Skip to content
Toggle Navigation
Kit ISO 27001
Ingeniería y Consultoría
Recursos
ISO 27001
ISO 27001 – GAP Analysis Tool
Ciberseguridad
Vulnerabilidades CVE
Blog
Contacto
Obtener el Toolkit
Toggle Navigation
Kit ISO 27001
Ingeniería y Consultoría
Recursos
ISO 27001
ISO 27001 – GAP Analysis Tool
Ciberseguridad
Vulnerabilidades CVE
Blog
Contacto
Obtener el Toolkit
Vulnerabilidades CVE
Vulnerabilidades CVE
drmunozcl
2025-06-04T18:44:58-04:00
Vulnerabilidades CVE
A continuación la lista de las últimas vulnerabilidades publicadas por el instituto NIST:
Severidad:
Todas
NONE
LOW
MEDIUM
HIGH
CRITICAL
UNKNOWN
CVE:
Aplicar
Borrar filtros
CVE ID
Publicado
Severidad
CVSS
Descripción
CVE-2025-5463
2025-07-08
MEDIUM
5.5
Insertion of sensitive information into a log file in Ivanti Connect Secure before version 22.7R2.8 and Ivanti Policy Secure before version 22.7R1.5 allows a local authenticated attacker to…
CVE-2025-5451
2025-07-08
MEDIUM
4.9
A stack-based buffer overflow in Ivanti Connect Secure before version 22.7R2.8 and Ivanti Policy Secure before version 22.7R1.5 allows a remote authenticated attacker with admin rights to trigger…
CVE-2025-5450
2025-07-08
MEDIUM
6.3
Improper access control in the certificate management component of Ivanti Connect Secure before version 22.7R2.8 and Ivanti Policy Secure before version 22.7R1.5 allows a remote authenticated admin with…
CVE-2025-53545
2025-07-08
N/A
0.0
Press, a Frappe custom app that runs Frappe Cloud, manages infrastructure, subscription, marketplace, and software-as-a-service (SaaS). Users can circumvent 2FA login for users due to a lack of…
CVE-2025-53372
2025-07-08
HIGH
7.5
node-code-sandbox-mcp is a Node.js–based Model Context Protocol server that spins up disposable Docker containers to execute arbitrary JavaScript. Prior to 1.3.0, a command injection vulnerability exists in the…
CVE-2025-3630
2025-07-08
MEDIUM
6.4
IBM Sterling B2B Integrator 6.0.0.0 through 6.1.2.6, 6.2.0.0 through 6.2.0.4, IBM Sterling File Gateway 6.0.0.0 through 6.1.2.6, and 6.2.0.0 through 6.2.0.4 is vulnerable to stored cross-site scripting. This…
CVE-2025-36600
2025-07-08
HIGH
8.2
Dell Client Platform BIOS contains an Improper Access Control Applied to Mirrored or Aliased Memory Regions vulnerability in an externally developed component. A high privileged attacker with local…
CVE-2025-2827
2025-07-08
MEDIUM
4.3
IBM Sterling File Gateway 6.0.0.0 through 6.1.2.6, and 6.2.0.0 through 6.2.0.4 could disclose sensitive installation directory information to an authenticated user that could be used in further attacks…
CVE-2025-2793
2025-07-08
MEDIUM
5.4
IBM Sterling B2B Integrator 6.0.0.0 through 6.1.2.6, 6.2.0.0 through 6.2.0.4, IBM Sterling File Gateway 6.0.0.0 through 6.1.2.6, and 6.2.0.0 through 6.2.0.4 is vulnerable to cross-site scripting. This vulnerability…
CVE-2025-24474
2025-07-08
LOW
2.7
An Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability [CWE-89] in FortiManager 7.6.0 through 7.6.1, 7.4.0 through 7.4.6, 7.2 all versions, 7.0 all…
CVE-2024-55599
2025-07-08
MEDIUM
5.3
An Improperly Implemented Security Check for Standard vulnerability [CWE-358] in FortiOS version 7.6.0, version 7.4.7 and below, 7.0 all versions, 6.4 all versions and FortiProxy version 7.6.1 and…
CVE-2024-52965
2025-07-08
HIGH
7.2
A missing critical step in authentication vulnerability [CWE-304] in Fortinet FortiOS version 7.6.0 through 7.6.1, 7.4.0 through 7.4.5, 7.2.0 through 7.2.10, and before 7.0.16 & FortiProxy version 7.6.0…
CVE-2025-50130
2025-07-08
HIGH
7.8
A heap-based buffer overflow vulnerability exists in VS6Sim.exe contained in V-SFT and TELLUS provided by FUJI ELECTRIC CO., LTD. Opening V9 files or X1 files specially crafted by…
CVE-2025-27061
2025-07-08
HIGH
7.8
Memory corruption whhile handling the subsystem failure memory during the parsing of video packets received from the video firmware.
CVE-2025-27058
2025-07-08
HIGH
7.8
Memory corruption while processing packet data with exceedingly large packet.
CVE-2025-27057
2025-07-08
HIGH
7.5
Transient DOS while handling beacon frames with invalid IE header length.
CVE-2025-27056
2025-07-08
HIGH
7.8
Memory corruption during sub-system restart while processing clean-up to free up resources.
CVE-2025-27055
2025-07-08
HIGH
7.8
Memory corruption during the image encoding process.
CVE-2025-27052
2025-07-08
HIGH
7.8
Memory corruption while processing data packets in diag received from Unix clients.
