Skip to content
Toggle Navigation
ISO/IEC 27001
Introducción a ISO 27001
Requisitos Normativos
ISO 27001 – GAP Analysis (Tool)
Concientización
Todos el contenido
Ciberseguridad
Introducción a la ciberseguridad
Defensa de sistemas informáticos
Amenazas y tendencias
Eventos de ciberseguridad
Glosario
Vulnerabilidades CVE
Todos el contenido
Desarrollo seguro (SDLC)
Desarrollo de software seguro
Normativa y Leyes
Leyes de protección de datos
Agencias nacionales de ciberseguridad
Noticias
Contacto
Vulnerabilidades CVE
Vulnerabilidades CVE
drmunozcl
2025-06-04T18:44:58-04:00
Vulnerabilidades CVE
A continuación la lista de las últimas vulnerabilidades publicadas por el instituto NIST:
Severidad:
Todas
NONE
LOW
MEDIUM
HIGH
CRITICAL
UNKNOWN
CVE:
Aplicar
Borrar filtros
CVE ID
Publicado
Severidad
CVSS
Descripción
CVE-2025-39957
2025-10-09
N/A
0.0
In the Linux kernel, the following vulnerability has been resolved: wifi: mac80211: increase scan_ies_len for S1G Currently the S1G capability element is not taken into account for the…
CVE-2025-39956
2025-10-09
N/A
0.0
In the Linux kernel, the following vulnerability has been resolved: igc: don't fail igc_probe() on LED setup error When igc_led_setup() fails, igc_probe() fails and triggers kernel panic in…
CVE-2025-39955
2025-10-09
N/A
0.0
In the Linux kernel, the following vulnerability has been resolved: tcp: Clear tcp_sk(sk)->fastopen_rsk in tcp_disconnect(). syzbot reported the splat below where a socket had tcp_sk(sk)->fastopen_rsk in the TCP_ESTABLISHED…
CVE-2025-39954
2025-10-09
N/A
0.0
In the Linux kernel, the following vulnerability has been resolved: clk: sunxi-ng: mp: Fix dual-divider clock rate readback When dual-divider clock support was introduced, the P divider offset…
CVE-2025-10862
2025-10-09
HIGH
7.5
The Popup builder with Gamification, Multi-Step Popups, Page-Level Targeting, and WooCommerce Triggers plugin for WordPress is vulnerable to SQL Injection in all versions up to, and including, 2.1.3.…
CVE-2025-11539
2025-10-09
CRITICAL
9.9
Grafana Image Renderer is vulnerable to remote code execution due to an arbitrary file write vulnerability. This is due to the fact that the /render/csv endpoint lacked validation of…
CVE-2025-11522
2025-10-09
CRITICAL
9.8
The Search & Go - Directory WordPress Theme theme for WordPress is vulnerable to Authentication Bypass via account takeover in all versions up to, and including, 2.7. This…
CVE-2025-7634
2025-10-09
CRITICAL
9.8
The WP Travel Engine – Tour Booking Plugin – Tour Operator Software plugin for WordPress is vulnerable to Local File Inclusion in all versions up to, and including,…
CVE-2025-7526
2025-10-09
CRITICAL
9.8
The WP Travel Engine – Tour Booking Plugin – Tour Operator Software plugin for WordPress is vulnerable to arbitrary file deletion (via renaming) due to insufficient file path…
CVE-2025-6038
2025-10-09
HIGH
8.8
The Lisfinity Core - Lisfinity Core plugin used for pebas® Lisfinity WordPress theme plugin for WordPress is vulnerable to privilege escalation via password update in all versions up…
CVE-2025-47355
2025-10-09
HIGH
7.8
Memory corruption while invoking remote procedure IOCTL calls.
CVE-2025-47354
2025-10-09
HIGH
7.8
Memory corruption while allocating buffers in DSP service.
CVE-2025-47351
2025-10-09
HIGH
7.8
Memory corruption while processing user buffers.
CVE-2025-47349
2025-10-09
HIGH
7.8
Memory corruption while processing an escape call.
CVE-2025-47347
2025-10-09
HIGH
7.8
Memory corruption while processing control commands in the virtual memory management interface.
CVE-2025-47342
2025-10-09
HIGH
7.1
Transient DOS may occur when multi-profile concurrency arises with QHS enabled.
CVE-2025-47341
2025-10-09
HIGH
7.8
memory corruption while processing an image encoding completion event.
CVE-2025-47340
2025-10-09
HIGH
7.8
Memory corruption while processing IOCTL call to get the mapping.
CVE-2025-47338
2025-10-09
HIGH
7.8
Memory corruption while processing escape commands from userspace.
CVE-2025-27060
2025-10-09
HIGH
8.8
Memory corruption while performing SCM call with malformed inputs.
CVE-2025-27059
2025-10-09
HIGH
8.8
Memory corruption while performing SCM call.
CVE-2025-27054
2025-10-09
HIGH
7.8
Memory corruption while processing a malformed license file during reboot.
CVE-2025-27053
2025-10-09
HIGH
7.8
Memory corruption during PlayReady APP usecase while processing TA commands.
CVE-2025-27049
2025-10-09
MEDIUM
5.5
Transient DOS while processing IOCTL call for image encoding.
CVE-2025-27048
2025-10-09
HIGH
7.8
Memory corruption while processing camera platform driver IOCTL calls.
CVE-2025-27045
2025-10-09
MEDIUM
6.1
Information disclosure while processing batch command execution in Video driver.
CVE-2025-27041
2025-10-09
MEDIUM
5.5
Transient DOS while processing video packets received from video firmware.
