Vulnerabilidades CVE
Base de dados CVE enriquecida com CISA KEV e NVD
| CVE ID | CVSS | Severidade | KEV | Avistamentos |
|---|---|---|---|---|
| CVE-2017-12897 The ISO CLNS parser in tcpdump before 4.9.2 has a buffer over-read in print-isoclns.c:isoclns_print(). | 9.8 | CRITICAL | — | 0 |
| CVE-2024-49369 Icinga is a monitoring system which checks the availability of network resources, notifies users of outages, and generates performance data for reporting. The TLS certificate validation in all Icinga ... | 9.8 | CRITICAL | — | 0 |
| CVE-2025-12870 The a+HRD developed by aEnrich has an Authentication Abuse vulnerability, allowing unauthenticated remote attackers to send crafted packets to obtain administrator access tokens and use them to access... | 9.8 | CRITICAL | — | 0 |
| CVE-2024-45656 IBM Flexible Service Processor (FSP) FW860.00 through FW860.B3, FW950.00 through FW950.C0, FW1030.00 through FW1030.61, FW1050.00 through FW1050.21, and FW1060.00 through FW1060.10 has static credenti... | 9.8 | CRITICAL | — | 0 |
| CVE-2024-9486 A security issue was discovered in the Kubernetes Image Builder versions <= v0.1.37 where default credentials are enabled during the image build process. Virtual machine images built using the Proxmox... | 9.8 | CRITICAL | — | 0 |
| CVE-2022-36544 Edoc-doctor-appointment-system v1.0.1 was discovered to contain a SQL injection vulnerability via the id parameter at /patient/booking.php. | 9.8 | CRITICAL | — | 0 |
| CVE-2017-12899 The DECnet parser in tcpdump before 4.9.2 has a buffer over-read in print-decnet.c:decnet_print(). | 9.8 | CRITICAL | — | 0 |
| CVE-2017-12901 The EIGRP parser in tcpdump before 4.9.2 has a buffer over-read in print-eigrp.c:eigrp_print(). | 9.8 | CRITICAL | — | 0 |
| CVE-2017-12902 The Zephyr parser in tcpdump before 4.9.2 has a buffer over-read in print-zephyr.c, several functions. | 9.8 | CRITICAL | — | 0 |
| CVE-2017-12985 The IPv6 parser in tcpdump before 4.9.2 has a buffer over-read in print-ip6.c:ip6_print(). | 9.8 | CRITICAL | — | 0 |
| CVE-2017-12990 The ISAKMP parser in tcpdump before 4.9.2 could enter an infinite loop due to bugs in print-isakmp.c, several functions. | 9.8 | CRITICAL | — | 0 |
| CVE-2017-12992 The RIPng parser in tcpdump before 4.9.2 has a buffer over-read in print-ripng.c:ripng_print(). | 9.8 | CRITICAL | — | 0 |
| CVE-2024-37870 SQL injection vulnerability in processscore.php in Learning Management System Project In PHP With Source Code 1.0 allows attackers to execute arbitrary SQL commands via the id parameter. | 9.8 | CRITICAL | — | 0 |
| CVE-2017-12993 The Juniper protocols parser in tcpdump before 4.9.2 has a buffer over-read in print-juniper.c, several functions. | 9.8 | CRITICAL | — | 0 |
| CVE-2017-12994 The BGP parser in tcpdump before 4.9.2 has a buffer over-read in print-bgp.c:bgp_attr_print(). | 9.8 | CRITICAL | — | 0 |
| CVE-2017-12995 The DNS parser in tcpdump before 4.9.2 could enter an infinite loop due to a bug in print-domain.c:ns_print(). | 9.8 | CRITICAL | — | 0 |
| CVE-2017-12996 The PIMv2 parser in tcpdump before 4.9.2 has a buffer over-read in print-pim.c:pimv2_print(). | 9.8 | CRITICAL | — | 0 |
| CVE-2017-12997 The LLDP parser in tcpdump before 4.9.2 could enter an infinite loop due to a bug in print-lldp.c:lldp_private_8021_print(). | 9.8 | CRITICAL | — | 0 |
| CVE-2017-13000 The IEEE 802.15.4 parser in tcpdump before 4.9.2 has a buffer over-read in print-802_15_4.c:ieee802_15_4_if_print(). | 9.8 | CRITICAL | — | 0 |
| CVE-2017-13001 The NFS parser in tcpdump before 4.9.2 has a buffer over-read in print-nfs.c:nfs_printfh(). | 9.8 | CRITICAL | — | 0 |
| CVE-2017-13002 The AODV parser in tcpdump before 4.9.2 has a buffer over-read in print-aodv.c:aodv_extension(). | 9.8 | CRITICAL | — | 0 |
| CVE-2017-13006 The L2TP parser in tcpdump before 4.9.2 has a buffer over-read in print-l2tp.c, several functions. | 9.8 | CRITICAL | — | 0 |
| CVE-2017-13010 The BEEP parser in tcpdump before 4.9.2 has a buffer over-read in print-beep.c:l_strnstart(). | 9.8 | CRITICAL | — | 0 |
| CVE-2025-11170 The WP移行専用プラグイン for CPI plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the Cpiwm_Import_Controller::import function in all versions up to, and incl... | 9.8 | CRITICAL | — | 0 |
| CVE-2017-13013 The ARP parser in tcpdump before 4.9.2 has a buffer over-read in print-arp.c, several functions. | 9.8 | CRITICAL | — | 0 |
| CVE-2025-54074 Cherry Studio is a desktop client that supports for multiple LLM providers. From versions 1.2.5 to 1.5.1, Cherry Studio is vulnerable to OS Command Injection during a connection with a malicious MCP s... | 9.8 | CRITICAL | — | 0 |
