Vulnerabilidades CVE

A continuación la lista de las últimas vulnerabilidades publicadas por el instituto NIST:

Borrar filtros
CVE ID Publicado Severidad CVSS Descripción
CVE-2025-49731 2025-07-08 LOW 3.1 Improper handling of insufficient permissions or privileges in Microsoft Teams allows an authorized attacker to elevate privileges over a network.
CVE-2025-49730 2025-07-08 HIGH 7.8 Time-of-check time-of-use (toctou) race condition in Microsoft Windows QoS scheduler allows an authorized attacker to elevate privileges locally.
CVE-2025-49729 2025-07-08 HIGH 8.8 Heap-based buffer overflow in Windows Routing and Remote Access Service (RRAS) allows an unauthorized attacker to execute code over a network.
CVE-2025-49727 2025-07-08 HIGH 7.0 Heap-based buffer overflow in Windows Win32K - GRFX allows an authorized attacker to elevate privileges locally.
CVE-2025-49726 2025-07-08 HIGH 7.8 Use after free in Windows Notification allows an authorized attacker to elevate privileges locally.
CVE-2025-49725 2025-07-08 HIGH 7.8 Use after free in Windows Notification allows an authorized attacker to elevate privileges locally.
CVE-2025-49724 2025-07-08 HIGH 8.8 Use after free in Windows Connected Devices Platform Service allows an unauthorized attacker to execute code over a network.
CVE-2025-49723 2025-07-08 HIGH 8.8 Missing authorization in Windows StateRepository API allows an authorized attacker to perform tampering locally.
CVE-2025-49722 2025-07-08 MEDIUM 5.7 Uncontrolled resource consumption in Windows Print Spooler Components allows an authorized attacker to deny service over an adjacent network.
CVE-2025-49721 2025-07-08 HIGH 7.8 Heap-based buffer overflow in Windows Fast FAT Driver allows an unauthorized attacker to elevate privileges locally.
CVE-2025-49719 2025-07-08 HIGH 7.5 Improper input validation in SQL Server allows an unauthorized attacker to disclose information over a network.
CVE-2025-49718 2025-07-08 HIGH 7.5 Use of uninitialized resource in SQL Server allows an unauthorized attacker to disclose information over a network.
CVE-2025-49717 2025-07-08 HIGH 8.5 Heap-based buffer overflow in SQL Server allows an authorized attacker to execute code over a network.
CVE-2025-49716 2025-07-08 MEDIUM 5.9 Uncontrolled resource consumption in Windows Netlogon allows an unauthorized attacker to deny service over a network.
CVE-2025-49714 2025-07-08 HIGH 7.8 Trust boundary violation in Visual Studio Code - Python extension allows an unauthorized attacker to execute code locally.
CVE-2025-49711 2025-07-08 HIGH 7.8 Use after free in Microsoft Office Excel allows an unauthorized attacker to execute code locally.
CVE-2025-49706 2025-07-08 MEDIUM 6.3 Improper authentication in Microsoft Office SharePoint allows an authorized attacker to perform spoofing over a network.
CVE-2025-49705 2025-07-08 HIGH 7.8 Heap-based buffer overflow in Microsoft Office PowerPoint allows an unauthorized attacker to execute code locally.
CVE-2025-49704 2025-07-08 HIGH 8.8 Improper control of generation of code ('code injection') in Microsoft Office SharePoint allows an authorized attacker to execute code over a network.
CVE-2025-49703 2025-07-08 HIGH 7.8 Use after free in Microsoft Office Word allows an unauthorized attacker to execute code locally.
CVE-2025-49702 2025-07-08 HIGH 7.8 Access of resource using incompatible type ('type confusion') in Microsoft Office allows an unauthorized attacker to execute code locally.
CVE-2025-49701 2025-07-08 HIGH 8.8 Improper authorization in Microsoft Office SharePoint allows an authorized attacker to execute code over a network.
CVE-2025-49700 2025-07-08 HIGH 7.8 Use after free in Microsoft Office Word allows an unauthorized attacker to execute code locally.
CVE-2025-49699 2025-07-08 HIGH 7.0 Use after free in Microsoft Office allows an unauthorized attacker to execute code locally.
CVE-2025-49698 2025-07-08 HIGH 7.8 Use after free in Microsoft Office Word allows an unauthorized attacker to execute code locally.