CVE-2025-27051
2025-07-08
HIGH
7.8
Memory corruption while processing command message in WLAN Host.
CVE-2025-27050
2025-07-08
HIGH
7.8
Memory corruption while processing event close when client process terminates abruptly.
CVE-2025-27047
2025-07-08
HIGH
7.8
Memory corruption while processing the TESTPATTERNCONFIG escape path.
CVE-2025-27046
2025-07-08
HIGH
7.8
Memory corruption while processing multiple simultaneous escape calls.
CVE-2025-27044
2025-07-08
HIGH
7.8
Memory corruption while executing timestamp video decode command with large input values.
CVE-2025-27043
2025-07-08
HIGH
7.8
Memory corruption while processing manipulated payload in video firmware.
CVE-2025-27042
2025-07-08
HIGH
7.8
Memory corruption while processing video packets received from video firmware.
CVE-2025-21466
2025-07-08
HIGH
7.8
Memory corruption while processing a private escape command in an event trigger.
CVE-2025-21454
2025-07-08
HIGH
7.5
Transient DOS while processing received beacon frame.
CVE-2025-21450
2025-07-08
CRITICAL
9.1
Cryptographic issue occurs due to use of insecure connection method while downloading.
CVE-2025-21449
2025-07-08
HIGH
7.5
Transient DOS may occur while processing malformed length field in SSID IEs.
CVE-2025-21446
2025-07-08
HIGH
7.5
Transient DOS may occur when processing vendor-specific information elements while parsing a WLAN frame for BTM requests.
CVE-2025-21445
2025-07-08
HIGH
7.8
Memory corruption while copying the result to the transmission queue which is shared between the virtual machine and the host.
CVE-2025-21444
2025-07-08
HIGH
7.8
Memory corruption while copying the result to the transmission queue in EMAC.
CVE-2025-21433
2025-07-08
MEDIUM
6.2
Transient DOS when importing a PKCS#8-encoded RSA private key with a zero-sized modulus.
CVE-2025-21432
2025-07-08
HIGH
7.8
Memory corruption while retrieving the CBOR data from TA.
CVE-2025-21427
2025-07-08
HIGH
8.2
Information disclosure while decoding this RTP packet Payload when UE receives the RTP packet from the network.
CVE-2025-21426
2025-07-08
MEDIUM
6.6
Memory corruption while processing camera TPG write request.
CVE-2025-21422
2025-07-08
HIGH
7.1
Cryptographic issue while processing crypto API calls, missing checks may lead to corrupted key usage or IV reuses.
CVE-2024-53009
2025-07-08
MEDIUM
5.3
Memory corruption while operating the mailbox in Automotive.
CVE-2025-40721
2025-07-08
N/A
0.0
Reflected Cross-site Scripting (XSS) vulnerability in versions prior to 4.7.0 of Quiter Gateway by Quiter. This vulnerability allows an attacker to execute JavaScript code in the victim's browser…
CVE-2025-40720
2025-07-08
N/A
0.0
Reflected Cross-site Scripting (XSS) vulnerability in versions prior to 4.7.0 of Quiter Gateway by Quiter. This vulnerability allows an attacker to execute JavaScript code in the victim's browser…
CVE-2025-40719
2025-07-08
N/A
0.0
Reflected Cross-site Scripting (XSS) vulnerability in versions prior to 4.7.0 of Quiter Gateway by Quiter. This vulnerability allows an attacker to execute JavaScript code in the victim's browser…
CVE-2025-40718
2025-07-08
N/A
0.0
Improper error handling vulnerability in versions prior to 4.7.0 of Quiter Gateway by Quiter. This vulnerability allows an attacker to send malformed payloads to generate error messages containing…
CVE-2025-40717
2025-07-08
N/A
0.0
SQL injection vulnerability in versions prior to 4.7.0 of Quiter Gateway by Quiter. This vulnerability allows an attacker to retrieve, create, update and delete databases through the pagina.filter.categoria mensaje…
CVE-2025-40716
2025-07-08
N/A
0.0
SQL injection vulnerability in versions prior to 4.7.0 of Quiter Gateway by Quiter. This vulnerability allows an attacker to retrieve, create, update and delete databases through the suceso.contenido mensaje…
CVE-2025-40715
2025-07-08
N/A
0.0
SQL injection vulnerability in versions prior to 4.7.0 of Quiter Gateway by Quiter. This vulnerability allows an attacker to retrieve, create, update and delete databases through the campo…
CVE-2025-40714
2025-07-08
N/A
0.0
SQL injection vulnerability in versions prior to 4.7.0 of Quiter Gateway by Quiter. This vulnerability allows an attacker to retrieve, create, update and delete databases through the campo…
CVE-2025-40713
2025-07-08
N/A
0.0
SQL injection vulnerability in versions prior to 4.7.0 of Quiter Gateway by Quiter. This vulnerability allows an attacker to retrieve, create, update and delete databases through the campo…
CVE-2025-40712
2025-07-08
N/A
0.0
SQL injection vulnerability in versions prior to 4.7.0 of Quiter Gateway by Quiter. This vulnerability allows an attacker to retrieve, create, update and delete databases through the id_concesion…
CVE-2025-40711
2025-07-08
N/A
0.0
SQL injection vulnerability in versions prior to 4.7.0 of Quiter Gateway by Quiter. This vulnerability allows an attacker to retrieve, create, update and delete databases through the id_concesion…
« Anterior
Página 1011 de 4307
Siguiente »
Page load link
Go to Top