| CVE-2025-10547 An uninitialized variable in the HTTP CGI request arguments processing component of Vigor Routers running DrayOS may allow an attacker the ability to perform RCE on the appliance through memory corrup... | 9.8 | CRITICAL | — | 0 |
| CVE-2017-13014 The White Board protocol parser in tcpdump before 4.9.2 has a buffer over-read in print-wb.c:wb_prep(), several functions. | 9.8 | CRITICAL | — | 0 |
| CVE-2025-2474 Out-of-bounds write in the PCX image codec in QNX SDP versions 8.0, 7.1 and 7.0 could allow an unauthenticated attacker to cause a denial-of-service condition or execute code in the context of the pro... | 9.8 | CRITICAL | — | 0 |
| CVE-2017-13015 The EAP parser in tcpdump before 4.9.2 has a buffer over-read in print-eap.c:eap_print(). | 9.8 | CRITICAL | — | 0 |
| CVE-2023-48194 Vulnerability in Tenda AC8v4 .V16.03.34.09 due to sscanf and the last digit of s8 being overwritten with \x0. After executing set_client_qos, control over the gp register can be obtained. | 9.8 | CRITICAL | — | 0 |
| CVE-2017-13016 The ISO ES-IS parser in tcpdump before 4.9.2 has a buffer over-read in print-isoclns.c:esis_print(). | 9.8 | CRITICAL | — | 0 |
| CVE-2017-13017 The DHCPv6 parser in tcpdump before 4.9.2 has a buffer over-read in print-dhcp6.c:dhcp6opt_print(). | 9.8 | CRITICAL | — | 0 |
| CVE-2017-13019 The PGM parser in tcpdump before 4.9.2 has a buffer over-read in print-pgm.c:pgm_print(). | 9.8 | CRITICAL | — | 0 |
| CVE-2024-32640 MASA CMS is an Enterprise Content Management platform based on open source technology. Versions prior to 7.4.5, 7.3.12, and 7.2.7 contain a SQL injection vulnerability in the `processAsyncObject` meth... | 9.8 | CRITICAL | — | 0 |
| CVE-2024-12847 NETGEAR DGN1000 before 1.1.00.48 is vulnerable to an authentication bypass vulnerability. A remote and unauthenticated attacker can execute arbitrary operating system commands as root by sending craft... | 9.8 | CRITICAL | — | 0 |
| CVE-2017-13020 The VTP parser in tcpdump before 4.9.2 has a buffer over-read in print-vtp.c:vtp_print(). | 9.8 | CRITICAL | — | 0 |
| CVE-2017-13021 The ICMPv6 parser in tcpdump before 4.9.2 has a buffer over-read in print-icmp6.c:icmp6_print(). | 9.8 | CRITICAL | — | 0 |
| CVE-2017-13022 The IP parser in tcpdump before 4.9.2 has a buffer over-read in print-ip.c:ip_printroute(). | 9.8 | CRITICAL | — | 0 |
| CVE-2017-13024 The IPv6 mobility parser in tcpdump before 4.9.2 has a buffer over-read in print-mobility.c:mobility_opt_print(). | 9.8 | CRITICAL | — | 0 |
| CVE-2017-13025 The IPv6 mobility parser in tcpdump before 4.9.2 has a buffer over-read in print-mobility.c:mobility_opt_print(). | 9.8 | CRITICAL | — | 0 |
| CVE-2017-13027 The LLDP parser in tcpdump before 4.9.2 has a buffer over-read in print-lldp.c:lldp_mgmt_addr_tlv_print(). | 9.8 | CRITICAL | — | 0 |
| CVE-2017-13028 The BOOTP parser in tcpdump before 4.9.2 has a buffer over-read in print-bootp.c:bootp_print(). | 9.8 | CRITICAL | — | 0 |
| CVE-2021-41659 SQL injection vulnerability in Sourcecodester Banking System v1 by oretnom23, allows attackers to execute arbitrary SQL commands via the username or password field. | 9.8 | CRITICAL | — | 0 |
| CVE-2022-26645 A remote code execution (RCE) vulnerability in Online Banking System Protect v1.0 allows attackers to execute arbitrary code via a crafted PHP file uploaded through the Upload Image function. | 9.8 | CRITICAL | — | 0 |
| CVE-2017-13031 The IPv6 fragmentation header parser in tcpdump before 4.9.2 has a buffer over-read in print-frag6.c:frag6_print(). | 9.8 | CRITICAL | — | 0 |
| CVE-2022-26646 Online Banking System Protect v1.0 was discovered to contain a local file inclusion (LFI) vulnerability via the pages parameter. | 9.8 | CRITICAL | — | 0 |
| CVE-2024-44659 PHPGurukul Online Shopping Portal 2.0 is vulnerable to SQL Injection via the email parameter in forgot-password.php. | 9.8 | CRITICAL | — | 0 |
| CVE-2021-20232 A flaw was found in gnutls. A use after free issue in client_send_params in lib/ext/pre_shared_key.c may lead to memory corruption and other potential consequences. | 9.8 | CRITICAL | — | 0 |
| CVE-2022-29873 A vulnerability has been identified in SICAM T (All versions < V3.0). Affected devices do not properly validate parameters of certain GET and POST requests. This could allow an unauthenticated attacke... | 9.8 | CRITICAL | — | 0 |
This product uses data from the NVD API but is not endorsed or certified by the NVD.