Vulnerabilidades CVE

A continuación la lista de las últimas vulnerabilidades publicadas por el instituto NIST:

Borrar filtros
CVE ID Publicado Severidad CVSS Descripción
CVE-2026-45502 2026-06-09 MEDIUM 5.0 Server-side request forgery (ssrf) in Microsoft Exchange Server allows an authorized attacker to disclose information over a network.
CVE-2026-45500 2026-06-09 MEDIUM 6.1 Improper neutralization of input during web page generation ('cross-site scripting') in Microsoft Exchange Server allows an unauthorized attacker to perform spoofing over a network.
CVE-2026-45491 2026-06-09 MEDIUM 6.2 Improper link resolution before file access ('link following') in .NET allows an unauthorized attacker to perform tampering locally.
CVE-2026-45490 2026-06-09 HIGH 7.8 Improper authorization in .NET allows an authorized attacker to elevate privileges locally.
CVE-2026-45487 2026-06-09 HIGH 7.8 Time-of-check time-of-use (TOCTOU) race condition in Program Compatibility Assistant Service allows an authorized attacker to elevate privileges locally.
CVE-2026-45486 2026-06-09 HIGH 7.8 Untrusted pointer dereference in Microsoft Office Word allows an unauthorized attacker to execute code locally.
CVE-2026-45485 2026-06-09 LOW 3.3 Out-of-bounds read in Microsoft Office allows an unauthorized attacker to disclose information locally.
CVE-2026-45484 2026-06-09 HIGH 8.8 Deserialization of untrusted data in Microsoft Office SharePoint allows an authorized attacker to elevate privileges over a network.
CVE-2026-45483 2026-06-09 MEDIUM 4.6 Improper neutralization of input during web page generation ('cross-site scripting') in Microsoft Office Project Server allows an authorized attacker to perform spoofing over a network.
CVE-2026-45482 2026-06-09 HIGH 8.4 Improper limitation of a pathname to a restricted directory ('path traversal') in GitHub Copilot and Visual Studio Code allows an unauthorized attacker to bypass a security feature locally.
CVE-2026-45481 2026-06-09 HIGH 7.3 Improper neutralization of input during web page generation ('cross-site scripting') in Microsoft Office SharePoint allows an authorized attacker to perform spoofing over a network.
CVE-2026-45479 2026-06-09 MEDIUM 4.6 Improper neutralization of input during web page generation ('cross-site scripting') in Microsoft Office SharePoint allows an authorized attacker to perform spoofing over a network.
CVE-2026-45476 2026-06-09 HIGH 8.2 Use after free in Linux MANA Driver allows an authorized attacker to elevate privileges locally.
CVE-2026-45475 2026-06-09 HIGH 7.8 Heap-based buffer overflow in Microsoft Office allows an unauthorized attacker to execute code locally.
CVE-2026-45474 2026-06-09 HIGH 8.4 Heap-based buffer overflow in Microsoft Office allows an unauthorized attacker to execute code locally.
CVE-2026-45472 2026-06-09 HIGH 8.4 Heap-based buffer overflow in Microsoft Office allows an unauthorized attacker to execute code locally.
CVE-2026-45471 2026-06-09 HIGH 7.8 Untrusted pointer dereference in Microsoft Office Word allows an unauthorized attacker to execute code locally.
CVE-2026-45469 2026-06-09 HIGH 7.8 Integer underflow (wrap or wraparound) in Microsoft Office Excel allows an unauthorized attacker to execute code locally.
CVE-2026-45468 2026-06-09 MEDIUM 4.6 Improper neutralization of input during web page generation ('cross-site scripting') in Microsoft Office SharePoint allows an authorized attacker to perform spoofing over a network.
CVE-2026-45467 2026-06-09 MEDIUM 4.6 Improper neutralization of input during web page generation ('cross-site scripting') in Microsoft Office SharePoint allows an authorized attacker to perform spoofing over a network.
CVE-2026-45466 2026-06-09 LOW 3.3 Heap-based buffer overflow in Microsoft Office Word allows an unauthorized attacker to disclose information locally.
CVE-2026-45465 2026-06-09 MEDIUM 5.4 Improper neutralization of input during web page generation ('cross-site scripting') in Microsoft Office SharePoint allows an authorized attacker to perform spoofing over a network.
CVE-2026-45464 2026-06-09 MEDIUM 5.4 Improper neutralization of input during web page generation ('cross-site scripting') in Microsoft Office SharePoint allows an authorized attacker to perform spoofing over a network.
CVE-2026-45463 2026-06-09 HIGH 8.4 Heap-based buffer overflow in Microsoft Office allows an unauthorized attacker to execute code locally.
