: none. Reason: This record was in a CNA pool that was not assigned to any issues during 2022. Notes: none. | N/A | NONE | β | 0 |
| CVE-2022-50600 Rejected reason: ** REJECT ** DO NOT USE THIS CVE RECORD. ConsultIDs: none. Reason: This record was in a CNA pool that was not assigned to any issues during 2022. Notes: none. | N/A | NONE | β | 0 |
| CVE-2026-20963 Deserialization of untrusted data in Microsoft Office SharePoint allows an authorized attacker to execute code over a network. | 8.8 | HIGH | KEV | 0 |
This product uses data from the NVD API but is not endorsed or certified by the NVD.