Skip to content
Toggle Navigation
ISO/IEC 27001
Introducción a ISO 27001
Requisitos Normativos
ISO 27001 – GAP Analysis (Tool)
Todos el contenido
Ciberseguridad
Introducción a la ciberseguridad
Defensa de sistemas informáticos
Amenazas y tendencias
Eventos de ciberseguridad
Glosario
Todos los artículos
Vulnerabilidades CVE
Desarrollo seguro (SDLC)
Desarrollo de software seguro
Normativa y Leyes
Leyes de protección de datos
Agencias nacionales de ciberseguridad
Contacto
Vulnerabilidades CVE
Vulnerabilidades CVE
drmunozcl
2025-06-04T18:44:58-04:00
Vulnerabilidades CVE
A continuación la lista de las últimas vulnerabilidades publicadas por el instituto NIST:
Filtrar por severidad:
Todas
NONE
LOW
MEDIUM
HIGH
CRITICAL
UNKNOWN
Filtrar
CVE ID
Publicado
Severidad
CVSS
Descripción
CVE-2025-54313
2025-07-19
HIGH
7.5
eslint-config-prettier 8.10.1, 9.1.1, 10.1.6, and 10.1.7 has embedded malicious code for a supply chain compromise. Installing an affected package executes…
CVE-2025-7834
2025-07-19
MEDIUM
4.3
A vulnerability, which was classified as problematic, was found in PHPGurukul Complaint Management System 2.0. Affected is an unknown function.…
CVE-2025-7833
2025-07-19
HIGH
7.3
A vulnerability, which was classified as critical, has been found in code-projects Church Donation System 1.0. This issue affects some…
CVE-2025-7832
2025-07-19
HIGH
7.3
A vulnerability classified as critical was found in code-projects Church Donation System 1.0. This vulnerability affects unknown code of the…
CVE-2025-7831
2025-07-19
HIGH
7.3
A vulnerability classified as critical has been found in code-projects Church Donation System 1.0. This affects an unknown part of…
CVE-2025-7830
2025-07-19
HIGH
7.3
A vulnerability was found in code-projects Church Donation System 1.0. It has been rated as critical. Affected by this issue…
CVE-2025-7829
2025-07-19
HIGH
7.3
A vulnerability was found in code-projects Church Donation System 1.0. It has been declared as critical. Affected by this vulnerability…
CVE-2025-7824
2025-07-19
HIGH
7.3
A vulnerability was found in Jinher OA 1.1. It has been rated as problematic. This issue affects some unknown processing…
CVE-2025-7823
2025-07-19
HIGH
7.3
A vulnerability was found in Jinher OA 1.2. It has been declared as problematic. This vulnerability affects unknown code of…
CVE-2025-7819
2025-07-19
LOW
2.4
A vulnerability was found in PHPGurukul Apartment Visitors Management System 1.0. It has been classified as problematic. This affects an…
CVE-2025-7818
2025-07-19
LOW
3.5
A vulnerability was found in PHPGurukul Apartment Visitors Management System 1.0 and classified as problematic. Affected by this issue is…
CVE-2025-7817
2025-07-19
LOW
3.5
A vulnerability has been found in PHPGurukul Apartment Visitors Management System 1.0 and classified as problematic. Affected by this vulnerability…
CVE-2025-38351
2025-07-19
N/A
0.0
In the Linux kernel, the following vulnerability has been resolved: KVM: x86/hyper-v: Skip non-canonical addresses during PV TLB flush In…
CVE-2015-10139
2025-07-19
HIGH
8.8
The WPLMS theme for WordPress is vulnerable to Privilege Escalation in versions 1.5.2 to 1.8.4.1 via the 'wp_ajax_import_data' AJAX action.…
CVE-2015-10138
2025-07-19
CRITICAL
9.8
The Work The Flow File Upload plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type…
CVE-2025-7816
2025-07-19
LOW
3.5
A vulnerability, which was classified as problematic, was found in PHPGurukul Apartment Visitors Management System 1.0. Affected is an unknown…
CVE-2025-7815
2025-07-19
LOW
2.4
A vulnerability, which was classified as problematic, has been found in PHPGurukul Apartment Visitors Management System 1.0. This issue affects…
CVE-2016-15043
2025-07-19
CRITICAL
9.8
The WP Mobile Detector plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in…
CVE-2015-10136
2025-07-19
HIGH
7.5
The GI-Media Library plugin for WordPress is vulnerable to Directory Traversal in versions before 3.0 via the 'fileid' parameter. This…
CVE-2015-10135
2025-07-19
CRITICAL
9.8
The WPshop 2 – E-Commerce plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation…
CVE-2015-10134
2025-07-19
HIGH
7.5
The Simple Backup plugin for WordPress is vulnerable to Arbitrary File Download in versions up to, and including, 2.7.10. via…
CVE-2015-10133
2025-07-19
HIGH
7.2
The Subscribe to Comments for WordPress is vulnerable to Local File Inclusion in versions up to, and including, 2.1.2 via…
CVE-2012-10019
2025-07-19
CRITICAL
9.8
The Front End Editor plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation via…
