Skip to content
Toggle Navigation
Kit ISO 27001
Ingeniería y Consultoría
Recursos
ISO 27001
ISO 27001 – GAP Analysis Tool
Ciberseguridad
Vulnerabilidades CVE
Blog
Contacto
Obtener el Toolkit
Toggle Navigation
Kit ISO 27001
Ingeniería y Consultoría
Recursos
ISO 27001
ISO 27001 – GAP Analysis Tool
Ciberseguridad
Vulnerabilidades CVE
Blog
Contacto
Obtener el Toolkit
Vulnerabilidades CVE
Vulnerabilidades CVE
drmunozcl
2025-06-04T18:44:58-04:00
Vulnerabilidades CVE
A continuación la lista de las últimas vulnerabilidades publicadas por el instituto NIST:
Severidad:
Todas
NONE
LOW
MEDIUM
HIGH
CRITICAL
UNKNOWN
CVE:
Aplicar
Borrar filtros
CVE ID
Publicado
Severidad
CVSS
Descripción
CVE-2025-30442
2025-05-12
HIGH
7.8
The issue was addressed with improved input sanitization. This issue is fixed in macOS Sequoia 15.4, macOS Ventura 13.7.6, macOS Sonoma 14.7.6. An app may be able to…
CVE-2025-30436
2025-05-12
CRITICAL
9.1
This issue was addressed by restricting options offered on a locked device. This issue is fixed in iOS 18.4 and iPadOS 18.4. An attacker may be able to…
CVE-2025-24223
2025-05-12
HIGH
8.0
The issue was addressed with improved memory handling. This issue is fixed in watchOS 11.5, tvOS 18.5, iOS 18.5 and iPadOS 18.5, macOS Sequoia 15.5, visionOS 2.5, Safari…
CVE-2025-30448
2025-05-12
CRITICAL
9.1
This issue was addressed with additional entitlement checks. This issue is fixed in macOS Sonoma 14.7.6, iPadOS 17.7.7, iOS 18.5 and iPadOS 18.5, visionOS 2.5, macOS Ventura 13.7.6,…
CVE-2025-30453
2025-05-12
HIGH
7.8
The issue was addressed with additional permissions checks. This issue is fixed in macOS Sequoia 15.4, macOS Ventura 13.7.6, macOS Sonoma 14.7.6. A malicious app may be able…
CVE-2025-31195
2025-05-12
MEDIUM
6.3
The issue was addressed by adding additional logic. This issue is fixed in macOS Sequoia 15.4. An app may be able to break out of its sandbox.
CVE-2025-31196
2025-05-12
MEDIUM
5.5
An out-of-bounds read was addressed with improved input validation. This issue is fixed in iPadOS 17.7.7, macOS Ventura 13.7.6, macOS Sonoma 14.7.6. Processing a maliciously crafted file may…
CVE-2025-31204
2025-05-12
HIGH
8.8
The issue was addressed with improved memory handling. This issue is fixed in watchOS 11.5, tvOS 18.5, iOS 18.5 and iPadOS 18.5, macOS Sequoia 15.5, visionOS 2.5, Safari…
CVE-2025-31205
2025-05-12
MEDIUM
6.5
The issue was addressed with improved checks. This issue is fixed in watchOS 11.5, tvOS 18.5, iOS 18.5 and iPadOS 18.5, macOS Sequoia 15.5, visionOS 2.5, Safari 18.5.…
CVE-2025-31206
2025-05-12
MEDIUM
4.3
A type confusion issue was addressed with improved state handling. This issue is fixed in watchOS 11.5, tvOS 18.5, iPadOS 17.7.7, iOS 18.5 and iPadOS 18.5, macOS Sequoia…
CVE-2025-31207
2025-05-12
HIGH
7.7
A logic issue was addressed with improved checks. This issue is fixed in iOS 18.5 and iPadOS 18.5. An app may be able to enumerate a user's installed…
CVE-2025-31208
2025-05-12
HIGH
7.5
The issue was addressed with improved checks. This issue is fixed in watchOS 11.5, macOS Sonoma 14.7.6, tvOS 18.5, iPadOS 17.7.7, iOS 18.5 and iPadOS 18.5, macOS Sequoia…
CVE-2025-31209
2025-05-12
MEDIUM
6.3
An out-of-bounds read was addressed with improved bounds checking. This issue is fixed in watchOS 11.5, macOS Sonoma 14.7.6, tvOS 18.5, iPadOS 17.7.7, iOS 18.5 and iPadOS 18.5,…
CVE-2025-31210
2025-05-12
MEDIUM
6.5
The issue was addressed with improved UI. This issue is fixed in iPadOS 17.7.7, iOS 18.5 and iPadOS 18.5. Processing web content may lead to a denial-of-service.
CVE-2025-31212
2025-05-12
MEDIUM
5.5
This issue was addressed through improved state management. This issue is fixed in watchOS 11.5, tvOS 18.5, iOS 18.5 and iPadOS 18.5, macOS Sequoia 15.5, visionOS 2.5. An…
CVE-2025-24142
2025-05-12
MEDIUM
5.5
A privacy issue was addressed with improved private data redaction for log entries. This issue is fixed in macOS Ventura 13.7.6, macOS Sequoia 15.5, macOS Sonoma 14.7.6. An…
CVE-2023-31493
2024-10-15
MEDIUM
6.6
RCE (Remote Code Execution) exists in ZoneMinder through 1.36.33 as an attacker can create a new .php log file in language folder, while executing a crafted payload and…
CVE-2024-30807
2024-04-02
HIGH
7.5
An issue was discovered in Bento4 v1.6.0-641-2-g1529b83. There is a heap-use-after-free in AP4_UnknownAtom::~AP4_UnknownAtom at Ap4Atom.cpp, leading to a Denial of Service (DoS), as demonstrated by mp42ts.
