Vulnerabilidades CVE
Base de datos de vulnerabilidades CVE enriquecida con datos de CISA KEV y NVD
| CVE ID | CVSS | Severidad | KEV | Avistamientos |
|---|---|---|---|---|
| CVE-2025-41756 A low-privileged remote attacker can exploit the ubr-editfile method in wwwubr.cgi, an undocumented and unused API endpoint to write arbitrary files on the system. | 8.1 | HIGH | β | 0 |
| CVE-2025-41757 A low-privileged remote attacker can abuse the backup restore functionality of UBR (ubr-restore) which runs with elevated privileges and does not validate the contents of the backup archive to create ... | 8.8 | HIGH | β | 0 |
| CVE-2025-41758 A low-privileged remote attacker can exploit an arbitrary file write vulnerability in the wwupload.cgi endpoint. Due to path traversal this can lead to overwriting arbitrary files on the device and ac... | 8.8 | HIGH | β | 0 |
| CVE-2025-41759 An administrator may attempt to block all networks by specifying "\*" or "all" as the network identifier. However, these values are not supported and do not trigger any validation error. Instead, they... | 4.9 | MEDIUM | β | 0 |
| CVE-2025-41760 An administrator may attempt to block all traffic by configuring a pass filter with an empty table. However, in UBR, an empty list does not enforce any restrictions and allows all network traffic to p... | 4.9 | MEDIUM | β | 0 |
| CVE-2025-41761 A lowβprivileged local attacker who gains access to the UBR service account (e.g., via SSH) can escalate privileges to obtain full system access. This is due to the service account being permitted to ... | 7.8 | HIGH | β | 0 |
| CVE-2025-41762 An unauthenticated attacker can abuse the weak hash of the backup generated by the wwwdnload.cgi endpoint to gain unauthorized access to sensitive data, including password hashes and certificates. | 6.2 | MEDIUM | β | 0 |
| CVE-2025-41763 A lowβprivileged remote attacker can directly interact with the wwwdnload.cgi endpoint to download any resource available to administrators, including system backups and certificate request files. | 6.5 | MEDIUM | β | 0 |
| CVE-2025-41764 Due to insufficient authorization enforcement, an unauthorized remote attacker can exploit the wwwupdate.cgi endpoint to upload and apply arbitrary updates. | 9.1 | CRITICAL | β | 0 |
| CVE-2025-41765 Due to insufficient authorization enforcement, an unauthorized remote attacker can exploit the wwwupload.cgi endpoint to upload and apply arbitrary data. This includes, but is not limited to, contact ... | 9.1 | CRITICAL | β | 0 |
| CVE-2025-41766 A low-privileged remote attacker can trigger a stack-based buffer overflow via a crafted HTTP POST request using the ubr-network method resulting in full device compromise. | 8.8 | HIGH | β | 0 |
| CVE-2025-41767 A high-privileged remote attacker can fully compromise the device by abusing an update signature bypass vulnerability in the wwwupdate.cgi method in the web interface of UBR. | 7.2 | HIGH | β | 0 |
| CVE-2025-41772 An unauthenticated remote attacker can obtain valid session tokens because they are exposed in plaintext within the URL parameters of the wwwupdate.cgi endpoint in UBR. | 7.5 | HIGH | β | 0 |
| CVE-2025-61611 In modem, there is a possible improper input validation. This could lead to remote denial of service with no additional execution privileges needed.. | 7.5 | HIGH | β | 0 |
| CVE-2025-61612 In nr modem, there is a possible system crash due to improper input validation. This could lead to remote denial of service with no additional execution privileges needed. | 7.5 | HIGH | β | 0 |
| CVE-2026-3812 A vulnerability was determined in itsourcecode Payroll Management System 1.0. Affected is an unknown function of the file /manage_employee_allowances.php. This manipulation of the argument ID causes c... | 4.3 | MEDIUM | β | 0 |
| CVE-2025-33022 Rejected reason: The reporter agreed to not assign CVE ID | N/A | NONE | β | 0 |