CVE-2025-6997
2025-07-19
MEDIUM
6.4
The ThemeREX Addons plugin for WordPress is vulnerable to Stored Cross-Site Scripting via SVG File uploads in all versions up…
CVE-2025-38350
2025-07-19
N/A
0.0
In the Linux kernel, the following vulnerability has been resolved: net/sched: Always pass notifications when child class becomes empty Certain…
CVE-2025-6721
2025-07-19
MEDIUM
5.3
The Vchasno Kasa plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on…
CVE-2025-6720
2025-07-19
MEDIUM
5.3
The Vchasno Kasa plugin for WordPress is vulnerable to unauthorized loss of data due to a missing capability check on…
CVE-2025-29757
2025-07-19
N/A
0.0
An incorrect authorisation check in the the 'plant transfer' function of the Growatt cloud service allowed a malicous attacker with a…
CVE-2025-7697
2025-07-19
CRITICAL
9.8
The Integration for Google Sheets and Contact Form 7, WPForms, Elementor, Ninja Forms plugin for WordPress is vulnerable to PHP…
CVE-2025-7696
2025-07-19
CRITICAL
9.8
The Integration for Pipedrive and Contact Form 7, WPForms, Elementor, Ninja Forms plugin for WordPress is vulnerable to PHP Object…
CVE-2025-7669
2025-07-19
MEDIUM
6.1
The Avishi WP PayPal Payment Button plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to,…
CVE-2025-7661
2025-07-19
MEDIUM
6.4
The Partnerský systém Martinus plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'martinus' shortcode in all…
CVE-2025-7658
2025-07-19
MEDIUM
6.4
The Temporarily Hidden Content plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'temphc-start' shortcode in all…
CVE-2025-7655
2025-07-19
MEDIUM
6.4
The Live Stream Badger plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'livestream' shortcode in all…
CVE-2025-7653
2025-07-19
MEDIUM
6.4
The EPay.bg Payments plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'epay' shortcode in all versions…
CVE-2025-52924
2025-07-19
MEDIUM
4.0
In One Identity OneLogin before 2025.2.0, the SQL connection "application name" is set based on the value of an untrusted…
CVE-2025-54309
2025-07-18
CRITICAL
9.0
CrushFTP 10 before 10.8.5 and 11 before 11.3.4_23, when the DMZ proxy feature is not used, mishandles AS2 validation and…
CVE-2025-7396
2025-07-18
N/A
0.0
In wolfSSL release 5.8.2 blinding support is turned on by default for Curve25519 in applicable builds. The blinding configure option…
CVE-2025-7395
2025-07-18
N/A
0.0
A certificate verification error in wolfSSL when building with the WOLFSSL_SYS_CA_CERTS and WOLFSSL_APPLE_NATIVE_CERT_VALIDATION options results in the wolfSSL client failing…
CVE-2025-7394
2025-07-18
N/A
0.0
In the OpenSSL compatibility layer implementation, the function RAND_poll() was not behaving as expected and leading to the potential for…
CVE-2025-27210
2025-07-18
HIGH
7.5
An incomplete fix has been identified for CVE-2025-23084 in Node.js, specifically affecting Windows device names like CON, PRN, and AUX.…
CVE-2025-27209
2025-07-18
HIGH
7.5
The V8 release used in Node.js v24.0.0 has changed how string hashes are computed using rapidhash. This implementation re-introduces the…
CVE-2025-7814
2025-07-18
HIGH
7.3
A vulnerability classified as critical was found in code-projects Food Ordering Review System 1.0. This vulnerability affects unknown code of…
CVE-2025-7807
2025-07-18
HIGH
8.8
A vulnerability, which was classified as critical, has been found in Tenda FH451 1.0.0.9. This issue affects the function fromSafeUrlFilter…
CVE-2025-7806
2025-07-18
HIGH
8.8
A vulnerability classified as critical was found in Tenda FH451 1.0.0.9. This vulnerability affects the function fromSafeClientFilter of the file…
CVE-2025-50583
2025-07-18
N/A
0.0
StudentManage v1.0 was discovered to contain a cross-site scripting (XSS) vulnerability via the Add A New Student module.
CVE-2025-50582
2025-07-18
N/A
0.0
StudentManage v1.0 was discovered to contain a cross-site scripting (XSS) vulnerability via the Add A New Course module.
CVE-2025-50581
2025-07-18
N/A
0.0
MRCMS v3.1.2 was discovered to contain a cross-site scripting (XSS) vulnerability via the component /admin/group/save.do.
CVE-2025-7805
2025-07-18
HIGH
8.8
A vulnerability classified as critical has been found in Tenda FH451 1.0.0.9. This affects the function fromPptpUserSetting of the file…
CVE-2025-7803
2025-07-18
LOW
3.5
A vulnerability was found in descreekert wx-discuz up to 12bd4745c63ec203cb32119bf77ead4a923bf277. It has been classified as problematic. This affects the function…
« Anterior
Página 141 de 3468
Siguiente »
Page load link
Go to Top
