Skip to content
Toggle Navigation
ISO/IEC 27001
Introducción a ISO 27001
Requisitos Normativos
Todos el contenido
Ciberseguridad
Introducción a la ciberseguridad
Defensa de sistemas informáticos
Amenazas y tendencias
Eventos de ciberseguridad
Glosario
Todos los artículos
Vulnerabilidades CVE
Desarrollo seguro (SDLC)
Desarrollo de software seguro
Normativa y Leyes
Leyes de protección de datos
Agencias nacionales de ciberseguridad
Contacto
Vulnerabilidades CVE
Vulnerabilidades CVE
drmunozcl
2025-06-04T18:44:58-04:00
Vulnerabilidades CVE
A continuación la lista de las últimas vulnerabilidades publicadas por el instituto NIST:
Filtrar por severidad:
Todas
NONE
LOW
MEDIUM
HIGH
CRITICAL
UNKNOWN
Filtrar
CVE ID
Publicado
Severidad
CVSS
Descripción
CVE-2025-8189
2025-07-26
MEDIUM
6.3
A vulnerability classified as critical was found in Campcodes Courier Management System 1.0. This vulnerability affects unknown code of the…
CVE-2025-8188
2025-07-26
MEDIUM
6.3
A vulnerability classified as critical has been found in Campcodes Courier Management System 1.0. This affects an unknown part of…
CVE-2025-8187
2025-07-26
MEDIUM
6.3
A vulnerability was found in Campcodes Courier Management System 1.0. It has been rated as critical. Affected by this issue…
CVE-2025-8186
2025-07-26
MEDIUM
6.3
A vulnerability was found in Campcodes Courier Management System 1.0. It has been declared as critical. Affected by this vulnerability…
CVE-2025-8185
2025-07-26
HIGH
7.3
A vulnerability was found in 1000 Projects ABC Courier Management System 1.0. It has been classified as critical. Affected is…
CVE-2025-8184
2025-07-26
HIGH
8.8
A vulnerability was found in D-Link DIR-513 up to 1.10 and classified as critical. This issue affects the function formSetWanL2TPcallback…
CVE-2025-8182
2025-07-26
MEDIUM
5.6
A vulnerability has been found in Tenda AC18 15.03.05.19 and classified as problematic. This vulnerability affects unknown code of the…
CVE-2025-6991
2025-07-26
HIGH
7.5
The kallyas theme for WordPress is vulnerable to Local File Inclusion in all versions up to, and including, 4.21.0 via…
CVE-2025-6989
2025-07-26
HIGH
8.1
The Kallyas theme for WordPress is vulnerable to arbitrary folder deletion due to insufficient file path validation in the delete_font()…
CVE-2025-5529
2025-07-26
MEDIUM
6.4
The Educenter theme for WordPress is vulnerable to Stored Cross-Site Scripting via the Circle Counter Block in all versions up…
CVE-2025-8181
2025-07-26
HIGH
7.2
A vulnerability, which was classified as critical, was found in TOTOLINK N600R and X2000R 1.0.0.1. This affects an unknown part…
CVE-2025-8180
2025-07-26
HIGH
8.8
A vulnerability, which was classified as critical, has been found in Tenda CH22 1.0.0.1. Affected by this issue is the…
CVE-2025-8097
2025-07-26
MEDIUM
5.3
The WoodMart theme for WordPress is vulnerable to Improper Input Validation in all versions up to, and including, 8.2.6. This…
CVE-2025-7501
2025-07-26
MEDIUM
6.4
The Wonder Slider Lite plugin for WordPress is vulnerable to Stored Cross-Site Scripting via image title and description DOM in…
CVE-2025-6987
2025-07-26
MEDIUM
6.4
The Advanced iFrame plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'advanced_iframe' shortcode in all versions…
CVE-2025-8198
2025-07-26
HIGH
7.5
The MinimogWP – The High Converting eCommerce WordPress Theme theme for WordPress is vulnerable to price manipulation in all versions…
CVE-2025-8179
2025-07-26
HIGH
7.3
A vulnerability classified as critical was found in PHPGurukul Local Services Search Engine Management System 2.1. Affected by this vulnerability…
CVE-2025-8178
2025-07-26
HIGH
8.8
A vulnerability classified as critical has been found in Tenda AC10 16.03.10.13. Affected is an unknown function of the file…
CVE-2025-6895
2025-07-26
CRITICAL
9.8
The Melapress Login Security plugin for WordPress is vulnerable to Authentication Bypass due to missing authorization within the get_valid_user_based_on_token() function…
CVE-2025-8177
2025-07-26
MEDIUM
5.3
A vulnerability was found in LibTIFF up to 4.7.0. It has been rated as critical. This issue affects the function…
CVE-2025-8176
2025-07-26
MEDIUM
5.3
A vulnerability was found in LibTIFF up to 4.7.0. It has been declared as critical. This vulnerability affects the function…
CVE-2025-8103
2025-07-26
MEDIUM
4.3
The WPeMatico RSS Feed Fetcher plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and…
CVE-2025-54416
2025-07-26
CRITICAL
9.1
tj-actions/branch-names is a Github actions repository that contains workflows to retrieve branch or tag names with support for all events.…
CVE-2025-54415
2025-07-26
N/A
