Skip to content
Toggle Navigation
Kit ISO 27001
Ingeniería y Consultoría
Recursos
ISO 27001
ISO 27001 – GAP Analysis Tool
Ciberseguridad
Vulnerabilidades CVE
Blog
Contacto
Obtener el Toolkit
Toggle Navigation
Kit ISO 27001
Ingeniería y Consultoría
Recursos
ISO 27001
ISO 27001 – GAP Analysis Tool
Ciberseguridad
Vulnerabilidades CVE
Blog
Contacto
Obtener el Toolkit
Vulnerabilidades CVE
Vulnerabilidades CVE
drmunozcl
2025-06-04T18:44:58-04:00
Vulnerabilidades CVE
A continuación la lista de las últimas vulnerabilidades publicadas por el instituto NIST:
Severidad:
Todas
NONE
LOW
MEDIUM
HIGH
CRITICAL
UNKNOWN
CVE:
Aplicar
Borrar filtros
CVE ID
Publicado
Severidad
CVSS
Descripción
CVE-2025-47497
2025-05-07
MEDIUM
6.5
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in themepoints Logo Showcase allows DOM-Based XSS. This issue affects Logo Showcase: from n/a through 3.0.4.
CVE-2020-15187
2020-09-17
LOW
3.0
In Helm before versions 2.16.11 and 3.3.2, a Helm plugin can contain duplicates of the same entry, with the last one always used. If a plugin is compromised,…
CVE-2025-30224
2025-04-01
N/A
0.0
MyDumper is a MySQL Logical Backup Tool. The MySQL C client library (libmysqlclient) allows authenticated remote actors to read arbitrary files from client systems via a crafted server…
CVE-2025-39349
2025-05-19
CRITICAL
9.8
Deserialization of Untrusted Data vulnerability in Potenzaglobalsolutions CiyaShop allows Object Injection.This issue affects CiyaShop: from n/a through 4.18.0.
CVE-2025-39348
2025-05-19
CRITICAL
9.8
Deserialization of Untrusted Data vulnerability in ThemeGoods Grand Restaurant WordPress allows Object Injection.This issue affects Grand Restaurant WordPress: from n/a through 7.0.
CVE-2022-34715
2022-08-09
CRITICAL
9.8
Windows Network File System Remote Code Execution Vulnerability
CVE-2022-34714
2022-08-09
HIGH
8.1
Windows Secure Socket Tunneling Protocol (SSTP) Remote Code Execution Vulnerability
CVE-2022-34712
2022-08-09
MEDIUM
5.5
Windows Defender Credential Guard Information Disclosure Vulnerability
CVE-2022-34710
2022-08-09
MEDIUM
5.5
Windows Defender Credential Guard Information Disclosure Vulnerability
CVE-2022-34709
2022-08-09
MEDIUM
6.0
Windows Defender Credential Guard Security Feature Bypass Vulnerability
CVE-2022-34708
2022-08-09
MEDIUM
5.5
Windows Kernel Information Disclosure Vulnerability
CVE-2025-32928
2025-05-19
CRITICAL
9.8
Deserialization of Untrusted Data vulnerability in ThemeGoods Altair allows Object Injection.This issue affects Altair: from n/a through 5.2.2.
CVE-2025-32927
2025-05-19
CRITICAL
9.8
Deserialization of Untrusted Data vulnerability in Chimpstudio FoodBakery allows Object Injection.This issue affects FoodBakery: from n/a through 3.3.
CVE-2025-48256
2025-05-19
MEDIUM
6.5
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Xylus Themes Import Social Events allows Stored XSS. This issue affects Import Social Events: from n/a…
CVE-2025-48255
2025-05-19
MEDIUM
4.3
Cross-Site Request Forgery (CSRF) vulnerability in videowhisper Broadcast Live Video – Live Streaming : WebRTC, HLS, RTSP, RTMP allows Cross Site Request Forgery. This issue affects Broadcast Live…
CVE-2025-48254
2025-05-19
MEDIUM
6.5
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in WPFactory Change Add to Cart Button Text for WooCommerce allows Stored XSS. This issue affects Change…
CVE-2025-48253
2025-05-19
MEDIUM
6.5
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in WPFactory Free Shipping Bar: Amount Left for Free Shipping for WooCommerce allows Stored XSS. This issue…
CVE-2023-48324
2024-12-09
MEDIUM
5.4
Missing Authorization vulnerability in Awesome Support Team Awesome Support allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Awesome Support: from n/a through 6.1.4.
CVE-2023-49757
2024-12-09
MEDIUM
5.4
Missing Authorization vulnerability in Awesome Support Team Awesome Support allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Awesome Support: from n/a through 6.1.10.
CVE-2023-49857
2024-12-09
MEDIUM
6.5
Missing Authorization vulnerability in Awesome Support Team Awesome Support allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Awesome Support: from n/a through 6.1.7.
CVE-2023-51356
2024-05-17
HIGH
8.8
Improper Privilege Management vulnerability in Repute Infosystems ARMember allows Privilege Escalation.This issue affects ARMember: from n/a through 4.0.10.
CVE-2023-47837
2024-06-04
HIGH
8.3
Improper Privilege Management vulnerability in Repute Infosystems ARMember allows Privilege Escalation.This issue affects ARMember: from n/a through 4.0.10.
