Skip to content
Toggle Navigation
ISO/IEC 27001
Introducción a ISO 27001
Requisitos Normativos
ISO 27001 – GAP Analysis (Tool)
Todos el contenido
Ciberseguridad
Introducción a la ciberseguridad
Defensa de sistemas informáticos
Amenazas y tendencias
Eventos de ciberseguridad
Glosario
Todos los artículos
Vulnerabilidades CVE
Desarrollo seguro (SDLC)
Desarrollo de software seguro
Normativa y Leyes
Leyes de protección de datos
Agencias nacionales de ciberseguridad
Contacto
Vulnerabilidades CVE
Vulnerabilidades CVE
drmunozcl
2025-06-04T18:44:58-04:00
Vulnerabilidades CVE
A continuación la lista de las últimas vulnerabilidades publicadas por el instituto NIST:
Filtrar por severidad:
Todas
NONE
LOW
MEDIUM
HIGH
CRITICAL
UNKNOWN
Filtrar
CVE ID
Publicado
Severidad
CVSS
Descripción
CVE-2025-23048
2025-07-10
N/A
0.0
In some mod_ssl configurations on Apache HTTP Server 2.4.35 through to 2.4.63, an access control bypass by trusted clients is…
CVE-2024-47252
2025-07-10
N/A
0.0
Insufficient escaping of user-supplied data in mod_ssl in Apache HTTP Server 2.4.63 and earlier allows an untrusted SSL/TLS client to…
CVE-2024-43394
2025-07-10
N/A
0.0
Server-Side Request Forgery (SSRF) in Apache HTTP Server on Windows allows to potentially leak NTLM hashes to a malicious server via …
CVE-2024-43204
2025-07-10
N/A
0.0
SSRF in Apache HTTP Server with mod_proxy loaded allows an attacker to send outbound proxy requests to a URL controlled…
CVE-2024-42516
2025-07-10
N/A
0.0
HTTP response splitting in the core of Apache HTTP Server allows an attacker who can manipulate the Content-Type response headers…
CVE-2025-6395
2025-07-10
MEDIUM
6.5
A NULL pointer dereference flaw was found in the GnuTLS software in _gnutls_figure_common_ciphersuite(). When it reads certain settings from a…
CVE-2025-7425
2025-07-10
HIGH
7.8
A flaw was found in libxslt where the attribute type, atype, flags are modified in a way that corrupts internal…
CVE-2025-7407
2025-07-10
MEDIUM
6.3
A vulnerability, which was classified as critical, was found in Netgear D6400 1.0.0.114. This affects an unknown part of the…
CVE-2025-53364
2025-07-10
MEDIUM
5.3
Parse Server is an open source backend that can be deployed to any infrastructure that can run Node.js. Starting in…
CVE-2025-46789
2025-07-10
MEDIUM
6.5
Classic buffer overflow in certain Zoom Clients for Windows may allow an authorized user to conduct a denial of service…
CVE-2025-46788
2025-07-10
HIGH
7.4
Improper certificate validation in Zoom Workplace for Linux before version 6.4.13 may allow an unauthorized user to conduct an information…
CVE-2025-6211
2025-07-10
MEDIUM
6.5
A vulnerability in the DocugamiReader class of the run-llama/llama_index repository, up to version 0.12.28, involves the use of MD5 hashing…
CVE-2025-7408
2025-07-10
LOW
3.5
A vulnerability has been found in SourceCodester Zoo Management System 1.0 and classified as problematic. This vulnerability affects unknown code…
CVE-2025-7370
2025-07-10
HIGH
7.5
A flaw was found in libsoup. A NULL pointer dereference vulnerability occurs in libsoup's cookie parsing functionality. When processing a…
CVE-2025-7365
2025-07-10
MEDIUM
5.4
A flaw was found in Keycloak. When an authenticated attacker attempts to merge accounts with another existing account during an…
CVE-2025-6236
2025-07-10
MEDIUM
4.8
The Hostel WordPress plugin before 1.1.5.9 does not sanitise and escape some of its settings, which could allow high privilege…
CVE-2025-46835
2025-07-10
HIGH
8.5
Git GUI allows you to use the Git source control management tools via a GUI. When a user clones an…
CVE-2025-6234
2025-07-10
MEDIUM
6.1
The Hostel WordPress plugin before 1.1.5.8 does not sanitise and escape a parameter before outputting it back in the page,…
CVE-2025-46334
2025-07-10
HIGH
8.6
Git GUI allows you to use the Git source control management tools via a GUI. A malicious repository can ship…
CVE-2025-44251
2025-07-10
N/A
0.0
Ecovacs Deebot T10 1.7.2 transmits Wi-Fi credentials in cleartext during the pairing process.
