Skip to content
Toggle Navigation
ISO/IEC 27001
Introducción a ISO 27001
Requisitos Normativos
ISO 27001 – GAP Analysis (Tool)
Todos el contenido
Ciberseguridad
Introducción a la ciberseguridad
Defensa de sistemas informáticos
Amenazas y tendencias
Eventos de ciberseguridad
Glosario
Todos los artículos
Vulnerabilidades CVE
Desarrollo seguro (SDLC)
Desarrollo de software seguro
Normativa y Leyes
Leyes de protección de datos
Agencias nacionales de ciberseguridad
Contacto
Vulnerabilidades CVE
Vulnerabilidades CVE
drmunozcl
2025-06-04T18:44:58-04:00
Vulnerabilidades CVE
A continuación la lista de las últimas vulnerabilidades publicadas por el instituto NIST:
Filtrar por severidad:
Todas
NONE
LOW
MEDIUM
HIGH
CRITICAL
UNKNOWN
Filtrar
CVE ID
Publicado
Severidad
CVSS
Descripción
CVE-2025-38293
2025-07-10
N/A
0.0
In the Linux kernel, the following vulnerability has been resolved: wifi: ath11k: fix node corruption in ar->arvifs list In current…
CVE-2025-38292
2025-07-10
N/A
0.0
In the Linux kernel, the following vulnerability has been resolved: wifi: ath12k: fix invalid access to memory In ath12k_dp_rx_msdu_coalesce(), rxcb…
CVE-2025-38291
2025-07-10
N/A
0.0
In the Linux kernel, the following vulnerability has been resolved: wifi: ath12k: Prevent sending WMI commands to firmware during firmware…
CVE-2025-38290
2025-07-10
N/A
0.0
In the Linux kernel, the following vulnerability has been resolved: wifi: ath12k: fix node corruption in ar->arvifs list In current…
CVE-2025-38288
2025-07-10
N/A
0.0
In the Linux kernel, the following vulnerability has been resolved: scsi: smartpqi: Fix smp_processor_id() call trace for preemptible kernels Correct…
CVE-2025-38287
2025-07-10
N/A
0.0
In the Linux kernel, the following vulnerability has been resolved: IB/cm: Drop lockdep assert and WARN when freeing old msg…
CVE-2025-38286
2025-07-10
N/A
0.0
In the Linux kernel, the following vulnerability has been resolved: pinctrl: at91: Fix possible out-of-boundary access at91_gpio_probe() doesn't check that…
CVE-2025-38285
2025-07-10
N/A
0.0
In the Linux kernel, the following vulnerability has been resolved: bpf: Fix WARN() in get_bpf_raw_tp_regs syzkaller reported an issue: WARNING:…
CVE-2025-38284
2025-07-10
N/A
0.0
In the Linux kernel, the following vulnerability has been resolved: wifi: rtw89: pci: configure manual DAC mode via PCI config…
CVE-2025-38283
2025-07-10
N/A
0.0
In the Linux kernel, the following vulnerability has been resolved: hisi_acc_vfio_pci: bugfix live migration function without VF device driver If…
CVE-2025-38282
2025-07-10
N/A
0.0
In the Linux kernel, the following vulnerability has been resolved: kernfs: Relax constraint in draining guard The active reference lifecycle…
CVE-2025-38281
2025-07-10
N/A
0.0
In the Linux kernel, the following vulnerability has been resolved: wifi: mt76: mt7996: Add NULL check in mt7996_thermal_init devm_kasprintf() can…
CVE-2025-38280
2025-07-10
N/A
0.0
In the Linux kernel, the following vulnerability has been resolved: bpf: Avoid __bpf_prog_ret0_warn when jit fails syzkaller reported an issue:…
CVE-2025-38278
2025-07-10
N/A
0.0
In the Linux kernel, the following vulnerability has been resolved: octeontx2-pf: QOS: Refactor TC_HTB_LEAF_DEL_LAST callback This patch addresses below issues,…
CVE-2025-38277
2025-07-10
N/A
0.0
In the Linux kernel, the following vulnerability has been resolved: mtd: nand: ecc-mxic: Fix use of uninitialized variable ret If…
CVE-2025-38276
2025-07-10
N/A
0.0
In the Linux kernel, the following vulnerability has been resolved: fs/dax: Fix "don't skip locked entries when scanning entries" Commit…
CVE-2025-38275
2025-07-10
N/A
0.0
In the Linux kernel, the following vulnerability has been resolved: phy: qcom-qmp-usb: Fix an NULL vs IS_ERR() bug The qmp_usb_iomap()…
CVE-2025-38274
