Vulnerabilidades CVE

A continuación la lista de las últimas vulnerabilidades publicadas por el instituto NIST:

Borrar filtros
CVE ID Publicado Severidad CVSS Descripción
CVE-2026-47631 2026-06-09 HIGH 8.1 Improper neutralization of input during web page generation ('cross-site scripting') in Microsoft Exchange Server allows an unauthorized attacker to perform spoofing over a network.
CVE-2026-47298 2026-06-09 HIGH 8.0 Improper authorization in Microsoft Office SharePoint allows an authorized attacker to execute code over a network.
CVE-2026-47293 2026-06-09 HIGH 7.0 Use after free in Microsoft Office Click-To-Run allows an authorized attacker to elevate privileges locally.
CVE-2026-47292 2026-06-09 HIGH 7.8 Inclusion of functionality from untrusted control sphere in Visual Studio Code allows an unauthorized attacker to elevate privileges locally.
CVE-2026-47291 2026-06-09 CRITICAL 9.8 Integer overflow or wraparound in Windows HTTP.sys allows an unauthorized attacker to execute code over a network.
CVE-2026-47289 2026-06-09 HIGH 8.8 Heap-based buffer overflow in Remote Desktop Client allows an unauthorized attacker to execute code over a network.
CVE-2026-47288 2026-06-09 HIGH 7.1 Integer overflow or wraparound in Windows Kerberos allows an authorized attacker to execute code over an adjacent network.
CVE-2026-47287 2026-06-09 MEDIUM 6.5 Relative path traversal in Visual Studio Code allows an unauthorized attacker to perform tampering over a network.
CVE-2026-47284 2026-06-09 MEDIUM 6.5 Exposure of sensitive information to an unauthorized actor in Visual Studio Code allows an unauthorized attacker to disclose information over a network.
CVE-2026-47281 2026-06-09 CRITICAL 9.6 Improper input validation in Visual Studio Code allows an unauthorized attacker to elevate privileges over a network.
CVE-2026-45658 2026-06-09 HIGH 7.8 Protection mechanism failure in Windows BitLocker allows an unauthorized attacker to bypass a security feature with a physical attack.
CVE-2026-45657 2026-06-09 CRITICAL 9.8 Use after free in Windows Kernel allows an unauthorized attacker to execute code over a network.
CVE-2026-45656 2026-06-09 HIGH 7.8 Protection mechanism failure in Windows UEFI allows an authorized attacker to bypass a security feature locally.
CVE-2026-45655 2026-06-09 MEDIUM 5.3 Protection mechanism failure in Windows BitLocker allows an unauthorized attacker to bypass a security feature with a physical attack.
CVE-2026-45654 2026-06-09 HIGH 7.9 Protection mechanism failure in Windows Secure Boot allows an authorized attacker to bypass a security feature locally.
CVE-2026-45653 2026-06-09 HIGH 7.0 Use after free in Windows Kernel allows an authorized attacker to elevate privileges locally.
CVE-2026-45650 2026-06-09 MEDIUM 4.3 User interface (ui) misrepresentation of critical information in Microsoft Bing allows an unauthorized attacker to perform spoofing over a network.
CVE-2026-45649 2026-06-09 HIGH 7.1 Improper access control in Office for Android allows an unauthorized attacker to perform spoofing locally.
CVE-2026-45648 2026-06-09 HIGH 8.8 Stack-based buffer overflow in Active Directory Domain Services allows an authorized attacker to execute code over a network.
CVE-2026-45647 2026-06-09 MEDIUM 5.5 Time-of-check time-of-use (toctou) race condition in Microsoft Defender for Endpoint allows an authorized attacker to elevate privileges locally.
CVE-2026-45645 2026-06-09 HIGH 7.8 Heap-based buffer overflow in Microsoft Office allows an unauthorized attacker to execute code locally.
CVE-2026-45644 2026-06-09 HIGH 8.0 Improper neutralization of input during web page generation ('cross-site scripting') in Microsoft Live Share Canvas SDK allows an authorized attacker to elevate privileges over a network.
CVE-2026-45643 2026-06-09 HIGH 7.8 Untrusted pointer dereference in Microsoft Office Word allows an unauthorized attacker to execute code locally.
CVE-2026-45642 2026-06-09 LOW 3.9 Improper input validation in Microsoft Azure Attestation service and Device Health Attestation Service allows an authorized attacker to perform spoofing with a physical attack.
CVE-2026-45641 2026-06-09 HIGH 8.4 Out-of-bounds read in Windows Hyper-V allows an unauthorized attacker to execute code locally.