0.0
dag-factory is a library for Apache Airflow® to construct DAGs declaratively via configuration files. In versions 0.23.0a8 and below, a…
CVE-2025-54414
2025-07-26
N/A
0.0
Anubis is a Web AI Firewall Utility that weighs the soul of users' connections using one or more challenges in…
CVE-2025-54413
2025-07-26
N/A
0.0
skops is a Python library which helps users share and ship their scikit-learn based models. Versions 0.11.0 and below contain…
CVE-2025-54412
2025-07-26
N/A
0.0
skops is a Python library which helps users share and ship their scikit-learn based models. Versions 0.11.0 and below contain…
CVE-2025-54385
2025-07-26
N/A
0.0
XWiki Platform is a generic wiki platform offering runtime services for applications built on top of it. In versions between…
CVE-2025-54380
2025-07-26
MEDIUM
6.5
Opencast is a free, open-source platform to support the management of educational audio and video content. Prior to version 17.6,…
CVE-2025-54378
2025-07-26
HIGH
8.3
HAX CMS allows you to manage your microsite universe with PHP or NodeJs backends. In versions 11.0.13 and below of…
CVE-2025-54366
2025-07-26
N/A
0.0
FreeScout is a lightweight free open source help desk and shared inbox built with PHP (Laravel framework). In versions 1.8.185…
CVE-2025-50185
2025-07-26
N/A
0.0
DbGate is cross-platform database manager. In versions 6.6.0 and below, DbGate allows unauthorized file access due to insufficient validation of…
CVE-2025-50184
2025-07-26
N/A
0.0
DbGate is cross-platform database manager. In versions 6.4.3-premium-beta.5 and below, DbGate is vulnerable to a directory traversal flaw. The file…
CVE-2024-13507
2025-07-26
HIGH
7.5
The GeoDirectory – WP Business Directory Plugin and Classified Listings Directory plugin for WordPress is vulnerable to time-based SQL Injection…
CVE-2025-8175
2025-07-26
MEDIUM
6.5
A vulnerability was found in D-Link DI-8400 16.07.26A1. It has been classified as problematic. This affects an unknown part of…
CVE-2025-8174
2025-07-26
MEDIUM
6.3
A vulnerability was found in code-projects Voting System 1.0 and classified as critical. Affected by this issue is some unknown…
CVE-2023-2274
2025-07-26
N/A
0.0
Rejected reason: This CVE assignment was considered invalid after investigation.
CVE-2025-8173
2025-07-25
HIGH
7.3
A vulnerability has been found in 1000 Projects ABC Courier Management System 1.0 and classified as critical. Affected by this…
CVE-2025-8172
2025-07-25
MEDIUM
6.3
A vulnerability, which was classified as critical, was found in itsourcecode Employee Management System 1.0. Affected is an unknown function…
CVE-2025-8171
2025-07-25
MEDIUM
6.3
A vulnerability, which was classified as critical, has been found in code-projects Document Management System 1.0. This issue affects some…
CVE-2025-8101
2025-07-25
N/A
0.0
Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution') vulnerability in Linkify (linkifyjs) allows XSS Targeting HTML Attributes and Manipulating…
CVE-2025-8170
2025-07-25
HIGH
8.8
A vulnerability classified as critical was found in TOTOLINK T6 4.1.5cu.748_B20211015. This vulnerability affects the function tcpcheck_net of the file…
CVE-2025-8169
2025-07-25
HIGH
8.8
A vulnerability classified as critical has been found in D-Link DIR-513 1.10. This affects the function formSetWanPPTPcallback of the file…
CVE-2025-8166
2025-07-25
HIGH
7.3
A vulnerability was found in code-projects Church Donation System 1.0. It has been classified as critical. Affected is an unknown…
CVE-2025-52455
2025-07-25
MEDIUM
5.3
Server-Side Request Forgery (SSRF) vulnerability in Salesforce Tableau Server on Windows, Linux (EPS Server modules) allows Resource Location Spoofing. This…
CVE-2025-52454
2025-07-25
MEDIUM
5.3
Server-Side Request Forgery (SSRF) vulnerability in Salesforce Tableau Server on Windows, Linux (Amazon S3 Connector modules) allows Resource Location Spoofing.…
CVE-2025-52453
2025-07-25
HIGH
8.2
Server-Side Request Forgery (SSRF) vulnerability in Salesforce Tableau Server on Windows, Linux (Flow Data Source modules) allows Resource Location Spoofing.…
CVE-2025-52452
2025-07-25
HIGH
8.5
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in Salesforce Tableau Server on Windows, Linux (tabdoc…
CVE-2025-45960
2025-07-25
MEDIUM
6.1
Cross Site Scripting vulnerability in tawk.to Live Chat v.1.6.1 allows a remote attacker to execute arbitrary code via the web…
CVE-2025-45893
2025-07-25
MEDIUM
6.1
OpenCart version 4.1.0.4 is vulnerable to a Stored Cross-Site Scripting (XSS) attack via SVG file uploads used in blog posts.…
« Anterior
Página 118 de 3462
Siguiente »
Page load link
Go to Top