| CVE-2025-61613 In nr modem, there is a possible system crash due to improper input validation. This could lead to remote denial of service with no additional execution privileges needed. | 7.5 | HIGH | β | 0 |
| CVE-2025-61614 In nr modem, there is a possible system crash due to improper input validation. This could lead to remote denial of service with no additional execution privileges needed. | 7.5 | HIGH | β | 0 |
| CVE-2025-61615 In nr modem, there is a possible system crash due to improper input validation. This could lead to remote denial of service with no additional execution privileges needed. | 7.5 | HIGH | β | 0 |
| CVE-2025-61616 In nr modem, there is a possible system crash due to improper input validation. This could lead to remote denial of service with no additional execution privileges needed. | 7.5 | HIGH | β | 0 |
| CVE-2025-40638 A reflected Cross-Site Scripting (XSS) vulnerability has been found in Eventobot. This vulnerability allows an attacker to execute JavaScript code in the victim's browser by sending him/her a malici... | 6.1 | MEDIUM | β | 0 |
| CVE-2025-69278 In nr modem, there is a possible system crash due to improper input validation. This could lead to remote denial of service with no additional execution privileges needed. | 7.5 | HIGH | β | 0 |
| CVE-2025-69279 In nr modem, there is a possible system crash due to improper input validation. This could lead to remote denial of service with no additional execution privileges needed. | 7.5 | HIGH | β | 0 |
| CVE-2026-24015 A vulnerability in Apache IoTDB. This issue affects Apache IoTDB: from 1.0.0 before 1.3.7, from 2.0.0 before 2.0.7. Users are recommended to upgrade to version 1.3.7 or 2.0.7, which fixes the issue. | 9.8 | CRITICAL | β | 0 |
| CVE-2026-24713 Improper Input Validation vulnerability in Apache IoTDB. This issue affects Apache IoTDB: from 1.0.0 before 1.3.7, from 2.0.0 before 2.0.7. Users are recommended to upgrade to version 1.3.7 or 2.0.7... | 9.8 | CRITICAL | β | 0 |
| CVE-2026-3811 A vulnerability was found in Tenda FH1202 1.2.0.14(408). This impacts the function fromP2pListFilter of the file /goform/P2pListFilter. The manipulation of the argument page results in stack-based buf... | 8.8 | HIGH | β | 0 |
| CVE-2025-40639 A SQL injection vulnerability has been found in Eventobot. This vulnerability allows an attacker to retrieve, create, update and delete databases through the 'promo_send' parameter in the '/assets/php... | 9.8 | CRITICAL | β | 0 |
| CVE-2026-3813 A vulnerability was identified in opencc JFlow up to 5badc00db382d7cb82dad231e6a866b18e0addfe. Affected by this vulnerability is the function Calculate of the file src/main/java/bp/wf/httphandler/WF_C... | 6.3 | MEDIUM | β | 0 |
| CVE-2026-3814 A security flaw has been discovered in UTT HiPER 810G up to 1.7.7-1711. Affected by this issue is the function strcpy of the file /goform/getOneApConfTempEntry. Performing a manipulation results in bu... | 8.8 | HIGH | β | 0 |
| CVE-2025-69219 A user with access to the DB could craft a database entry that would result in executing code on Triggerer - which gives anyone who have access to DB the same permissions as Dag Author. Since direct D... | 8.8 | HIGH | β | 0 |
| CVE-2026-25604 In AWS Auth manager, the origin of the SAML authentication has been used as provided by the client and not verified against the actual instance URL.Β This allowed to gain access to different instances... | 5.4 | MEDIUM | β | 0 |
| CVE-2026-3815 A weakness has been identified in UTT HiPER 810G up to 1.7.7-1711. This affects the function strcpy of the file /goform/formApMail. Executing a manipulation can lead to buffer overflow. It is possible... | 8.8 | HIGH | β | 0 |
| CVE-2025-15576 If two sibling jails are restricted to separate filesystem trees, which is to say that neither of the two jail root directories is an ancestor of the other, jailed processes may nonetheless be able to... | 7.5 | HIGH | β | 0 |
