Skip to content
Toggle Navigation
Home
ISO/IEC 27001
Introducción a ISO 27001
Requisitos Normativos
Todos el contenido
Ciberseguridad
Introducción a la ciberseguridad
Defensa de sistemas informáticos
Eventos de ciberseguridad
Glosario
Todos los artículos
Vulnerabilidades CVE
Normativa y Leyes
Novedades
Contacto
Vulnerabilidades CVE
Vulnerabilidades CVE
drmunozcl
2025-06-04T18:44:58-04:00
Vulnerabilidades CVE
A continuación la lista de las últimas vulnerabilidades publicadas por el instituto NIST:
Filtrar por severidad:
Todas
NONE
LOW
MEDIUM
HIGH
CRITICAL
UNKNOWN
Filtrar
CVE ID
Publicado
Severidad
CVSS
Descripción
CVE-2025-5616
2025-06-04
MEDIUM
6.3
A vulnerability was found in PHPGurukul Online Fire Reporting System 1.2. It has been rated as critical. Affected by this…
CVE-2025-49007
2025-06-04
N/A
0.0
Rack is a modular Ruby web server interface. Starting in version 3.1.0 and prior to version 3.1.16, there is a…
CVE-2025-5690
2025-06-04
MEDIUM
6.5
PostgreSQL Anonymizer v2.0 and v2.1 contain a vulnerability that allows a masked user to bypass the masking rules defined on…
CVE-2025-5615
2025-06-04
MEDIUM
6.3
A vulnerability was found in PHPGurukul Online Fire Reporting System 1.2. It has been declared as critical. Affected by this…
CVE-2025-5614
2025-06-04
MEDIUM
6.3
A vulnerability was found in PHPGurukul Online Fire Reporting System 1.2. It has been classified as critical. Affected is an…
CVE-2025-5613
2025-06-04
MEDIUM
6.3
A vulnerability was found in PHPGurukul Online Fire Reporting System 1.2 and classified as critical. This issue affects some unknown…
CVE-2025-5612
2025-06-04
MEDIUM
6.3
A vulnerability has been found in PHPGurukul Online Fire Reporting System 1.2 and classified as critical. This vulnerability affects unknown…
CVE-2025-5611
2025-06-04
MEDIUM
6.3
A vulnerability, which was classified as critical, was found in CodeAstro Real Estate Management System 1.0. This affects an unknown…
CVE-2025-5610
2025-06-04
MEDIUM
6.3
A vulnerability, which was classified as critical, has been found in CodeAstro Real Estate Management System 1.0. Affected by this…
CVE-2025-48947
2025-06-04
N/A
0.0
The Auth0 Next.js SDK is a library for implementing user authentication in Next.js applications. In Auth0 Next.js SDK versions 4.0.1…
CVE-2025-48951
2025-06-03
N/A
0.0
Auth0-PHP is a PHP SDK for Auth0 Authentication and Management APIs. Versions 8.0.0-BETA3 prior to 8.3.1 contain a vulnerability due…
CVE-2025-46548
2025-06-03
MEDIUM
6.5
If you enable Basic Authentication in Pekko Management using the Java DSL, the authenticator may not be properly applied. Users…
CVE-2025-48881
2025-05-30
HIGH
8.3
Valtimo is a platform for Business Process Automation. In versions starting from 11.0.0.RELEASE to 11.3.3.RELEASE and 12.0.0.RELEASE to 12.12.0.RELEASE, all…
CVE-2025-4353
2025-05-06
MEDIUM
6.3
A vulnerability, which was classified as critical, was found in Brilliance Golden Link Secondary System up to 20250424. Affected is…
CVE-2025-4352
2025-05-06
MEDIUM
6.3
A vulnerability, which was classified as critical, has been found in Brilliance Golden Link Secondary System up to 20250424. This…
CVE-2025-46341
2025-06-04
HIGH
7.1
FreshRSS is a self-hosted RSS feed aggregator. Prior to version 1.26.2, when the server is using HTTP auth via reverse…
CVE-2025-46204
2025-06-04
MEDIUM
6.5
An issue in Unifiedtransform v2.0 allows a remote attacker to escalate privileges via the /course/edit/{id} endpoint.
CVE-2025-46203
2025-06-04
MEDIUM
6.5
An issue in Unifiedtransform v2.0 allows a remote attacker to escalate privileges via the /students/edit/{id} endpoint.
CVE-2025-46011
2025-06-04
MEDIUM
6.5
Listmonk v2.4.0 through v4.1.0 is vulnerable to SQL Injection in the QuerySubscribers function which allows attackers to escalate privileges.
CVE-2025-43924
2025-06-03
MEDIUM
6.1
Cross Site Scripting vulnerability was discovered in Unicom Focal Point 7.6.1. The val parameter in SettingController (for /fp/admin/settings/loginpage) and the…
CVE-2025-43923
2025-06-03
MEDIUM
6.5
An issue was discovered in ReportController in Unicom Focal Point 7.6.1. A user who has administrative privilege in Focal Point…
CVE-2025-31136
2025-06-04
MEDIUM
6.7
FreshRSS is a self-hosted RSS feed aggregator. Prior to version 1.26.2, it's possible to run arbitrary JavaScript on the feeds…
CVE-2025-29093
2025-06-04
HIGH
8.2
File Upload vulnerability in Motivian Content Mangment System v.41.0.0 allows a remote attacker to execute arbitrary code via the Content/Gallery/Images…
CVE-2025-23106
2025-06-04
MEDIUM
6.5
An issue was discovered in Samsung Mobile Processor Exynos 2200, 1480, and 2400. A Use-After-Free in the mobile processor leads…
CVE-2025-23101
2025-06-04
MEDIUM
6.5
An issue was discovered in Samsung Mobile Processor Exynos 1380. A Use-After-Free in the mobile processor leads to privilege escalation.
