Skip to content
Toggle Navigation
Kit ISO 27001
Ingeniería y Consultoría
Recursos
ISO 27001
ISO 27001 – GAP Analysis Tool
Ciberseguridad
Vulnerabilidades CVE
Blog
Contacto
Obtener el Toolkit
Toggle Navigation
Kit ISO 27001
Ingeniería y Consultoría
Recursos
ISO 27001
ISO 27001 – GAP Analysis Tool
Ciberseguridad
Vulnerabilidades CVE
Blog
Contacto
Obtener el Toolkit
Vulnerabilidades CVE
Vulnerabilidades CVE
drmunozcl
2025-06-04T18:44:58-04:00
Vulnerabilidades CVE
A continuación la lista de las últimas vulnerabilidades publicadas por el instituto NIST:
Severidad:
Todas
NONE
LOW
MEDIUM
HIGH
CRITICAL
UNKNOWN
CVE:
Aplicar
Borrar filtros
CVE ID
Publicado
Severidad
CVSS
Descripción
CVE-2026-44807
2026-06-09
HIGH
7.8
Use after free in Windows DWM Core Library allows an authorized attacker to elevate privileges locally.
CVE-2026-44805
2026-06-09
MEDIUM
5.5
Use after free in Windows Network Controller (NC) Host Agent allows an authorized attacker to deny service locally.
CVE-2026-44804
2026-06-09
HIGH
7.8
Use after free in Windows DWM Core Library allows an authorized attacker to elevate privileges locally.
CVE-2026-44803
2026-06-09
HIGH
7.8
Integer overflow or wraparound in Windows Win32K - GRFX allows an unauthorized attacker to execute code locally.
CVE-2026-44802
2026-06-09
HIGH
7.8
Use after free in Windows DWM Core Library allows an authorized attacker to elevate privileges locally.
CVE-2026-44801
2026-06-09
HIGH
7.5
Heap-based buffer overflow in Remote Desktop Client allows an unauthorized attacker to execute code over a network.
CVE-2026-44799
2026-06-09
HIGH
7.5
Heap-based buffer overflow in Remote Desktop Client allows an unauthorized attacker to execute code over a network.
CVE-2026-42993
2026-06-09
HIGH
7.5
Heap-based buffer overflow in Remote Desktop Client allows an unauthorized attacker to execute code over a network.
CVE-2026-42992
2026-06-09
HIGH
7.5
Heap-based buffer overflow in Remote Desktop Client allows an unauthorized attacker to execute code over a network.
CVE-2026-42991
2026-06-09
HIGH
7.8
Concurrent execution using shared resource with improper synchronization ('race condition') in Windows Push Notifications allows an authorized attacker to elevate privileges locally.
CVE-2026-42989
2026-06-09
HIGH
7.8
Improper link resolution before file access ('link following') in Winlogon allows an authorized attacker to elevate privileges locally.
CVE-2026-42987
2026-06-09
HIGH
8.1
Use after free in Windows Deployment Services allows an unauthorized attacker to execute code over a network.
CVE-2026-42986
2026-06-09
HIGH
7.8
Use after free in Microsoft Graphics Component allows an authorized attacker to elevate privileges locally.
CVE-2026-42985
2026-06-09
HIGH
8.8
Heap-based buffer overflow in Remote Desktop Client allows an unauthorized attacker to execute code over a network.
CVE-2026-42984
2026-06-09
HIGH
7.0
Use after free in Windows Kernel allows an authorized attacker to elevate privileges locally.
CVE-2026-42983
2026-06-09
HIGH
7.8
Use after free in Windows DWM Core Library allows an authorized attacker to elevate privileges locally.
CVE-2026-42981
2026-06-09
HIGH
8.1
Integer underflow (wrap or wraparound) in Windows Performance Monitor allows an unauthorized attacker to execute code over a network.
CVE-2026-42980
2026-06-09
HIGH
7.8
Integer underflow (wrap or wraparound) in Windows NT OS Kernel allows an authorized attacker to elevate privileges locally.
CVE-2026-42979
2026-06-09
HIGH
7.8
Concurrent execution using shared resource with improper synchronization ('race condition') in Windows Push Notifications allows an authorized attacker to elevate privileges locally.
CVE-2026-42978
2026-06-09
HIGH
7.8
Concurrent execution using shared resource with improper synchronization ('race condition') in Windows Push Notifications allows an authorized attacker to elevate privileges locally.
CVE-2026-42977
2026-06-09
HIGH
7.8
Concurrent execution using shared resource with improper synchronization ('race condition') in Windows Push Notifications allows an authorized attacker to elevate privileges locally.
CVE-2026-42974
2026-06-09
HIGH
8.1
Integer underflow (wrap or wraparound) in Windows Performance Monitor allows an unauthorized attacker to execute code over a network.
CVE-2026-42973
2026-06-09
MEDIUM
5.5
Use of uninitialized resource in Windows Push Notifications allows an authorized attacker to disclose information locally.
