Vulnerabilidades CVE

A continuación la lista de las últimas vulnerabilidades publicadas por el instituto NIST:

Borrar filtros
CVE ID Publicado Severidad CVSS Descripción
CVE-2025-30327 2025-06-10 HIGH 7.8 InCopy versions 20.2, 19.5.3 and earlier are affected by an Integer Overflow or Wraparound vulnerability that could result in arbitrary code execution in the context of the current…
CVE-2025-5943 2025-06-10 HIGH 8.8 MicroDicom DICOM Viewer suffers from an out-of-bounds write vulnerability. Remote attackers are able to exploit this issue to potentially execute arbitrary code on affected installations of DICOM Viewer.…
CVE-2025-43588 2025-06-10 HIGH 7.8 Substance3D - Sampler versions 5.0 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user.…
CVE-2025-43581 2025-06-10 HIGH 7.8 Substance3D - Sampler versions 5.0 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user.…
CVE-2025-36580 2025-06-10 MEDIUM 6.1 Dell Wyse Management Suite, versions prior to WMS 5.2, contain an Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability. A high privileged attacker with remote…
CVE-2025-36578 2025-06-10 MEDIUM 6.8 Dell Wyse Management Suite, versions prior to WMS 5.2, contain an Incorrect Authorization vulnerability. A low privileged attacker with remote access could potentially exploit this vulnerability, leading to…
CVE-2025-36577 2025-06-10 MEDIUM 6.1 Dell Wyse Management Suite, versions prior to WMS 5.2, contain an Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability. A high privileged attacker with remote…
CVE-2025-36576 2025-06-10 LOW 2.7 Dell Wyse Management Suite, versions prior to WMS 5.2, contain a Cross-Site Request Forgery (CSRF) vulnerability. A high privileged attacker with remote access could potentially exploit this vulnerability,…
CVE-2025-36575 2025-06-10 HIGH 7.5 Dell Wyse Management Suite, versions prior to WMS 5.2, contain an Exposure of Sensitive Information Through Data Queries vulnerability. An unauthenticated attacker with remote access could potentially exploit…
CVE-2025-36574 2025-06-10 HIGH 8.2 Dell Wyse Management Suite, versions prior to WMS 5.2, contain an Absolute Path Traversal vulnerability. An unauthenticated attacker with remote access could potentially exploit this vulnerability, leading to…
CVE-2025-2474 2025-06-10 CRITICAL 9.8 Out-of-bounds write in the PCX image codec in QNX SDP versions 8.0, 7.1 and 7.0 could allow an unauthenticated attacker to cause a denial-of-service condition or execute code…
CVE-2025-0052 2025-06-10 N/A 0.0 Improper input validation performed during the authentication process of FlashBlade could lead to a system Denial of Service.
CVE-2025-0051 2025-06-10 N/A 0.0 Improper input validation performed during the authentication process of FlashArray could lead to a system Denial of Service.
CVE-2025-5970 2025-06-10 LOW 2.4 A vulnerability was found in PHPGurukul Restaurant Table Booking System 1.0 and classified as problematic. Affected by this issue is some unknown functionality of the file /admin/add-subadmin.php. The…
CVE-2025-5969 2025-06-10 HIGH 8.8 A vulnerability has been found in D-Link DIR-632 FW103B08 and classified as critical. Affected by this vulnerability is the function FUN_00425fd8 of the file /biurl_grou of the component…
CVE-2025-47977 2025-06-10 HIGH 7.6 Improper neutralization of input during web page generation ('cross-site scripting') in Nuance Digital Engagement Platform allows an authorized attacker to perform spoofing over a network.
CVE-2025-47969 2025-06-10 MEDIUM 4.4 Exposure of sensitive information to an unauthorized actor in Windows Hello allows an authorized attacker to disclose information locally.
CVE-2025-47968 2025-06-10 HIGH 7.8 Improper input validation in Microsoft AutoUpdate (MAU) allows an authorized attacker to elevate privileges locally.
CVE-2025-47962 2025-06-10 HIGH 7.8 Improper access control in Windows SDK allows an authorized attacker to elevate privileges locally.
CVE-2025-47957 2025-06-10 HIGH 8.4 Use after free in Microsoft Office Word allows an unauthorized attacker to execute code locally.
CVE-2025-47956 2025-06-10 MEDIUM 5.5 External control of file name or path in Windows Security App allows an authorized attacker to perform spoofing locally.
CVE-2025-47955 2025-06-10 HIGH 7.8 Improper privilege management in Windows Remote Access Connection Manager allows an authorized attacker to elevate privileges locally.