CVE-2025-23096
2025-06-04
MEDIUM
6.5
An issue was discovered in Samsung Mobile Processor Exynos 1280, 2200, 1380, 1480, 2400. A Double Free in the mobile…
CVE-2025-23095
2025-06-04
MEDIUM
6.5
An issue was discovered in Samsung Mobile Processor Exynos 1280, 2200, 1380, 1480, 2400. A Double Free in the mobile…
CVE-2025-20286
2025-06-04
CRITICAL
9.9
A vulnerability in Amazon Web Services (AWS), Microsoft Azure, and Oracle Cloud Infrastructure (OCI) cloud deployments of Cisco Identity Services…
CVE-2024-11831
2025-02-10
MEDIUM
5.4
A flaw was found in npm-serialize-javascript. The vulnerability occurs because the serialize-javascript module does not properly sanitize certain inputs, such…
CVE-2024-40747
2025-01-07
MEDIUM
6.1
Various module chromes didn't properly process inputs, leading to XSS vectors.
CVE-2024-40748
2025-01-07
HIGH
7.5
Lack of output escaping in the id attribute of menu lists.
CVE-2024-40749
2025-01-07
HIGH
7.5
Improper Access Controls allows access to protected views.
CVE-2025-22204
2025-02-04
CRITICAL
9.8
Improper control of generation of code in the sourcerer extension for Joomla in versions before 11.0.0 lead to a remote…
CVE-2025-22205
2025-02-04
HIGH
7.5
Improper handling of input variables lead to multiple path traversal vulnerabilities in the Admiror Gallery extension for Joomla in version…
CVE-2025-22206
2025-02-04
MEDIUM
4.7
A SQL injection vulnerability in the JS Jobs plugin versions 1.1.5-1.4.2 for Joomla allows authenticated attackers (administrator) to execute arbitrary…
CVE-2025-22208
2025-02-15
MEDIUM
4.7
A SQL injection vulnerability in the JS Jobs plugin versions 1.1.5-1.4.3 for Joomla allows authenticated attackers (administrator) to execute arbitrary…
CVE-2025-22209
2025-02-15
MEDIUM
4.7
A SQL injection vulnerability in the JS Jobs plugin versions 1.1.5-1.4.3 for Joomla allows authenticated attackers (administrator) to execute arbitrary…
CVE-2025-22210
2025-02-25
HIGH
7.2
A SQL injection vulnerability in the Hikashop component versions 3.3.0-5.1.4 for Joomla allows authenticated attackers (administrator) to execute arbitrary SQL…
CVE-2025-25226
2025-04-08
CRITICAL
9.8
Improper handling of identifiers lead to a SQL injection vulnerability in the quoteNameStr method of the database package. Please note:…
CVE-2025-25227
2025-04-08
HIGH
7.5
Insufficient state checks lead to a vector that allows to bypass 2FA checks.
CVE-2024-10144
2025-05-15
MEDIUM
4.8
The Photo Gallery, Images, Slider in Rbs Image Gallery WordPress plugin before 3.2.22 does not sanitise and escape some of…
CVE-2024-10054
2025-05-15
MEDIUM
4.8
The Happyforms WordPress plugin before 1.26.3 does not sanitise and escape some of its settings, which could allow high privilege…
CVE-2024-10107
2025-05-15
MEDIUM
4.8
The Giveaways and Contests by RafflePress WordPress plugin before 1.12.17 does not sanitise and escape some of its settings, which…
CVE-2024-10145
2025-05-15
MEDIUM
4.8
The Hubbub Lite WordPress plugin before 1.34.4 does not sanitise and escape some of its settings, which could allow high…
CVE-2024-10504
2025-05-15
MEDIUM
5.4
The Contact Form, Survey, Quiz & Popup Form Builder WordPress plugin before 1.7.1 does not sanitise and escape some parameters…
CVE-2024-11109
2025-05-15
MEDIUM
4.8
The WP Google Review Slider WordPress plugin before 15.6 does not sanitise and escape some of its settings, which could…
CVE-2024-3996
2025-05-15
MEDIUM
6.1
The Smart Post Show WordPress plugin before 2.4.28 does not sanitise and escape some of its settings, which could allow…
CVE-2025-5609
2025-06-04
HIGH
8.8
A vulnerability classified as critical was found in Tenda AC18 15.03.05.05. Affected by this vulnerability is the function fromadvsetlanip of…
CVE-2025-5608
2025-06-04
HIGH
8.8
A vulnerability classified as critical has been found in Tenda AC18 15.03.05.05. Affected is the function formsetreboottimer of the file…
CVE-2025-5607
2025-06-04
HIGH
8.8
A vulnerability was found in Tenda AC18 15.03.05.05. It has been rated as critical. This issue affects the function formSetPPTPUserList…
« Anterior
Página 11 de 3220
Siguiente »
Page load link
Go to Top