CVE-2025-49697 2025-07-08 HIGH 8.4 Heap-based buffer overflow in Microsoft Office allows an unauthorized attacker to execute code locally.
CVE-2025-49696 2025-07-08 HIGH 8.4 Out-of-bounds read in Microsoft Office allows an unauthorized attacker to execute code locally.
CVE-2025-49695 2025-07-08 HIGH 8.4 Use after free in Microsoft Office allows an unauthorized attacker to execute code locally.
CVE-2025-49694 2025-07-08 HIGH 7.8 Null pointer dereference in Microsoft Brokering File System allows an authorized attacker to elevate privileges locally.
CVE-2025-49693 2025-07-08 HIGH 7.8 Double free in Microsoft Brokering File System allows an authorized attacker to elevate privileges locally.
CVE-2025-49690 2025-07-08 HIGH 7.4 Concurrent execution using shared resource with improper synchronization ('race condition') in Capability Access Management Service (camsvc) allows an unauthorized attacker to elevate privileges locally.
CVE-2025-49689 2025-07-08 HIGH 7.8 Integer overflow or wraparound in Virtual Hard Disk (VHDX) allows an unauthorized attacker to elevate privileges locally.
CVE-2025-49688 2025-07-08 HIGH 8.8 Double free in Windows Routing and Remote Access Service (RRAS) allows an unauthorized attacker to execute code over a network.
CVE-2025-49687 2025-07-08 HIGH 8.8 Out-of-bounds read in Microsoft Input Method Editor (IME) allows an authorized attacker to elevate privileges locally.
CVE-2025-49686 2025-07-08 HIGH 7.8 Null pointer dereference in Windows TCP/IP allows an authorized attacker to elevate privileges locally.
CVE-2025-49685 2025-07-08 HIGH 7.0 Use after free in Microsoft Windows Search Component allows an authorized attacker to elevate privileges locally.
CVE-2025-49684 2025-07-08 MEDIUM 5.5 Buffer over-read in Storage Port Driver allows an authorized attacker to disclose information locally.
CVE-2025-49683 2025-07-08 HIGH 7.8 Integer overflow or wraparound in Virtual Hard Disk (VHDX) allows an unauthorized attacker to execute code locally.
CVE-2025-49682 2025-07-08 HIGH 7.3 Use after free in Windows Media allows an authorized attacker to elevate privileges locally.
CVE-2025-49681 2025-07-08 MEDIUM 6.5 Out-of-bounds read in Windows Routing and Remote Access Service (RRAS) allows an unauthorized attacker to disclose information over a network.
CVE-2025-49680 2025-07-08 HIGH 7.3 Improper link resolution before file access ('link following') in Windows Performance Recorder allows an authorized attacker to deny service locally.
CVE-2025-49679 2025-07-08 HIGH 7.8 Numeric truncation error in Windows Shell allows an authorized attacker to elevate privileges locally.
CVE-2025-49678 2025-07-08 HIGH 7.0 Null pointer dereference in Windows NTFS allows an authorized attacker to elevate privileges locally.
CVE-2025-49677 2025-07-08 HIGH 7.0 Use after free in Microsoft Brokering File System allows an authorized attacker to elevate privileges locally.
CVE-2025-49676 2025-07-08 HIGH 8.8 Heap-based buffer overflow in Windows Routing and Remote Access Service (RRAS) allows an unauthorized attacker to execute code over a network.
CVE-2025-49675 2025-07-08 HIGH 7.8 Use after free in Kernel Streaming WOW Thunk Service Driver allows an authorized attacker to elevate privileges locally.
CVE-2025-49674 2025-07-08 HIGH 8.8 Heap-based buffer overflow in Windows Routing and Remote Access Service (RRAS) allows an unauthorized attacker to execute code over a network.
CVE-2025-49673 2025-07-08 HIGH 8.8 Heap-based buffer overflow in Windows Routing and Remote Access Service (RRAS) allows an unauthorized attacker to execute code over a network.
CVE-2025-49672 2025-07-08 HIGH 8.8 Heap-based buffer overflow in Windows Routing and Remote Access Service (RRAS) allows an unauthorized attacker to execute code over a network.
CVE-2025-49671 2025-07-08 MEDIUM 6.5 Exposure of sensitive information to an unauthorized actor in Windows Routing and Remote Access Service (RRAS) allows an unauthorized attacker to disclose information over a network.
« Anterior Página 1008 de 4307 Siguiente »