CVE-2026-45640 2026-06-09 HIGH 7.0 Use after free in Windows Bluetooth Port Driver allows an authorized attacker to elevate privileges locally.
CVE-2026-45639 2026-06-09 HIGH 7.5 Out-of-bounds read in Windows RDP allows an unauthorized attacker to disclose information over a network.
CVE-2026-45638 2026-06-09 HIGH 7.8 Use after free in Windows Ancillary Function Driver for WinSock allows an authorized attacker to elevate privileges locally.
CVE-2026-45637 2026-06-09 HIGH 7.8 Use after free in Windows DWM Core Library allows an authorized attacker to elevate privileges locally.
CVE-2026-45636 2026-06-09 HIGH 7.8 Heap-based buffer overflow in Windows NTFS allows an unauthorized attacker to execute code locally.
CVE-2026-45635 2026-06-09 HIGH 8.1 Use after free in Universal Plug and Play (upnp.dll) allows an unauthorized attacker to execute code over a network.
CVE-2026-45634 2026-06-09 MEDIUM 5.5 Out-of-bounds read in Windows DHCP Server allows an authorized attacker to disclose information locally.
CVE-2026-45608 2026-06-09 MEDIUM 6.8 Out-of-bounds read in Windows DHCP Server allows an authorized attacker to disclose information locally.
CVE-2026-45607 2026-06-09 HIGH 8.4 Out-of-bounds read in Windows Hyper-V allows an unauthorized attacker to execute code locally.
CVE-2026-45606 2026-06-09 MEDIUM 5.5 Out-of-bounds read in Microsoft UxTheme Library (uxtheme.dll) allows an authorized attacker to deny service locally.
CVE-2026-45605 2026-06-09 HIGH 7.8 Use after free in Windows Bluetooth Service allows an authorized attacker to elevate privileges locally.
CVE-2026-45604 2026-06-09 MEDIUM 5.5 Out-of-bounds read in Windows Application Identity (AppID) Subsystem allows an authorized attacker to disclose information locally.
CVE-2026-45603 2026-06-09 HIGH 7.0 Use after free in Windows Ancillary Function Driver for WinSock allows an authorized attacker to elevate privileges locally.
CVE-2026-45602 2026-06-09 CRITICAL 9.1 No cwe for this issue in Windows DHCP Server allows an unauthorized attacker to perform tampering over a network.
CVE-2026-45601 2026-06-09 HIGH 7.0 Use after free in Windows Ancillary Function Driver for WinSock allows an authorized attacker to elevate privileges locally.
CVE-2026-45600 2026-06-09 HIGH 7.8 Access of resource using incompatible type ('type confusion') in Windows Kernel-Mode Drivers allows an authorized attacker to elevate privileges locally.
CVE-2026-45599 2026-06-09 HIGH 8.1 Use after free in Universal Plug and Play (upnp.dll) allows an unauthorized attacker to execute code over a network.
CVE-2026-45598 2026-06-09 HIGH 7.0 Use after free in Windows Ancillary Function Driver for WinSock allows an authorized attacker to elevate privileges locally.
CVE-2026-45597 2026-06-09 HIGH 7.0 Concurrent execution using shared resource with improper synchronization ('race condition') in UI Automation Manager (uiamanager.dll) allows an authorized attacker to elevate privileges locally.
CVE-2026-45596 2026-06-09 HIGH 7.0 Use after free in Windows Ancillary Function Driver for WinSock allows an authorized attacker to elevate privileges locally.
CVE-2026-45595 2026-06-09 MEDIUM 5.4 Protection mechanism failure in Windows Mark of the Web (MOTW) allows an unauthorized attacker to bypass a security feature over a network.
CVE-2026-45594 2026-06-09 MEDIUM 5.5 Exposure of sensitive information to an unauthorized actor in Windows Application Identity (AppID) Subsystem allows an authorized attacker to disclose information locally.
CVE-2026-45593 2026-06-09 HIGH 7.8 Use after free in Windows SDK allows an authorized attacker to elevate privileges locally.
CVE-2026-45592 2026-06-09 HIGH 7.8 Integer overflow or wraparound in Windows Internet (wininet.dll) allows an authorized attacker to elevate privileges locally.
CVE-2026-45591 2026-06-09 HIGH 7.5 Uncontrolled resource consumption in ASP.NET Core allows an unauthorized attacker to deny service over a network.
« Anterior Página 116 de 4520 Siguiente »