CVE-2026-45462 2026-06-09 MEDIUM 4.6 Improper neutralization of input during web page generation ('cross-site scripting') in Microsoft Office SharePoint allows an authorized attacker to perform spoofing over a network.
CVE-2026-45461 2026-06-09 HIGH 8.4 Heap-based buffer overflow in Microsoft Office allows an unauthorized attacker to execute code locally.
CVE-2026-45460 2026-06-09 MEDIUM 4.7 Out-of-bounds read in Microsoft Office allows an unauthorized attacker to disclose information locally.
CVE-2026-45459 2026-06-09 LOW 3.3 Protection mechanism failure in Microsoft Office Excel allows an unauthorized attacker to bypass a security feature locally.
CVE-2026-45458 2026-06-09 HIGH 8.4 Access of resource using incompatible type ('type confusion') in Microsoft Office allows an unauthorized attacker to execute code locally.
CVE-2026-45457 2026-06-09 HIGH 7.8 Untrusted pointer dereference in Microsoft Office Word allows an unauthorized attacker to execute code locally.
CVE-2026-45456 2026-06-09 HIGH 8.4 Access of resource using incompatible type ('type confusion') in Microsoft Office allows an unauthorized attacker to execute code locally.
CVE-2026-45455 2026-06-09 LOW 3.3 Out-of-bounds read in Microsoft Office Excel allows an unauthorized attacker to disclose information over a network.
CVE-2026-45454 2026-06-09 MEDIUM 6.5 Improper limitation of a pathname to a restricted directory ('path traversal') in Microsoft Office SharePoint allows an authorized attacker to execute code over a network.
CVE-2026-45453 2026-06-09 MEDIUM 5.4 Improper neutralization of input during web page generation ('cross-site scripting') in Microsoft Office SharePoint allows an authorized attacker to perform spoofing over a network.
CVE-2026-44824 2026-06-09 HIGH 7.8 Heap-based buffer overflow in Microsoft Office allows an unauthorized attacker to execute code locally.
CVE-2026-44823 2026-06-09 HIGH 7.8 Integer underflow (wrap or wraparound) in Microsoft Office Excel allows an unauthorized attacker to execute code locally.
CVE-2026-44822 2026-06-09 HIGH 8.2 Out-of-bounds read in Microsoft Office Excel allows an unauthorized attacker to disclose information over a network.
CVE-2026-44821 2026-06-09 MEDIUM 5.5 Out-of-bounds read in Microsoft Office allows an unauthorized attacker to disclose information locally.
CVE-2026-44820 2026-06-09 HIGH 7.8 Integer underflow (wrap or wraparound) in Microsoft Office Excel allows an unauthorized attacker to execute code locally.
CVE-2026-44819 2026-06-09 HIGH 7.8 Heap-based buffer overflow in Microsoft Office allows an unauthorized attacker to execute code locally.
CVE-2026-44818 2026-06-09 HIGH 7.0 Integer underflow (wrap or wraparound) in Microsoft Office Excel allows an unauthorized attacker to execute code locally.
CVE-2026-44817 2026-06-09 HIGH 7.8 Integer underflow (wrap or wraparound) in Microsoft Office Excel allows an unauthorized attacker to execute code locally.
CVE-2026-44815 2026-06-09 CRITICAL 9.8 Stack-based buffer overflow in Windows DHCP Client allows an unauthorized attacker to execute code over a network.
CVE-2026-44814 2026-06-09 MEDIUM 5.5 Out-of-bounds read in Windows DWM Core Library allows an authorized attacker to disclose information locally.
CVE-2026-44813 2026-06-09 HIGH 7.8 Use after free in Windows DWM Core Library allows an authorized attacker to elevate privileges locally.
CVE-2026-44812 2026-06-09 HIGH 7.8 Integer overflow or wraparound in Windows Win32K - GRFX allows an unauthorized attacker to execute code locally.
CVE-2026-44811 2026-06-09 HIGH 7.8 Use after free in Windows DWM Core Library allows an authorized attacker to elevate privileges locally.
CVE-2026-44810 2026-06-09 HIGH 8.4 Improper authentication in Windows Cryptographic Services allows an unauthorized attacker to elevate privileges locally.
CVE-2026-44809 2026-06-09 HIGH 7.8 Use after free in Windows Common Log File System Driver allows an authorized attacker to elevate privileges locally.
CVE-2026-44808 2026-06-09 HIGH 7.8 Use after free in Windows DWM Core Library allows an authorized attacker to elevate privileges locally.
« Anterior Página 117 de 4520 Siguiente »