Vulnerabilidades CVE

A continuación la lista de las últimas vulnerabilidades publicadas por el instituto NIST:

Borrar filtros
CVE ID Publicado Severidad CVSS Descripción
CVE-2025-20018 2025-05-13 HIGH 8.4 Untrusted pointer dereference for some Intel(R) Graphics Drivers may allow an authenticated user to potentially enable escalation of privilege via local access.
CVE-2025-20015 2025-05-13 MEDIUM 6.7 Uncontrolled search path element for some Intel(R) Ethernet Connection software before version 29.4 may allow an authenticated user to potentially enable escalation of privilege via local access.
CVE-2025-20013 2025-05-13 MEDIUM 5.5 Exposure of sensitive information to an unauthorized actor for some Edge Orchestrator software for Intel(R) Tiber™ Edge Platform may allow an authenticated user to potentially enable information disclosure…
CVE-2025-20012 2025-05-13 MEDIUM 4.9 Incorrect behavior order for some Intel(R) Core™ Ultra Processors may allow an unauthenticated user to potentially enable information disclosure via physical access.
CVE-2025-20009 2025-05-13 MEDIUM 4.1 Improper input validation in the UEFI firmware GenerationSetup module for the Intel(R) Server D50DNP and M50FCP boards may allow a privileged user to potentially enable information disclosure via…
CVE-2025-20008 2025-05-13 HIGH 7.7 Insecure inherited permissions for some Intel(R) Simics(R) Package Manager software before version 1.12.0 may allow a privileged user to potentially enable escalation of privilege via local access.
CVE-2025-20006 2025-05-13 HIGH 7.4 Use after free for some Intel(R) PROSet/Wireless WiFi Software for Windows before version 23.100 may allow an unauthenticated user to potentially enable denial of service via adjacent access.
CVE-2025-20004 2025-05-13 HIGH 7.2 Insufficient control flow management in the Alias Checking Trusted Module for some Intel(R) Xeon(R) 6 processor E-Cores firmware may allow a privileged user to potentially enable escalation of…
CVE-2025-20003 2025-05-13 HIGH 8.2 Improper link resolution before file access ('Link Following') for some Intel(R) Graphics Driver software installers may allow an authenticated user to potentially enable escalation of privilege via local…
CVE-2024-48869 2025-05-13 MEDIUM 6.1 Improper restriction of software interfaces to hardware features for some Intel(R) Xeon(R) 6 processor with E-cores when using Intel(R) Trust Domain Extensions (Intel(R) TDX) or Intel(R) Software Guard…
CVE-2024-47800 2025-05-13 MEDIUM 6.7 Uncontrolled search path for some Intel(R) Graphics Driver software may allow an authenticated user to potentially enable escalation of privilege via local access.
CVE-2024-47795 2025-05-13 MEDIUM 6.7 Uncontrolled search path for some Intel(R) oneAPI DPC++/C++ Compiler software before version 2025.0.0 may allow an authenticated user to potentially enable escalation of privilege via local access.
CVE-2024-47550 2025-05-13 MEDIUM 6.7 Incorrect default permissions for some Endurance Gaming Mode software installers may allow an authenticated user to potentially enable escalation of privilege via local access.
CVE-2024-46895 2025-05-13 MEDIUM 6.7 Uncontrolled search path for some Intel(R) Arc™ & Iris(R) Xe graphics software before version 32.0.101.6083/32.0.101.5736 may allow an authenticated user to potentially enable escalation of privilege via local…
CVE-2024-45371 2025-05-13 MEDIUM 6.7 Improper access control for some Intel(R) Arc™ & Iris(R) Xe graphics software before version 32.0.101.6077 may allow an authenticated user to potentially enable denial of service via local…
CVE-2024-45333 2025-05-13 HIGH 7.3 Improper access control for some Intel(R) Data Center GPU Flex Series for Windows driver before version 31.0.101.4314 may allow an authenticated user to potentially enable denial of service…
CVE-2024-45332 2025-05-13 MEDIUM 5.6 Exposure of sensitive information caused by shared microarchitectural predictor state that influences transient execution in the indirect branch predictors for some Intel(R) Processors may allow an authenticated user…
CVE-2024-43420 2025-05-13 MEDIUM 5.6 Exposure of sensitive information caused by shared microarchitectural predictor state that influences transient execution for some Intel Atom(R) processors may allow an authenticated user to potentially enable information…
CVE-2024-43101 2025-05-13 MEDIUM 5.3 Improper access control for some Intel(R) Data Center GPU Flex Series for Windows driver software before version 31.0.101.4255 may allow an authenticated user to potentially enable denial of…
CVE-2024-39833 2025-05-13 MEDIUM 6.7 Uncontrolled search path for some Intel(R) QAT software before version 2.3.0 may allow an authenticated user to potentially enable escalation of privilege via local access.
CVE-2024-39758 2025-05-13 MEDIUM 5.9 Improper access control for some Intel(R) Arc™ & Iris(R) Xe graphics software before version 31.0.101.4032 may allow an authenticated user to potentially enable denial of service via local…
CVE-2024-36292 2025-05-13 HIGH 7.3 Improper buffer restrictions for some Intel(R) Data Center GPU Flex Series for Windows driver before version 31.0.101.4314 may allow an authenticated user to potentially enable denial of service…
CVE-2024-31150 2025-05-13 LOW 3.8 Out-of-bounds read for some Intel(R) Graphics Driver software may allow an authenticated user to potentially enable information disclosure via local access.
CVE-2024-31073 2025-05-13 MEDIUM 6.7 Uncontrolled search path for some Intel(R) oneAPI Level Zero software may allow an authenticated user to potentially enable escalation of privilege via local access.