CVE-2025-47953 2025-06-10 HIGH 8.4 Use after free in Microsoft Office allows an unauthorized attacker to execute code locally.
CVE-2025-47175 2025-06-10 HIGH 7.8 Use after free in Microsoft Office PowerPoint allows an unauthorized attacker to execute code locally.
CVE-2025-47174 2025-06-10 HIGH 7.8 Heap-based buffer overflow in Microsoft Office Excel allows an unauthorized attacker to execute code locally.
CVE-2025-47173 2025-06-10 HIGH 7.8 Improper input validation in Microsoft Office allows an unauthorized attacker to execute code locally.
CVE-2025-47172 2025-06-10 HIGH 8.8 Improper neutralization of special elements used in an sql command ('sql injection') in Microsoft Office SharePoint allows an authorized attacker to execute code over a network.
CVE-2025-47171 2025-06-10 MEDIUM 6.7 Improper input validation in Microsoft Office Outlook allows an authorized attacker to execute code locally.
CVE-2025-47170 2025-06-10 HIGH 7.8 Use after free in Microsoft Office Word allows an unauthorized attacker to execute code locally.
CVE-2025-47169 2025-06-10 HIGH 7.8 Heap-based buffer overflow in Microsoft Office Word allows an unauthorized attacker to execute code locally.
CVE-2025-47168 2025-06-10 HIGH 7.8 Use after free in Microsoft Office Word allows an unauthorized attacker to execute code locally.
CVE-2025-47167 2025-06-10 HIGH 8.4 Access of resource using incompatible type ('type confusion') in Microsoft Office allows an unauthorized attacker to execute code locally.
CVE-2025-47166 2025-06-10 HIGH 8.8 Deserialization of untrusted data in Microsoft Office SharePoint allows an authorized attacker to execute code over a network.
CVE-2025-47165 2025-06-10 HIGH 7.8 Use after free in Microsoft Office Excel allows an unauthorized attacker to execute code locally.
CVE-2025-47164 2025-06-10 HIGH 8.4 Use after free in Microsoft Office allows an unauthorized attacker to execute code locally.
CVE-2025-47163 2025-06-10 HIGH 8.8 Deserialization of untrusted data in Microsoft Office SharePoint allows an authorized attacker to execute code over a network.
CVE-2025-47162 2025-06-10 HIGH 8.4 Heap-based buffer overflow in Microsoft Office allows an unauthorized attacker to execute code locally.
CVE-2025-47160 2025-06-10 MEDIUM 5.4 Protection mechanism failure in Windows Shell allows an unauthorized attacker to bypass a security feature over a network.
CVE-2025-47108 2025-06-10 HIGH 7.8 Substance3D - Painter versions 11.0.1 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user.…
CVE-2025-47106 2025-06-10 MEDIUM 5.5 InDesign Desktop versions ID20.2, ID19.5.3 and earlier are affected by a Use After Free vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this…
CVE-2025-47105 2025-06-10 MEDIUM 5.5 InDesign Desktop versions ID20.2, ID19.5.3 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability…
CVE-2025-47104 2025-06-10 MEDIUM 5.5 InDesign Desktop versions ID20.2, ID19.5.3 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability…
CVE-2025-43593 2025-06-10 HIGH 7.8 InDesign Desktop versions ID20.2, ID19.5.3 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user.…
CVE-2025-43590 2025-06-10 HIGH 7.8 InDesign Desktop versions ID20.2, ID19.5.3 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user.…
CVE-2025-43589 2025-06-10 HIGH 7.8 InDesign Desktop versions ID20.2, ID19.5.3 and earlier are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current…
CVE-2025-43558 2025-06-10 HIGH 7.8 InDesign Desktop versions ID20.2, ID19.5.3 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user.…
CVE-2025-33112 2025-06-10 HIGH 8.4 IBM AIX 7.3 and IBM VIOS 4.1.1 Perl implementation could allow a non-privileged local user to exploit a vulnerability to execute arbitrary code due to improper neutralization of…
CVE-2025-33075 2025-06-10 HIGH 7.8 Improper link resolution before file access ('link following') in Windows Installer allows an authorized attacker to elevate privileges locally.
CVE-2025-33073 2025-06-10 HIGH 8.8 Improper access control in Windows SMB allows an authorized attacker to elevate privileges over a network.
CVE-2025-33071 2025-06-10 HIGH 8.1 Use after free in Windows KDC Proxy Service (KPSSVC) allows an unauthorized attacker to execute code over a network.
« Anterior Página 1081 de 4308 Siguiente »