Skip to content
Toggle Navigation
Kit ISO 27001
Ingeniería y Consultoría
Recursos
ISO 27001
ISO 27001 – GAP Analysis Tool
Ciberseguridad
Vulnerabilidades CVE
Blog
Contacto
Obtener el Toolkit
Toggle Navigation
Kit ISO 27001
Ingeniería y Consultoría
Recursos
ISO 27001
ISO 27001 – GAP Analysis Tool
Ciberseguridad
Vulnerabilidades CVE
Blog
Contacto
Obtener el Toolkit
Vulnerabilidades CVE
Vulnerabilidades CVE
drmunozcl
2025-06-04T18:44:58-04:00
Vulnerabilidades CVE
A continuación la lista de las últimas vulnerabilidades publicadas por el instituto NIST:
Severidad:
Todas
NONE
LOW
MEDIUM
HIGH
CRITICAL
UNKNOWN
CVE:
Aplicar
Borrar filtros
CVE ID
Publicado
Severidad
CVSS
Descripción
CVE-2026-45502
2026-06-09
MEDIUM
5.0
Server-side request forgery (ssrf) in Microsoft Exchange Server allows an authorized attacker to disclose information over a network.
CVE-2026-45500
2026-06-09
MEDIUM
6.1
Improper neutralization of input during web page generation ('cross-site scripting') in Microsoft Exchange Server allows an unauthorized attacker to perform spoofing over a network.
CVE-2026-45491
2026-06-09
MEDIUM
6.2
Improper link resolution before file access ('link following') in .NET allows an unauthorized attacker to perform tampering locally.
CVE-2026-45490
2026-06-09
HIGH
7.8
Improper authorization in .NET allows an authorized attacker to elevate privileges locally.
CVE-2026-45487
2026-06-09
HIGH
7.8
Time-of-check time-of-use (TOCTOU) race condition in Program Compatibility Assistant Service allows an authorized attacker to elevate privileges locally.
CVE-2026-45486
2026-06-09
HIGH
7.8
Untrusted pointer dereference in Microsoft Office Word allows an unauthorized attacker to execute code locally.
CVE-2026-45485
2026-06-09
LOW
3.3
Out-of-bounds read in Microsoft Office allows an unauthorized attacker to disclose information locally.
CVE-2026-45484
2026-06-09
HIGH
8.8
Deserialization of untrusted data in Microsoft Office SharePoint allows an authorized attacker to elevate privileges over a network.
CVE-2026-45483
2026-06-09
MEDIUM
4.6
Improper neutralization of input during web page generation ('cross-site scripting') in Microsoft Office Project Server allows an authorized attacker to perform spoofing over a network.
CVE-2026-45482
2026-06-09
HIGH
8.4
Improper limitation of a pathname to a restricted directory ('path traversal') in GitHub Copilot and Visual Studio Code allows an unauthorized attacker to bypass a security feature locally.
CVE-2026-45481
2026-06-09
HIGH
7.3
Improper neutralization of input during web page generation ('cross-site scripting') in Microsoft Office SharePoint allows an authorized attacker to perform spoofing over a network.
CVE-2026-45479
2026-06-09
MEDIUM
4.6
Improper neutralization of input during web page generation ('cross-site scripting') in Microsoft Office SharePoint allows an authorized attacker to perform spoofing over a network.
CVE-2026-45476
2026-06-09
HIGH
8.2
Use after free in Linux MANA Driver allows an authorized attacker to elevate privileges locally.
CVE-2026-45475
2026-06-09
HIGH
7.8
Heap-based buffer overflow in Microsoft Office allows an unauthorized attacker to execute code locally.
CVE-2026-45474
2026-06-09
HIGH
8.4
Heap-based buffer overflow in Microsoft Office allows an unauthorized attacker to execute code locally.
CVE-2026-45472
2026-06-09
HIGH
8.4
Heap-based buffer overflow in Microsoft Office allows an unauthorized attacker to execute code locally.
CVE-2026-45471
2026-06-09
HIGH
7.8
Untrusted pointer dereference in Microsoft Office Word allows an unauthorized attacker to execute code locally.
CVE-2026-45469
2026-06-09
HIGH
7.8
Integer underflow (wrap or wraparound) in Microsoft Office Excel allows an unauthorized attacker to execute code locally.
CVE-2026-45468
2026-06-09
MEDIUM
4.6
Improper neutralization of input during web page generation ('cross-site scripting') in Microsoft Office SharePoint allows an authorized attacker to perform spoofing over a network.
CVE-2026-45467
2026-06-09
MEDIUM
4.6
Improper neutralization of input during web page generation ('cross-site scripting') in Microsoft Office SharePoint allows an authorized attacker to perform spoofing over a network.
CVE-2026-45466
2026-06-09
LOW
3.3
Heap-based buffer overflow in Microsoft Office Word allows an unauthorized attacker to disclose information locally.
CVE-2026-45465
2026-06-09
MEDIUM
5.4
Improper neutralization of input during web page generation ('cross-site scripting') in Microsoft Office SharePoint allows an authorized attacker to perform spoofing over a network.
