Skip to content
Toggle Navigation
ISO/IEC 27001
Introducción a ISO 27001
Requisitos Normativos
ISO 27001 – GAP Analysis (Tool)
Concientización
Todos el contenido
Ciberseguridad
Introducción a la ciberseguridad
Defensa de sistemas informáticos
Amenazas y tendencias
Eventos de ciberseguridad
Glosario
Vulnerabilidades CVE
Todos el contenido
Desarrollo seguro (SDLC)
Desarrollo de software seguro
Normativa y Leyes
Leyes de protección de datos
Agencias nacionales de ciberseguridad
Noticias
Contacto
Vulnerabilidades CVE
Vulnerabilidades CVE
drmunozcl
2025-06-04T18:44:58-04:00
Vulnerabilidades CVE
A continuación la lista de las últimas vulnerabilidades publicadas por el instituto NIST:
Severidad:
Todas
NONE
LOW
MEDIUM
HIGH
CRITICAL
UNKNOWN
CVE:
Aplicar
Borrar filtros
CVE ID
Publicado
Severidad
CVSS
Descripción
CVE-2025-61431
2025-11-04
MEDIUM
6.1
A reflected cross-site scripted (XSS) vulnerability in the /jsp/gsfr_feditorHTML.jsp endpoint of Zucchetti ZMaintenance Infinity and Infinity Zucchetti v4.1 and earlier allows attackers to execute arbitrary Javascript in the…
CVE-2025-56230
2025-11-04
HIGH
7.5
Tencent Docs Desktop 3.9.20 and earlier suffers from Missing SSL Certificate Validation in the update component.
CVE-2025-54526
2025-11-04
HIGH
7.8
Fuji Electric Monitouch V-SFT-6 is vulnerable to a stack-based buffer overflow while processing a specially crafted project file, which may allow an attacker to execute arbitrary code.
CVE-2025-54496
2025-11-04
HIGH
7.8
A maliciously crafted project file may cause a heap-based buffer overflow in Fuji Electric Monitouch V-SFT-6, which may allow the attacker to execute arbitrary code.
CVE-2025-54335
2025-11-04
MEDIUM
6.5
An issue was discovered in the GPU driver in Samsung Mobile Processor Exynos 1480, 2400, 1580, 2500. There is a use-after-free in the Xclipse GPU Driver.
CVE-2025-54327
2025-11-04
MEDIUM
6.5
An issue was discovered in VTS in Samsung Mobile Processor and Wearable Processor Exynos 1280, 2200, 1380, W920, W930, W1000. Improper input validation in the VTS driver leads…
CVE-2025-52512
2025-11-04
HIGH
7.5
An issue was discovered in Samsung Mobile Processor Exynos 2400, 1580, 2500. A race condition in the HTS driver results in out-of-bounds memory access, leading to a denial…
CVE-2025-49494
2025-11-04
HIGH
7.5
An issue was discovered in Samsung Mobile Processor, Wearable Processor, and Modem. Mishandling of an 5G NRMM packet leads to a Denial of Service.
CVE-2025-27374
2025-11-04
MEDIUM
5.3
An issue was discovered in the Secure Boot component in Samsung Mobile Processor and Wearable Processor Exynos 9820, 9825, 980, 990, 850, 1080, 1280, 2200, 1330, 1380, 1480,…
CVE-2025-20743
2025-11-04
MEDIUM
4.2
In clkdbg, there is a possible escalation of privilege due to use after free. This could lead to local escalation of privilege if a malicious actor has already…
CVE-2025-10875
2025-11-04
MEDIUM
6.5
Improper Neutralization of Input Used for LLM Prompting vulnerability in Salesforce Mulesoft Anypoint Code Builder allows Code Injection.This issue affects Mulesoft Anypoint Code Builder: before 1.11.6.