CVE-2025-24111
2025-05-12
MEDIUM
5.5
A memory corruption issue was addressed with improved state management. This issue is fixed in macOS Sequoia 15.3, visionOS 2.3, iPadOS 17.7.7, watchOS 11.3, macOS Sonoma 14.7.5, iOS…
CVE-2025-24144
2025-05-12
MEDIUM
5.5
An information disclosure issue was addressed by removing the vulnerable code. This issue is fixed in macOS Sequoia 15.3, macOS Sonoma 14.7.6, visionOS 2.3, iPadOS 17.7.7, watchOS 11.3,…
CVE-2025-24155
2025-05-12
MEDIUM
5.5
The issue was addressed with improved memory handling. This issue is fixed in macOS Sequoia 15.3, macOS Ventura 13.7.6, macOS Sonoma 14.7.6. An app may be able to…
CVE-2024-30806
2024-04-02
MEDIUM
6.5
An issue was discovered in Bento4 v1.6.0-641-2-g1529b83. There is a heap overflow in AP4_Dec3Atom::AP4_Dec3Atom at Ap4Dec3Atom.cpp, leading to a Denial of Service (DoS), as demonstrated by mp42aac.
CVE-2025-24220
2025-05-12
MEDIUM
5.5
A permissions issue was addressed with additional restrictions. This issue is fixed in iOS 18.4 and iPadOS 18.4. An app may be able to read a persistent device…
CVE-2025-24222
2025-05-12
MEDIUM
6.5
The issue was addressed with improved memory handling. This issue is fixed in macOS Sequoia 15.5. Processing maliciously crafted web content may lead to an unexpected process crash.
CVE-2024-31621
2024-04-29
HIGH
7.6
An issue in FlowiseAI Inc Flowise v.1.6.2 and before allows a remote attacker to execute arbitrary code via a crafted script to the api/v1 component.
CVE-2024-23076
2024-04-10
HIGH
7.5
JFreeChart v1.5.4 was discovered to contain a NullPointerException via the component /labels/BubbleXYItemLabelGenerator.java. NOTE: this is disputed by multiple third parties who believe there was not reasonable evidence to…
CVE-2024-34047
2024-04-30
MEDIUM
4.3
O-RAN RIC I-Release e2mgr lacks array size checks in RicServiceUpdateHandler.
CVE-2024-34048
2024-04-30
CRITICAL
9.8
O-RAN RIC I-Release e2mgr lacks array size checks in E2nodeConfigUpdateNotificationHandler.
CVE-2024-34049
2024-04-30
HIGH
7.5
Open Networking Foundation SD-RAN Rimedo rimedo-ts 0.1.1 has a slice bounds out-of-range panic in "return plmnIdString[0:3], plmnIdString[3:]" in reader.go.
CVE-2023-4709
2023-09-01
LOW
3.1
A vulnerability classified as problematic has been found in TOTVS RM 12.1. Affected is an unknown function of the file Login.aspx of the component Portal. The manipulation of…
CVE-2025-48794
2025-05-27
N/A
0.0
Rejected reason: Not used
CVE-2025-48793
2025-05-27
N/A
0.0
Rejected reason: Not used
CVE-2025-48792
2025-05-27
N/A
0.0
Rejected reason: Not used
CVE-2025-48791
2025-05-27
N/A
0.0
Rejected reason: Not used
CVE-2025-48790
2025-05-27
N/A
0.0
Rejected reason: Not used
CVE-2025-48789
2025-05-27
N/A
0.0
Rejected reason: Not used
CVE-2025-48788
2025-05-27
N/A
0.0
Rejected reason: Not used
CVE-2025-48787
2025-05-27
N/A
0.0
Rejected reason: Not used
CVE-2025-48786
2025-05-27
N/A
0.0
Rejected reason: Not used
CVE-2025-46337
2025-05-01
CRITICAL
10.0
ADOdb is a PHP database class library that provides abstractions for performing queries and managing databases. Prior to version 5.22.9, improper escaping of a query parameter may allow…
CVE-2024-13176
2025-01-20
MEDIUM
4.1
Issue summary: A timing side-channel which could potentially allow recovering the private key exists in the ECDSA signature computation. Impact summary: A timing side-channel in ECDSA signature computations…
CVE-2025-4035
2025-04-29
MEDIUM
4.3
A flaw was found in libsoup. When handling cookies, libsoup clients mistakenly allow cookies to be set for public suffix domains if the domain contains at least two…
CVE-2025-37902
2025-05-20
N/A
0.0
Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.
CVE-2025-37753
2025-05-01
N/A
0.0
Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.
CVE-2024-36907
2024-05-30
N/A
0.0
Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.
CVE-2025-1926
2025-03-10
MEDIUM
4.3
The Page Builder: Pagelayer – Drag and Drop website builder plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.9.8. This…
CVE-2024-13228
2025-03-11
MEDIUM
4.3
The Qubely – Advanced Gutenberg Blocks plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 1.8.13 via the 'qubely_get_content'. This makes…
CVE-2025-2206
2025-03-11
LOW
2.4
A vulnerability classified as problematic has been found in aitangbao springboot-manager 3.0. This affects an unknown part of the file /sys/permission. The manipulation of the argument name leads…
CVE-2024-13703
2025-03-13
MEDIUM
4.3
The CRM and Lead Management by vcita plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the vcita_ajax_toggle_ae() function in…
CVE-2025-1561
2025-03-13
HIGH
7.2
The AppPresser – Mobile App Framework plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'title' parameter in all versions up to, and including, 4.4.10 due…
« Anterior
Página 1162 de 4309
Siguiente »
Page load link
Go to Top