CVE-2026-42972
2026-06-09
MEDIUM
5.5
Exposure of sensitive information to an unauthorized actor in Windows Hyper-V allows an authorized attacker to disclose information locally.
CVE-2026-42971
2026-06-09
MEDIUM
5.5
Use of uninitialized resource in Windows Push Notifications allows an authorized attacker to disclose information locally.
CVE-2026-42970
2026-06-09
MEDIUM
5.5
Use of uninitialized resource in Windows Push Notifications allows an authorized attacker to disclose information locally.
CVE-2026-42969
2026-06-09
MEDIUM
5.5
Use of uninitialized resource in Windows Push Notifications allows an authorized attacker to disclose information locally.
CVE-2026-42968
2026-06-09
MEDIUM
5.5
Out-of-bounds read in Windows Telephony Service allows an authorized attacker to disclose information locally.
CVE-2026-42916
2026-06-09
HIGH
7.8
Integer underflow (wrap or wraparound) in Windows NT OS Kernel allows an authorized attacker to elevate privileges locally.
CVE-2026-42915
2026-06-09
MEDIUM
5.7
Incorrect calculation of buffer size in Windows TCP/IP allows an authorized attacker to deny service over an adjacent network.
CVE-2026-42914
2026-06-09
MEDIUM
5.3
Windows Kerberos Denial of Service Vulnerability
CVE-2026-42913
2026-06-09
HIGH
7.5
Heap-based buffer overflow in Remote Desktop Client allows an unauthorized attacker to execute code over a network.
CVE-2026-42912
2026-06-09
HIGH
7.0
Concurrent execution using shared resource with improper synchronization ('race condition') in Windows Telephony Service allows an authorized attacker to elevate privileges locally.
CVE-2026-42911
2026-06-09
HIGH
7.0
Use after free in Windows Ancillary Function Driver for WinSock allows an authorized attacker to elevate privileges locally.
CVE-2026-42910
2026-06-09
HIGH
7.8
Out-of-bounds write in Windows Hotpatch Monitoring Service allows an authorized attacker to elevate privileges locally.
CVE-2026-42909
2026-06-09
HIGH
7.5
Heap-based buffer overflow in Remote Desktop Client allows an unauthorized attacker to execute code over a network.
CVE-2026-42908
2026-06-09
HIGH
7.5
Out-of-bounds read in Windows RDP allows an unauthorized attacker to disclose information over a network.
CVE-2026-42907
2026-06-09
MEDIUM
6.5
Exposure of sensitive information to an unauthorized actor in Windows Shell allows an authorized attacker to disclose information locally.
CVE-2026-42906
2026-06-09
MEDIUM
5.5
Exposure of sensitive information to an unauthorized actor in Windows Shell allows an authorized attacker to disclose information locally.
CVE-2026-42905
2026-06-09
HIGH
7.8
Use after free in Windows DWM Core Library allows an authorized attacker to elevate privileges locally.
CVE-2026-42904
2026-06-09
CRITICAL
9.6
Heap-based buffer overflow in Windows TCP/IP allows an unauthorized attacker to elevate privileges over an adjacent network.
CVE-2026-42903
2026-06-09
MEDIUM
6.5
Null pointer dereference in Windows Kerberos allows an authorized attacker to deny service over a network.
CVE-2026-42902
2026-06-09
HIGH
7.8
Improper authorization in Microsoft PowerToys allows an authorized attacker to elevate privileges locally.
CVE-2026-42837
2026-06-09
HIGH
7.8
Buffer over-read in Windows Projected File System Filter Driver allows an authorized attacker to elevate privileges locally.
CVE-2026-42836
2026-06-09
HIGH
7.0
Concurrent execution using shared resource with improper synchronization ('race condition') in Function Discovery Service (fdwsd.dll) allows an authorized attacker to elevate privileges locally.
CVE-2026-42835
2026-06-09
HIGH
8.1
Improper neutralization of special elements in output used by a downstream component ('injection') in Microsoft Teams for Android allows an authorized attacker to disclose information over a network.
CVE-2026-42829
2026-06-09
HIGH
7.8
Improper access control in Windows Administrator Protection allows an authorized attacker to bypass a security feature locally.
CVE-2026-42828
2026-06-09
HIGH
7.8
Buffer over-read in Windows Projected File System Filter Driver allows an authorized attacker to elevate privileges locally.
CVE-2026-41108
2026-06-09
HIGH
7.0
Heap-based buffer overflow in Microsoft Windows DNS allows an authorized attacker to elevate privileges locally.
CVE-2026-41098
2026-06-09
HIGH
8.4
Improper neutralization of input during web page generation ('cross-site scripting') in Azure Stack Edge allows an authorized attacker to perform spoofing over a network.
« Anterior
Página 118 de 4520
Siguiente »
Page load link
Go to Top