Skip to content
Toggle Navigation
ISO/IEC 27001
Introducción a ISO 27001
Requisitos Normativos
ISO 27001 – GAP Analysis (Tool)
Todos el contenido
Ciberseguridad
Introducción a la ciberseguridad
Defensa de sistemas informáticos
Amenazas y tendencias
Eventos de ciberseguridad
Glosario
Todos los artículos
Vulnerabilidades CVE
Desarrollo seguro (SDLC)
Desarrollo de software seguro
Normativa y Leyes
Leyes de protección de datos
Agencias nacionales de ciberseguridad
Contacto
Vulnerabilidades CVE
Vulnerabilidades CVE
drmunozcl
2025-06-04T18:44:58-04:00
Vulnerabilidades CVE
A continuación la lista de las últimas vulnerabilidades publicadas por el instituto NIST:
Filtrar por severidad:
Todas
NONE
LOW
MEDIUM
HIGH
CRITICAL
UNKNOWN
Filtrar
CVE ID
Publicado
Severidad
CVSS
Descripción
CVE-2025-53872
2025-07-12
N/A
0.0
Rejected reason: Not used
CVE-2025-53871
2025-07-12
N/A
0.0
Rejected reason: Not used
CVE-2025-5199
2025-07-12
HIGH
7.3
In Canonical Multipass up to and including version 1.15.1 on macOS, incorrect default permissions allow a local attacker to escalate…
CVE-2025-7460
2025-07-11
HIGH
8.8
A vulnerability has been found in TOTOLINK T6 4.1.5cu.748_B20211015 and classified as critical. Affected by this vulnerability is the function…
CVE-2025-53636
2025-07-11
MEDIUM
5.4
Open OnDemand is an open-source HPC portal. Users can flood logs by interacting with the shell app and generating many…
CVE-2025-7459
2025-07-11
HIGH
7.3
A vulnerability classified as critical was found in code-projects Mobile Shop 1.0. This vulnerability affects unknown code of the file…
CVE-2025-7457
2025-07-11
HIGH
7.3
A vulnerability, which was classified as critical, was found in Campcodes Online Movie Theater Seat Reservation System 1.0. This affects…
CVE-2025-7456
2025-07-11
HIGH
7.3
A vulnerability, which was classified as critical, has been found in Campcodes Online Movie Theater Seat Reservation System 1.0. Affected…
CVE-2025-7455
2025-07-11
HIGH
7.3
A vulnerability classified as critical was found in Campcodes Online Movie Theater Seat Reservation System 1.0. Affected by this vulnerability…
CVE-2025-30403
2025-07-11
HIGH
8.1
A heap-buffer-overflow vulnerability is possible in mvfst via a specially crafted message during a QUIC session. This issue affects mvfst…
CVE-2025-52089
2025-07-11
MEDIUM
5.4
A hidden remote support feature protected by a static secret in TOTOLINK N300RB firmware version 8.54 allows an authenticated attacker…
CVE-2025-48924
2025-07-11
MEDIUM
6.5
Uncontrolled Recursion vulnerability in Apache Commons Lang. This issue affects Apache Commons Lang: Starting with commons-lang:commons-lang 2.0 to 2.6, and, from org.apache.commons:commons-lang3…
CVE-2025-7503
2025-07-11
N/A
0.0
An OEM IP camera manufactured by Shenzhen Liandian Communication Technology LTD exposes a Telnet service (port 23) with undocumented, default…
CVE-2025-7454
2025-07-11
HIGH
7.3
A vulnerability classified as critical has been found in Campcodes Online Movie Theater Seat Reservation System 1.0. Affected is an…
CVE-2025-7453
2025-07-11
LOW
3.7
A vulnerability was found in saltbo zpan up to 1.6.5/1.7.0-beta2. It has been rated as problematic. This issue affects the…
CVE-2025-3631
2025-07-11
MEDIUM
6.5
An IBM MQ 9.3 and 9.4 Client connecting to an MQ Queue Manager can cause a SIGSEGV in the AMQRMPPA…
CVE-2025-30402
2025-07-11
HIGH
8.1
A heap-buffer-overflow vulnerability in the loading of ExecuTorch methods can cause the runtime to crash and potentially result in code…
CVE-2013-3307
2025-07-11
HIGH
8.3
Linksys E1000 devices through 2.1.02, E1200 devices before 2.0.05, and E3200 devices through 1.0.04 allow OS command injection via shell…
CVE-2025-7452
2025-07-11
MEDIUM
6.3
A vulnerability was found in kone-net go-chat up to f9e58d0afa9bbdb31faf25e7739da330692c4c63. It has been declared as critical. This vulnerability affects the…
CVE-2025-53642
2025-07-11
MEDIUM
4.8
haxcms-nodejs and haxcms-php are backends for HAXcms. The logout function within the application does not terminate a user's session or…
CVE-2025-53641
2025-07-11
HIGH
8.2
Postiz is an AI social media scheduling tool. From 1.45.1 to 1.62.3, the Postiz frontend application allows an attacker to…
CVE-2025-45582
2025-07-11
MEDIUM
4.1
GNU Tar through 1.35 allows file overwrite via directory traversal in crafted TAR archives, with a certain two-step process. First,…
CVE-2025-53519
2025-07-11
MEDIUM
5.4
A vulnerability exists in Advantech iView versions prior to 5.7.05 build 7057, which could allow a reflected cross-site scripting (XSS)…
CVE-2025-41442
2025-07-11
MEDIUM
5.4
A vulnerability exists in Advantech iView versions prior to 5.7.05 build 7057, which could allow a reflected cross-site scripting (XSS)…
CVE-2025-45662
2025-07-10
MEDIUM
6.1
A cross-site scripting (XSS) vulnerability in the component /master/login.php of mpgram-web commit 94baadb allows attackers to execute arbitrary Javascript in…
CVE-2025-28245
2025-07-10
MEDIUM
6.1
Cross-site scripting (XSS) vulnerability in Alteryx Server 2023.1.1.460 allows remote attackers to inject arbitrary web script or HTML via the…
CVE-2025-7450
2025-07-11
MEDIUM
5.4
A vulnerability was found in letseeqiji gorobbs up to 1.0.8. It has been classified as critical. This affects the function…
CVE-2025-47964
2025-07-11
MEDIUM
5.4
Microsoft Edge (Chromium-based) Spoofing Vulnerability
CVE-2025-47963
2025-07-11
MEDIUM
6.3
No cwe for this issue in Microsoft Edge (Chromium-based) allows an unauthorized attacker to perform spoofing over a network.