CVE-2023-45760
2025-01-02
MEDIUM
4.3
Missing Authorization vulnerability in gVectors Team wpDiscuz allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects wpDiscuz: from n/a through 7.6.3.
CVE-2024-30222
2024-03-28
HIGH
8.5
Deserialization of Untrusted Data vulnerability in Repute Infosystems ARMember.This issue affects ARMember: from n/a through 4.0.26.
CVE-2024-30223
2024-03-28
CRITICAL
9.0
Deserialization of Untrusted Data vulnerability in Repute Infosystems ARMember.This issue affects ARMember: from n/a through 4.0.26.
CVE-2024-35283
2024-05-29
MEDIUM
6.1
A vulnerability in the Ignite component of Mitel MiContact Center Business through 10.0.0.4 could allow an unauthenticated attacker to conduct a stored cross-site scripting (XSS) attack due to…
CVE-2024-35284
2024-05-29
MEDIUM
5.4
A vulnerability in the legacy chat component of Mitel MiContact Center Business through 10.0.0.4 could allow an unauthenticated attacker to conduct a reflected cross-site scripting (XSS) attack due…
CVE-2024-36042
2024-06-03
CRITICAL
9.8
Silverpeas before 6.3.5 allows authentication bypass by omitting the Password field to AuthenticationServlet, often providing an unauthenticated user with superadmin access.
CVE-2024-4180
2024-06-04
CRITICAL
9.1
The Events Calendar WordPress plugin before 6.4.0.1 does not properly sanitize user-submitted content when rendering some views via AJAX.
CVE-2024-4274
2024-06-04
MEDIUM
4.3
The Essential Real Estate plugin for WordPress is vulnerable to unauthorized loss of data due to insufficient validation on the remove_property_attachment_ajax() function in all versions up to, and…
CVE-2023-46310
2024-06-04
MEDIUM
5.3
Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS) vulnerability in gVectors Team wpDiscuz allows Code Injection.This issue affects wpDiscuz: from n/a through 7.6.10.
CVE-2024-4273
2024-06-04
MEDIUM
6.4
The Essential Real Estate plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'ere_property_map' shortcode in all versions up to, and including, 4.4.2 due to…
CVE-2023-51667
2024-06-04
MEDIUM
5.3
Authentication Bypass by Spoofing vulnerability in FeedbackWP Rate my Post – WP Rating System allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Rate my Post –…
CVE-2024-32715
2024-06-09
MEDIUM
5.3
Missing Authorization vulnerability in Olive Themes Olive One Click Demo Import.This issue affects Olive One Click Demo Import: from n/a through 1.1.1.
CVE-2024-36302
2024-06-10
HIGH
7.8
An origin validation vulnerability in the Trend Micro Apex One security agent could allow a local attacker to escalate privileges on affected installations. Please note: an attacker must…
CVE-2023-46309
2025-01-02
MEDIUM
5.3
Missing Authorization vulnerability in gVectors Team wpDiscuz allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects wpDiscuz: from n/a through 7.6.10.
CVE-2022-35772
2022-08-09
HIGH
7.2
Azure Site Recovery Remote Code Execution Vulnerability
CVE-2022-35771
2022-08-09
HIGH
7.8
Windows Defender Credential Guard Elevation of Privilege Vulnerability
CVE-2022-35769
2022-08-09
HIGH
7.5
Windows Point-to-Point Protocol (PPP) Denial of Service Vulnerability
CVE-2022-35768
2022-08-09
HIGH
7.8
Windows Kernel Elevation of Privilege Vulnerability
CVE-2022-35767
2022-08-09
HIGH
8.1
Windows Secure Socket Tunneling Protocol (SSTP) Remote Code Execution Vulnerability
CVE-2022-35766
2022-08-09
HIGH
8.1
Windows Secure Socket Tunneling Protocol (SSTP) Remote Code Execution Vulnerability
CVE-2022-35765
2022-08-09
HIGH
7.8
Storage Spaces Direct Elevation of Privilege Vulnerability
CVE-2022-35764
2022-08-09
HIGH
7.8
Storage Spaces Direct Elevation of Privilege Vulnerability
CVE-2022-35763
2022-08-09
HIGH
7.8
Storage Spaces Direct Elevation of Privilege Vulnerability
CVE-2022-35762
2022-08-09
HIGH
7.8
Storage Spaces Direct Elevation of Privilege Vulnerability
CVE-2022-35761
2022-08-09
HIGH
7.8
Windows Kernel Elevation of Privilege Vulnerability
CVE-2022-34716
2022-08-09
MEDIUM
5.9
.NET Spoofing Vulnerability
CVE-2024-5246
2024-05-23
HIGH
8.8
NETGEAR ProSAFE Network Management System Tomcat Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of NETGEAR ProSAFE Network Management System.…
CVE-2024-40505
2024-07-16
CRITICAL
9.3
Directory Traversal vulnerability in D-Link DAP-1650 Firmware v.1.03 allows a local attacker to escalate privileges via the hedwig.cgi component.
« Anterior
Página 1132 de 4308
Siguiente »
Page load link
Go to Top