CVE-2025-27040
2025-10-09
MEDIUM
6.5
Information disclosure may occur while processing the hypervisor log.
CVE-2025-27039
2025-10-09
MEDIUM
6.6
Memory corruption may occur while processing IOCTL call for DMM/WARPNCC CONFIG request.
CVE-2025-11529
2025-10-09
HIGH
7.3
A security flaw has been discovered in ChurchCRM up to 5.18.0. This impacts the function AuthMiddleware of the file src/ChurchCRM/Slim/Middleware/AuthMiddleware.php of the component API Endpoint. The manipulation results…
CVE-2025-11166
2025-10-09
MEDIUM
5.4
The WP Go Maps (formerly WP Google Maps) plugin for WordPress is vulnerable to Cross-Site Request Forgery (CSRF) in all versions up to, and including, 9.0.46. This is…
CVE-2025-10586
2025-10-09
CRITICAL
9.8
The Community Events plugin for WordPress is vulnerable to SQL Injection via the ‘event_venue’ parameter in all versions up to, and including, 1.5.1 due to insufficient escaping on…
CVE-2025-10496
2025-10-09
HIGH
7.2
The Cookie Notice & Consent plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the uuid parameter in all versions up to, and including, 1.6.5 due to…
CVE-2025-11516
2025-10-09
MEDIUM
6.3
A weakness has been identified in code-projects Online Complaint Site 1.0. Impacted is an unknown function of the file /cms/users/complaint-details.php. Executing manipulation of the argument cid can lead…
CVE-2025-11515
2025-10-09
MEDIUM
6.3
A security flaw has been discovered in code-projects Online Complaint Site 1.0. This issue affects some unknown processing of the file /cms/users/register-complaint.php. Performing manipulation of the argument cid…
CVE-2025-11514
2025-10-09
MEDIUM
6.3
A vulnerability was identified in code-projects Online Complaint Site 1.0. This vulnerability affects unknown code of the file /cms/users/index.php. Such manipulation of the argument Username leads to sql…
CVE-2025-11513
2025-10-09
HIGH
7.3
A vulnerability was determined in code-projects E-Commerce Website 1.0. This affects an unknown part of the file /pages/supplier_update.php. This manipulation of the argument supp_id causes sql injection. The…
CVE-2025-11512
2025-10-09
MEDIUM
4.3
A vulnerability was found in code-projects Voting System 1.0. Affected by this issue is some unknown functionality of the file /admin/voters_add.php. The manipulation of the argument Firstname/Lastname/Platform results…
CVE-2025-61913
2025-10-08
CRITICAL
9.9
Flowise is a drag & drop user interface to build a customized large language model flow. In versions prior to 3.0.8, WriteFileTool and ReadFileTool in Flowise do not…
CVE-2025-11511
2025-10-08
MEDIUM
6.3
A flaw has been found in code-projects E-Commerce Website 1.0. Affected is an unknown function of the file /pages/supplier_add.php. Executing manipulation of the argument supp_email can lead to…
CVE-2025-11509
2025-10-08
MEDIUM
6.3
A vulnerability was detected in code-projects E-Commerce Website 1.0. This impacts an unknown function of the file /pages/product_add.php. Performing manipulation of the argument prod_name results in sql injection.…
CVE-2025-11508
2025-10-08
MEDIUM
4.7
A security vulnerability has been detected in code-projects Voting System 1.0. This affects an unknown function of the file /admin/voters_add.php. Such manipulation of the argument photo leads to…
CVE-2025-11535
2025-10-08
N/A
0.0
MongoDB Connector for BI installation via MSI on Windows leaves ACLs unset on custom install directories allows Privilege Escalation.This issue affects MongoDB Connector for BI: from 2.0.0 through 2.14.24.
CVE-2025-11507
2025-10-08
HIGH
7.3
A weakness has been identified in PHPGurukul Beauty Parlour Management System 1.1. The impacted element is an unknown function of the file /admin/search-invoices.php. This manipulation of the argument…
CVE-2025-11506
2025-10-08
HIGH
7.3
A security flaw has been discovered in PHPGurukul Beauty Parlour Management System 1.1. The affected element is an unknown function of the file /admin/search-appointment.php. The manipulation of the…
CVE-2025-11505
2025-10-08
HIGH
7.3
A vulnerability was identified in PHPGurukul Beauty Parlour Management System 1.1. Impacted is an unknown function of the file /admin/new-appointment.php. The manipulation of the argument delid leads to…
CVE-2017-20202
2025-10-08
N/A
0.0
Web Developer for Chrome v0.4.9 contained malicious code that generated a domain via a DGA and fetched a remote script. The fetched script conditionally loaded follow-on modules that…
CVE-2017-20201
2025-10-08
N/A
0.0
CCleaner v5.33.6162 and CCleaner Cloud v1.07.3191 (32-bit builds) contained a malicious pre-entry-point loader that diverts execution from __scrt_common_main_seh into a custom loader. That loader decodes an embedded blob…
CVE-2025-60311
2025-10-08
HIGH
8.8
ProjectWorlds Gym Management System1.0 is vulnerable to SQL Injection via the "id" parameter in the profile/edit.php page
CVE-2025-11503
2025-10-08
HIGH
7.3
A vulnerability was determined in PHPGurukul Beauty Parlour Management System 1.1. This issue affects some unknown processing of the file /admin/manage-services.php. Executing manipulation of the argument delid can…
« Anterior
Página 100 de 3645
Siguiente »
Page load link
Go to Top