CVE-2024-56426
2025-11-04
HIGH
7.5
An issue was discovered in Samsung Mobile Processor and Wearable Processor Exynos 980, 990, 850, 1080, 2100, 1280, 2200, 1330, 1380, 1480, 2400, W920, W930, W1000. The lack…
CVE-2025-55155
2025-11-04
MEDIUM
5.4
Mantis Bug Tracker (MantisBT) is an open source issue tracker. In versions 2.27.1 and below, when a user edits their profile to change their e-mail address, the system…
CVE-2025-54334
2025-11-04
HIGH
7.5
An issue was discovered in the NPU driver in Samsung Mobile Processor Exynos 1280, 2200, 1380, 1480, 2400, 1580, 2500. There is a NULL Pointer Dereference of hdev…
CVE-2025-54333
2025-11-04
MEDIUM
5.3
An issue was discovered in NPU in Samsung Mobile Processor Exynos through July 2025. There is an Invalid Pointer Dereference of node in the get_vs4l_profiler_node function.
CVE-2025-54325
2025-11-04
MEDIUM
5.3
An issue was discovered in VTS in Samsung Mobile Processor and Wearable Processor Exynos 1080, 1280, 2200, 1380, 1480, 2400, 1580, 2500, W920, W930, W1000. A race condition…
CVE-2025-54332
2025-11-04
HIGH
7.5
An issue was discovered in NPU in Samsung Mobile Processor Exynos through July 2025. There is a NULL Pointer Dereference of profiler.node in the npu_vertex_profileoff function.
CVE-2025-54331
2025-11-04
MEDIUM
5.3
An issue was discovered in NPU in Samsung Mobile Processor Exynos through July 2025. There is an Untrusted Pointer Dereference of src_hdr in the copy_ncp_header function.
CVE-2025-54323
2025-11-04
HIGH
7.5
An issue was discovered in the camera in Samsung Mobile Processor Exynos 980, 990, 850, 1080, 2100, 1280, 2200, 1330, 1380, 1480, 2400, and 1580. Improper debug printing…
CVE-2025-48884
2025-11-04
N/A
0.0
Galette is a membership management web application for non profit organizations. In versions 1.1.5.2 and below, Galette's Document Type is vulnerable to Cross-site Scripting. This issue is fixed…
CVE-2025-48076
2025-11-04
N/A
0.0
Galette is a membership management web application for non profit organizations. Versions 1.1.5.2 and below allow a user to edit a group name and insert an XSS payload.…
CVE-2025-47776
2025-11-04
N/A
0.0
Mantis Bug Tracker (MantisBT) is an open source issue tracker. Due to incorrect use of loose (==) instead of strict (===) comparison in the authentication code in versions…
CVE-2025-52513
2025-11-04
HIGH
7.5
An issue was discovered in Samsung Mobile Processor Exynos 2400, 1580, 2500. A race condition in the HTS driver results in an out-of-bounds write, leading to a denial…
CVE-2025-43462
2025-11-04
HIGH
7.5
The issue was addressed with improved memory handling. This issue is fixed in watchOS 26.1, iOS 26.1 and iPadOS 26.1, tvOS 26.1, visionOS 26.1. An app may be…
CVE-2025-43454
2025-11-04
HIGH
7.5
This issue was addressed through improved state management. This issue is fixed in iOS 26.1 and iPadOS 26.1. A device may persistently fail to lock.
CVE-2025-32786
2025-11-04
HIGH
7.5
The GLPI Inventory Plugin handles network discovery, inventory, software deployment, and data collection for GLPI agents. Versions 1.5.0 and below are vulnerable to SQL Injection. This issue is…
CVE-2025-20745
2025-11-04
MEDIUM
4.2
In apusys, there is a possible memory corruption due to use after free. This could lead to local escalation of privilege if a malicious actor has already obtained…
CVE-2025-20744
2025-11-04
MEDIUM
4.2
In pda, there is a possible escalation of privilege due to use after free. This could lead to local escalation of privilege if a malicious actor has already…
CVE-2025-43399
2025-11-04
HIGH
7.5
This issue was addressed with improved redaction of sensitive information. This issue is fixed in macOS Sequoia 15.7.2. An app may be able to access protected user data.