CVE-2025-38289
2025-07-10
N/A
0.0
In the Linux kernel, the following vulnerability has been resolved: scsi: lpfc: Avoid potential ndlp use-after-free in dev_loss_tmo_callbk Smatch detected…
CVE-2025-38279
2025-07-10
N/A
0.0
In the Linux kernel, the following vulnerability has been resolved: bpf: Do not include stack ptr register in precision backtracking…
CVE-2025-36090
2025-07-10
MEDIUM
4.3
IBM Analytics Content Hub 2.0, 2.1, 2.2, and 2.3 could allow a remote attacker to obtain information about the application…
CVE-2025-27614
2025-07-10
HIGH
8.6
Gitk is a Tcl/Tk based Git history browser. Starting with 2.41.0, a Git repository can be crafted in such a…
CVE-2025-27613
2025-07-10
LOW
3.6
Gitk is a Tcl/Tk based Git history browser. Starting with 1.7.0, when a user clones an untrusted repository and runs…
CVE-2024-39752
2025-07-10
MEDIUM
6.8
IBM Analytics Content Hub 2.0, 2.1, 2.2, and 2.3 could be vulnerable to malicious file upload by not validating the…
CVE-2024-38327
2025-07-10
MEDIUM
6.8
IBM Analytics Content Hub 2.0, 2.1, 2.2, and 2.3 is vulnerable to information exposure and further attacks due to an…
CVE-2024-37524
2025-07-10
MEDIUM
5.3
IBM Analytics Content Hub 2.0, 2.1, 2.2, and 2.3 could allow a remote attacker to obtain sensitive information when a…
CVE-2024-36697
2025-07-10
MEDIUM
6.1
A cross-site scripting (XSS) vulnerability in the Admin Login page of Allworx System Software v9.1.9.12 allows attackers to execute arbitrary…
CVE-2025-7424
2025-07-10
HIGH
7.8
A flaw was found in the libxslt library. The same memory field, psvi, is used for both stylesheet and input…
CVE-2025-5040
2025-07-10
HIGH
7.8
A maliciously crafted RTE file, when parsed through Autodesk Revit, can force a Heap-Based Overflow vulnerability. A malicious actor can…
CVE-2025-5037
2025-07-10
HIGH
7.8
A maliciously crafted RFA file, when parsed through Autodesk Revit, can force a Memory Corruption vulnerability. A malicious actor can…
CVE-2025-32990
2025-07-10
MEDIUM
6.5
A heap-buffer-overflow (off-by-one) flaw was found in the GnuTLS software in the template parsing logic within the certtool utility. When…
CVE-2024-7650
2025-07-10
N/A
0.0
Improper Control of Generation of Code ('Code Injection') vulnerability in OpenText™ Directory Services allows Remote Code Inclusion. The vulnerability could…
CVE-2025-6948
2025-07-10
HIGH
8.7
An issue has been discovered in GitLab CE/EE affecting all versions from 17.11 before 17.11.6, 18.0 before 18.0.4, and 18.1…
CVE-2025-6168
2025-07-10
LOW
2.7
An issue has been discovered in GitLab EE affecting all versions from 18.0 before 18.0.4 and 18.1 before 18.1.2 that…
CVE-2025-5023
2025-07-10
HIGH
7.1
Use of Hard-coded Credentials vulnerability in Mitsubishi Electric Corporation photovoltaic system monitor “EcoGuideTAB” PV-DR004J all versions and PV-DR004JA all versions…
CVE-2025-5022
2025-07-10
MEDIUM
6.5
Weak Password Requirements vulnerability in Mitsubishi Electric Corporation photovoltaic system monitor “EcoGuideTAB” PV-DR004J all versions and PV-DR004JA all versions allows…
CVE-2025-4972
2025-07-10
LOW
2.7
An issue has been discovered in GitLab EE affecting all versions from 18.0 before 18.0.4 and 18.1 before 18.1.2 that…
CVE-2025-3396
2025-07-10
MEDIUM
4.3
An issue has been discovered in GitLab EE affecting all versions from 13.3 before 17.11.6, 18.0 before 18.0.4, and 18.1…
CVE-2025-38348
2025-07-10
N/A
0.0
In the Linux kernel, the following vulnerability has been resolved: wifi: p54: prevent buffer-overflow in p54_rx_eeprom_readback() Robert Morris reported: |If…
CVE-2025-38347
2025-07-10
N/A
0.0
In the Linux kernel, the following vulnerability has been resolved: f2fs: fix to do sanity check on ino and xnid…
CVE-2025-38346
2025-07-10
N/A
0.0
In the Linux kernel, the following vulnerability has been resolved: ftrace: Fix UAF when lookup kallsym after ftrace disabled The…
CVE-2025-38345
2025-07-10
N/A
0.0
In the Linux kernel, the following vulnerability has been resolved: ACPICA: fix acpi operand cache leak in dswstate.c ACPICA commit…
CVE-2025-38344
2025-07-10
N/A
0.0
In the Linux kernel, the following vulnerability has been resolved: ACPICA: fix acpi parse and parseext cache leaks ACPICA commit…
CVE-2025-38343
2025-07-10
N/A
0.0
In the Linux kernel, the following vulnerability has been resolved: wifi: mt76: mt7996: drop fragments with multicast or broadcast RA…
CVE-2025-38342
2025-07-10
N/A
0.0
In the Linux kernel, the following vulnerability has been resolved: software node: Correct a OOB check in software_node_get_reference_args() software_node_get_reference_args() wants…
CVE-2025-38341
2025-07-10
N/A
0.0
In the Linux kernel, the following vulnerability has been resolved: eth: fbnic: avoid double free when failing to DMA-map FW…
CVE-2025-38340
2025-07-10
N/A
0.0
In the Linux kernel, the following vulnerability has been resolved: firmware: cs_dsp: Fix OOB memory read access in KUnit test…
CVE-2025-38339
2025-07-10
N/A
0.0
In the Linux kernel, the following vulnerability has been resolved: powerpc/bpf: fix JIT code size calculation of bpf trampoline arch_bpf_trampoline_size()…
« Anterior
Página 162 de 3469
Siguiente »
Page load link
Go to Top