| CVE-2026-26130 Allocation of resources without limits or throttling in ASP.NET Core allows an unauthorized attacker to deny service over a network. | 7.5 | HIGH | β | 0 |
| CVE-2026-3816 A security vulnerability has been detected in OWASP DefectDojo up to 2.55.4. This vulnerability affects the function input_zip.read of the file parser.py of the component SonarQubeParser/MSDefenderPar... | 4.3 | MEDIUM | β | 0 |
| CVE-2025-14558 The rtsol(8) and rtsold(8) programs do not validate the domain search list options provided in router advertisement messages; the option body is passed to resolvconf(8) unmodified. resolvconf(8) is a... | 7.2 | HIGH | β | 0 |
| CVE-2025-14769 In some cases, the `tcp-setmss` handler may free the packet data and throw an error without halting the rule processing engine. A subsequent rule can then allow the traffic after the packet data is g... | 7.5 | HIGH | β | 0 |
| CVE-2025-15547 By default, jailed processes cannot mount filesystems, including nullfs(4). However, the allow.mount.nullfs option enables mounting nullfs filesystems, subject to privilege checks. If a privileged u... | 8.8 | HIGH | β | 0 |
| CVE-2026-2919 Malicious scripts could display attacker-controlled web content under spoofed domains in Focus for iOS by stalling a _self navigation to an invalid port and triggering an iframe redirect, causing the ... | 4.3 | MEDIUM | β | 0 |
| CVE-2026-3817 A vulnerability was detected in SourceCodester Patients Waiting Area Queue Management System 1.0. This issue affects some unknown processing of the file /patient-search.php. The manipulation results i... | 5.3 | MEDIUM | β | 0 |
| CVE-2026-3818 A flaw has been found in Tiandy Easy7 CMS Windows 7.17.0. Impacted is an unknown function of the file /Easy7/apps/WebService/GetDBData.jsp. This manipulation of the argument strTBName causes sql injec... | 7.3 | HIGH | β | 0 |
| CVE-2026-21736 Software installed and run as a non-privileged user may conduct improper GPU system calls to gain write permission to read-only wrapped user-mode memory. This is caused by improper handling of the me... | 4.4 | MEDIUM | β | 0 |
| CVE-2026-2261 Due to a programming error, blocklistd leaks a socket descriptor for each adverse event report it receives. Once a certain number of leaked sockets is reached, blocklistd becomes unable to run the he... | 7.5 | HIGH | β | 0 |
| CVE-2026-3038 The rtsock_msg_buffer() function serializes routing information into a buffer. As a part of this, it copies sockaddr structures into a sockaddr_storage structure on the stack. It assumes that the so... | 7.5 | HIGH | β | 0 |
| CVE-2026-3819 A vulnerability has been found in SourceCodester Resort Reservation System 1.0. The affected element is an unknown function of the file /?page=manage_reservation of the component Reservation Managemen... | 3.5 | LOW | β | 0 |
| CVE-2025-69647 GNU Binutils thru 2.45.1 readelf contains a denial-of-service vulnerability when processing a crafted binary with malformed DWARF loclists data. A logic flaw in the DWARF parsing code can cause readel... | 6.2 | MEDIUM | β | 0 |
| CVE-2025-69648 GNU Binutils thru 2.45.1 readelf contains a denial-of-service vulnerability when processing a crafted binary with malformed DWARF .debug_rnglists data. A logic flaw in the DWARF parsing path causes re... | 6.2 | MEDIUM | β | 0 |
| CVE-2025-70059 An issue pertaining to CWE-400: Uncontrolled Resource Consumption was discovered in YMFE yapi v1.12.0 and allows attackers to cause a denial of service. | 7.5 | HIGH | β | 0 |
| CVE-2025-70238 Stack buffer overflow vulnerability in D-Link DIR-513 v1.10 via the curTime parameter to goform/formSetWAN_Wizard52. | 7.5 | HIGH | β | 0 |
This product uses data from the NVD API but is not endorsed or certified by the NVD.