CVE-2025-20734
2025-11-04
MEDIUM
5.3
In wlan AP driver, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege if a…
CVE-2025-20732
2025-11-04
MEDIUM
5.3
In wlan AP driver, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege if a…
CVE-2025-20731
2025-11-04
MEDIUM
5.3
In wlan AP driver, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege if a…
CVE-2025-20729
2025-11-04
MEDIUM
4.2
In wlan AP driver, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege if a…
CVE-2025-43458
2025-11-04
MEDIUM
4.3
This issue was addressed through improved state management. This issue is fixed in Safari 26.1, visionOS 26.1, watchOS 26.1, iOS 26.1 and iPadOS 26.1, tvOS 26.1. Processing maliciously…
CVE-2025-43336
2025-11-04
MEDIUM
4.4
A permissions issue was addressed with additional restrictions. This issue is fixed in macOS Sonoma 14.8.2, macOS Sequoia 15.7.2. An app with root privileges may be able to…
CVE-2025-33176
2025-11-04
MEDIUM
6.2
NVIDIA RunAI for all platforms contains a vulnerability where a user could cause an improper restriction of communications channels on an adjacent network. A successful exploit of this…
CVE-2025-23358
2025-11-04
HIGH
8.2
NVIDIA NVApp for Windows contains a vulnerability in the installer, where a local attacker can cause a search path element issue. A successful exploit of this vulnerability might…
CVE-2025-43476
2025-11-04
HIGH
7.8
A permissions issue was addressed with additional restrictions. This issue is fixed in macOS Sonoma 14.8.2, macOS Sequoia 15.7.2. An app may be able to break out of…
CVE-2025-43407
2025-11-04
HIGH
7.8
This issue was addressed with improved entitlements. This issue is fixed in visionOS 26.1, macOS Sonoma 14.8.2, macOS Sequoia 15.7.2, iOS 26.1 and iPadOS 26.1, tvOS 26.1. An…
CVE-2025-43398
2025-11-04
MEDIUM
5.5
The issue was addressed with improved memory handling. This issue is fixed in visionOS 26.1, macOS Sonoma 14.8.2, macOS Sequoia 15.7.2, watchOS 26.1, iOS 26.1 and iPadOS 26.1,…
CVE-2025-43395
2025-11-04
LOW
3.3
This issue was addressed with improved handling of symlinks. This issue is fixed in macOS Sonoma 14.8.2, macOS Sequoia 15.7.2. An app may be able to access protected…
CVE-2025-43335
2025-11-04
MEDIUM
5.5
The issue was addressed by adding additional logic. This issue is fixed in macOS Sonoma 14.8.2, macOS Sequoia 15.7.2. An app may be able to access user-sensitive data.
CVE-2025-12108
2025-11-04
N/A
0.0
The Survision LPR Camera system does not enforce password protection by default. This allows access to the configuration wizard immediately without a login prompt or credentials check.
CVE-2025-43435
2025-11-04
MEDIUM
4.3
The issue was addressed with improved memory handling. This issue is fixed in Safari 26.1, visionOS 26.1, watchOS 26.1, iOS 26.1 and iPadOS 26.1, tvOS 26.1. Processing maliciously…
CVE-2025-43498
2025-11-04
MEDIUM
5.5
An authorization issue was addressed with improved state management. This issue is fixed in iOS 26.1 and iPadOS 26.1, macOS Sequoia 15.7.2, macOS Sonoma 14.8.2, visionOS 26.1. An…
CVE-2025-43436
2025-11-04
HIGH
7.5
A permissions issue was addressed with additional restrictions. This issue is fixed in watchOS 26.1, iOS 26.1 and iPadOS 26.1, tvOS 26.1, visionOS 26.1. An app may be…
CVE-2025-43438
2025-11-04
MEDIUM
4.3
A use-after-free issue was addressed with improved memory management. This issue is fixed in watchOS 26.1, iOS 26.1 and iPadOS 26.1, Safari 26.1, visionOS 26.1. Processing maliciously crafted…
CVE-2025-43348
2025-11-04
MEDIUM
5.5
A logic issue was addressed with improved validation. This issue is fixed in macOS Sonoma 14.8.2, macOS Sequoia 15.7.2. An app may bypass Gatekeeper checks.
CVE-2025-43396
2025-11-04
MEDIUM
5.5
A logic issue was addressed with improved checks. This issue is fixed in macOS Sonoma 14.8.2, macOS Sequoia 15.7.2. A sandboxed app may be able to access sensitive…
CVE-2025-43477
2025-11-04
MEDIUM
5.5
A privacy issue was addressed with improved private data redaction for log entries. This issue is fixed in macOS Sonoma 14.8.2, macOS Sequoia 15.7.2. An app may be…
« Anterior
Página 12 de 3627
Siguiente »
Page load link
Go to Top