CVE-2025-47182
2025-07-11
MEDIUM
5.6
Improper input validation in Microsoft Edge (Chromium-based) allows an authorized attacker to bypass a security feature locally.
CVE-2025-43856
2025-07-11
N/A
0.0
immich is a high performance self-hosted photo and video management solution. Prior to 1.132.0, immich is vulnerable to account hijacking…
CVE-2024-47065
2025-07-11
N/A
0.0
Meshtastic is an open source mesh networking solution. Prior to 2.5.1, traceroute responses from the remote node are not rate…
CVE-2025-7029
2025-07-11
N/A
0.0
A vulnerability in the Software SMI handler (SwSmiInputValue 0xB2) allows a local attacker to control the RBX register, which is…
CVE-2025-7028
2025-07-11
N/A
0.0
A vulnerability in the Software SMI handler (SwSmiInputValue 0x20) allows a local attacker to supply a crafted pointer (FuncBlock) through…
CVE-2025-7027
2025-07-11
N/A
0.0
A vulnerability in the Software SMI handler (SwSmiInputValue 0xB2) allows a local attacker to control both the read and write…
CVE-2025-7026
2025-07-11
HIGH
8.2
A vulnerability in the Software SMI handler (SwSmiInputValue 0xB2) allows a local attacker to control the RBX register, which is…
CVE-2025-6549
2025-07-11
MEDIUM
6.5
An Incorrect Authorization vulnerability in the web server of Juniper Networks Junos OS on SRX Series allows an unauthenticated, network-based…
CVE-2025-52989
2025-07-11
MEDIUM
5.1
An Improper Neutralization of Delimiters vulnerability in the UI of Juniper Networks Junos OS and Junos OS Evolved allows a…
CVE-2025-52988
2025-07-11
MEDIUM
6.7
An Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability in the CLI of Juniper…
CVE-2025-52986
2025-07-11
MEDIUM
5.5
A Missing Release of Memory after Effective Lifetime vulnerability in the routing protocol daemon (rpd) of Juniper Networks Junos OS…
CVE-2025-52985
2025-07-11
MEDIUM
5.3
A Use of Incorrect Operator vulnerability in the Routing Engine firewall of Juniper Networks Junos OS Evolved allows an unauthenticated,…
CVE-2025-52984
2025-07-11
MEDIUM
5.9
A NULL Pointer Dereference vulnerability in the routing protocol daemon (rpd) of Juniper Networks Junos OS and Junos OS Evolved…
CVE-2025-52983
2025-07-11
HIGH
7.2
A UI Discrepancy for Security Feature vulnerability in the UI of Juniper Networks Junos OS on VM Host systems allows…
CVE-2025-52982
2025-07-11
MEDIUM
5.9
An Improper Resource Shutdown or Release vulnerability in the SIP ALG of Juniper Networks Junos OS on MX Series with…
CVE-2025-52981
2025-07-11
HIGH
7.5
An Improper Check for Unusual or Exceptional Conditions vulnerability in the flow processing daemon (flowd) of Juniper Networks Junos OS…
CVE-2025-52980
2025-07-11
HIGH
7.5
A Use of Incorrect Byte Ordering vulnerability in the Routing Protocol Daemon (rpd) of Juniper Networks Junos OS on SRX300…
CVE-2025-52994
2025-07-11
MEDIUM
4.9
gif_outputAsJpeg in phpThumb through 1.7.23 allows phpthumb.gif.php OS Command Injection via a crafted parameter value. This is fixed in 1.7.23-202506081709.
CVE-2025-6200
2025-07-11
MEDIUM
5.9
The GeoDirectory WordPress plugin before 2.8.120 does not validate and escape some of its shortcode attributes before outputting them back…
CVE-2025-52964
2025-07-11
MEDIUM
6.5
A Reachable Assertion vulnerability in the Routing Protocol Daemon (rpd) of Juniper Networks Junos OS and Junos OS Evolved allows…
CVE-2025-52963
2025-07-11
MEDIUM
5.5
An Improper Access Control vulnerability in the User Interface (UI) of Juniper Networks Junos OS allows a local, low-privileged attacker…
« Anterior
Página 158 de 3469
Siguiente »
Page load link
Go to Top