CVE-2024-29222 2025-05-13 MEDIUM 6.1 Out-of-bounds write for some Intel(R) Graphics Driver software may allow an authenticated user to potentially enable denial of service via local access.
CVE-2024-28956 2025-05-13 MEDIUM 5.6 Exposure of Sensitive Information in Shared Microarchitectural Structures during Transient Execution for some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access.
CVE-2024-28954 2025-05-13 MEDIUM 6.7 Incorrect default permissions for some Intel(R) Graphics Driver installers may allow an authenticated user to potentially enable escalation of privilege via local access.
CVE-2024-28036 2025-05-13 MEDIUM 5.6 Improper conditions check for some Intel(R) Arc™ GPU may allow an authenticated user to potentially enable denial of service via local access.
CVE-2025-46400 2025-04-23 MEDIUM 4.7 In xfig diagramming tool, a segmentation fault while running fig2dev allows an attacker to availability via local input manipulation via read_arcobject function.
CVE-2025-46399 2025-04-23 MEDIUM 4.7 In xfig diagramming tool, a segmentation fault in fig2dev allows memory corruption via local input manipulation at genge_itp_spline function.
CVE-2025-46398 2025-04-23 MEDIUM 4.7 In xfig diagramming tool, a stack-overflow while running fig2dev allows memory corruption via local input manipulation via read_objects function.
CVE-2025-46397 2025-04-23 MEDIUM 4.7 In xfig diagramming tool, a stack-overflow while running fig2dev allows memory corruption via local input manipulation at the bezier_spline function.
CVE-2025-32922 2025-05-15 HIGH 7.1 Cross-Site Request Forgery (CSRF) vulnerability in Tobias WP2LEADS allows Stored XSS.This issue affects WP2LEADS: from n/a through 3.5.0.
CVE-2025-30476 2025-05-15 MEDIUM 5.3 Dell PowerScale InsightIQ, version 5.2, contains an uncontrolled resource consumption vulnerability. An unauthenticated attacker with remote access could potentially exploit this vulnerability, leading to denial of service.
CVE-2025-30475 2025-05-15 HIGH 8.1 Dell PowerScale InsightIQ, versions 5.0 through 5.2, contains an improper privilege management vulnerability. An unauthenticated attacker with remote access could potentially exploit this vulnerability, leading to elevation of…
CVE-2025-26481 2025-05-15 HIGH 7.5 Dell PowerScale OneFS, versions 9.4.0.0 through 9.9.0.0, contains an uncontrolled resource consumption vulnerability. A remote unprivileged attacker could potentially exploit this vulnerability, leading to denial of service.
CVE-2024-56006 2025-05-15 MEDIUM 5.3 Missing Authorization vulnerability in Automattic Jetpack Debug Tools.This issue affects Jetpack Debug Tools: from n/a before 2.0.1.
CVE-2024-51666 2025-05-15 MEDIUM 4.3 Missing Authorization vulnerability in Automattic Tours.This issue affects Tours: from n/a through 1.0.0.
CVE-2025-47774 2025-05-15 N/A 0.0 Vyper is the Pythonic Programming Language for the Ethereum Virtual Machine. In versions up to and including 0.4.2rc1, the `slice()` builtin can elide side effects when the output…
CVE-2025-47285 2025-05-15 N/A 0.0 Vyper is the Pythonic Programming Language for the Ethereum Virtual Machine. In versions up to and including 0.4.2rc1, `concat()` may skip evaluation of side effects when the length…
CVE-2025-47279 2025-05-15 LOW 3.1 Undici is an HTTP/1.1 client for Node.js. Prior to versions 5.29.0, 6.21.2, and 7.5.0, applications that use undici to implement a webhook-like system are vulnerable. If the attacker…
CVE-2025-44110 2025-05-15 MEDIUM 5.4 FluxBB 1.5.11 is vulnerable to Cross Site Scripting (XSS) in via the Forum Description Field in admin_forums.php.
CVE-2025-43853 2025-05-15 N/A 0.0 The WebAssembly Micro Runtime's (WAMR) iwasm package is the executable binary built with WAMR VMcore which supports WebAssembly System Interface (WASI) and command line interface. Anyone running WAMR…
CVE-2025-47580 2025-05-15 MEDIUM 5.4 Missing Authorization vulnerability in Rustaurius Front End Users allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Front End Users: from n/a through 3.2.32.
CVE-2025-48051 2025-05-15 MEDIUM 4.7 powertip.ts in Lila (for Lichess) before ab0beaf allows XSS in some applications because of an innerHTML usage pattern in which text is extracted from a DOM node and…
CVE-2025-3440 2025-05-15 MEDIUM 5.5 IBM Security Guardium 11.5 is vulnerable to stored cross-site scripting. This vulnerability allows a privileged user to embed arbitrary JavaScript code in the Web UI thus altering the…
CVE-2025-2570 2025-05-15 LOW 2.7 Mattermost versions 10.5.x
CVE-2025-2527 2025-05-15 MEDIUM 4.3 Mattermost versions 10.5.x
CVE-2025-4701 2025-05-15 MEDIUM 5.3 A vulnerability, which was classified as problematic, has been found in VITA-MLLM Freeze-Omni up to 20250421. This issue affects the function torch.load of the file models/utils.py. The manipulation…
CVE-2025-46052 2025-05-15 CRITICAL 9.8 An error-based SQL Injection (SQLi) vulnerability in WebERP v4.15.2 allows attackers to execute arbitrary SQL command and extract sensitive data by injecting a crafted payload into the DEL…
« Anterior Página 1216 de 4310 Siguiente »