CVE-2026-45464
2026-06-09
MEDIUM
5.4
Improper neutralization of input during web page generation ('cross-site scripting') in Microsoft Office SharePoint allows an authorized attacker to perform spoofing over a network.
CVE-2026-45463
2026-06-09
HIGH
8.4
Heap-based buffer overflow in Microsoft Office allows an unauthorized attacker to execute code locally.
CVE-2026-45462
2026-06-09
MEDIUM
4.6
Improper neutralization of input during web page generation ('cross-site scripting') in Microsoft Office SharePoint allows an authorized attacker to perform spoofing over a network.
CVE-2026-45461
2026-06-09
HIGH
8.4
Heap-based buffer overflow in Microsoft Office allows an unauthorized attacker to execute code locally.
CVE-2026-45460
2026-06-09
MEDIUM
4.7
Out-of-bounds read in Microsoft Office allows an unauthorized attacker to disclose information locally.
CVE-2026-45459
2026-06-09
LOW
3.3
Protection mechanism failure in Microsoft Office Excel allows an unauthorized attacker to bypass a security feature locally.
CVE-2026-45458
2026-06-09
HIGH
8.4
Access of resource using incompatible type ('type confusion') in Microsoft Office allows an unauthorized attacker to execute code locally.
CVE-2026-45457
2026-06-09
HIGH
7.8
Untrusted pointer dereference in Microsoft Office Word allows an unauthorized attacker to execute code locally.
CVE-2026-45456
2026-06-09
HIGH
8.4
Access of resource using incompatible type ('type confusion') in Microsoft Office allows an unauthorized attacker to execute code locally.
CVE-2026-45455
2026-06-09
LOW
3.3
Out-of-bounds read in Microsoft Office Excel allows an unauthorized attacker to disclose information over a network.
CVE-2026-45454
2026-06-09
MEDIUM
6.5
Improper limitation of a pathname to a restricted directory ('path traversal') in Microsoft Office SharePoint allows an authorized attacker to execute code over a network.
CVE-2026-45453
2026-06-09
MEDIUM
5.4
Improper neutralization of input during web page generation ('cross-site scripting') in Microsoft Office SharePoint allows an authorized attacker to perform spoofing over a network.
CVE-2026-44824
2026-06-09
HIGH
7.8
Heap-based buffer overflow in Microsoft Office allows an unauthorized attacker to execute code locally.
CVE-2026-44823
2026-06-09
HIGH
7.8
Integer underflow (wrap or wraparound) in Microsoft Office Excel allows an unauthorized attacker to execute code locally.
CVE-2026-44822
2026-06-09
HIGH
8.2
Out-of-bounds read in Microsoft Office Excel allows an unauthorized attacker to disclose information over a network.
CVE-2026-44821
2026-06-09
MEDIUM
5.5
Out-of-bounds read in Microsoft Office allows an unauthorized attacker to disclose information locally.
CVE-2026-44820
2026-06-09
HIGH
7.8
Integer underflow (wrap or wraparound) in Microsoft Office Excel allows an unauthorized attacker to execute code locally.
CVE-2026-44819
2026-06-09
HIGH
7.8
Heap-based buffer overflow in Microsoft Office allows an unauthorized attacker to execute code locally.
CVE-2026-44818
2026-06-09
HIGH
7.0
Integer underflow (wrap or wraparound) in Microsoft Office Excel allows an unauthorized attacker to execute code locally.
CVE-2026-44817
2026-06-09
HIGH
7.8
Integer underflow (wrap or wraparound) in Microsoft Office Excel allows an unauthorized attacker to execute code locally.
CVE-2026-44815
2026-06-09
CRITICAL
9.8
Stack-based buffer overflow in Windows DHCP Client allows an unauthorized attacker to execute code over a network.
CVE-2026-44814
2026-06-09
MEDIUM
5.5
Out-of-bounds read in Windows DWM Core Library allows an authorized attacker to disclose information locally.
CVE-2026-44813
2026-06-09
HIGH
7.8
Use after free in Windows DWM Core Library allows an authorized attacker to elevate privileges locally.
CVE-2026-44812
2026-06-09
HIGH
7.8
Integer overflow or wraparound in Windows Win32K - GRFX allows an unauthorized attacker to execute code locally.
CVE-2026-44811
2026-06-09
HIGH
7.8
Use after free in Windows DWM Core Library allows an authorized attacker to elevate privileges locally.
CVE-2026-44810
2026-06-09
HIGH
8.4
Improper authentication in Windows Cryptographic Services allows an unauthorized attacker to elevate privileges locally.
CVE-2026-44809
2026-06-09
HIGH
7.8
Use after free in Windows Common Log File System Driver allows an authorized attacker to elevate privileges locally.
CVE-2026-44808
2026-06-09
HIGH
7.8
Use after free in Windows DWM Core Library allows an authorized attacker to elevate privileges locally.
« Anterior
Página 117 de 4520
Siguiente »
Page load link
Go to Top