2025-07-10
N/A
0.0
In the Linux kernel, the following vulnerability has been resolved: fpga: fix potential null pointer deref in fpga_mgr_test_img_load_sgt() fpga_mgr_test_img_load_sgt() allocates…
CVE-2025-38273
2025-07-10
N/A
0.0
In the Linux kernel, the following vulnerability has been resolved: net: tipc: fix refcount warning in tipc_aead_encrypt syzbot reported a…
CVE-2025-38272
2025-07-10
N/A
0.0
In the Linux kernel, the following vulnerability has been resolved: net: dsa: b53: do not enable EEE on bcm63xx BCM63xx…
CVE-2025-38271
2025-07-10
N/A
0.0
In the Linux kernel, the following vulnerability has been resolved: net: prevent a NULL deref in rtnl_create_link() At the time…
CVE-2025-38270
2025-07-10
N/A
0.0
In the Linux kernel, the following vulnerability has been resolved: net: drv: netdevsim: don't napi_complete() from netpoll netdevsim supports netpoll.…
CVE-2025-38269
2025-07-10
N/A
0.0
In the Linux kernel, the following vulnerability has been resolved: btrfs: exit after state insertion failure at btrfs_convert_extent_bit() If insert_state()…
CVE-2025-38268
2025-07-10
N/A
0.0
In the Linux kernel, the following vulnerability has been resolved: usb: typec: tcpm: move tcpm_queue_vdm_unlocked to asynchronous work A state…
CVE-2025-38267
2025-07-10
N/A
0.0
In the Linux kernel, the following vulnerability has been resolved: ring-buffer: Do not trigger WARN_ON() due to a commit_overrun When…
CVE-2025-38266
2025-07-10
N/A
0.0
In the Linux kernel, the following vulnerability has been resolved: pinctrl: mediatek: eint: Fix invalid pointer dereference for v1 platforms…
CVE-2025-38265
2025-07-10
N/A
0.0
In the Linux kernel, the following vulnerability has been resolved: serial: jsm: fix NPE during jsm_uart_port_init No device was set…
CVE-2025-32989
2025-07-10
MEDIUM
5.3
A heap-buffer-overread vulnerability was found in GnuTLS in how it handles the Certificate Transparency (CT) Signed Certificate Timestamp (SCT) extension…
CVE-2025-32988
2025-07-10
MEDIUM
6.5
A flaw was found in GnuTLS. A double-free vulnerability exists in GnuTLS due to incorrect ownership handling in the export…
CVE-2025-7387
2025-07-10
MEDIUM
5.5
The Lana Downloads Manager plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the endpoint parameters in versions up…
CVE-2023-50458
2025-07-10
LOW
3.5
In Dradis before 4.11.0, the Output Console shows a job queue that may contain information about other users' jobs.
CVE-2025-46406
2025-07-10
MEDIUM
5.6
A Privilege Context Switching Error (CWE-270) in the Command Center Server could allow a privileged Operator with high level access…
CVE-2025-44003
2025-07-10
MEDIUM
4.3
Missing Release of Resource after Effective Lifetime (CWE-772) in the Gallagher T-Series Reader allows an attacker with physical access to…
CVE-2025-35983
2025-07-10
MEDIUM
6.5
Improper Certificate Validation (CWE-295) in the Controller 7000 OneLink implementation could allow an unprivileged attacker to perform a limited denial…
CVE-2025-5807
2025-07-10
MEDIUM
6.1
The Gwolle Guestbook plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘gwolle_gb_content’ parameter in all versions up…
CVE-2025-4406
2025-07-10
MEDIUM
5.4
The wpForo Forum plugin for WordPress is vulnerable to Stored Cross-Site Scripting via SVG File uploads in all versions up…
CVE-2025-6976
2025-07-09
MEDIUM
6.4
The Events Manager – Calendar, Bookings, Tickets, and more! plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the…
CVE-2025-6975
2025-07-09
MEDIUM
6.1
The Events Manager – Calendar, Bookings, Tickets, and more! plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the…
CVE-2025-6970
2025-07-09
HIGH
7.5
The Events Manager – Calendar, Bookings, Tickets, and more! plugin for WordPress is vulnerable to time-based SQL Injection via the…
CVE-2025-0141
2025-07-09
N/A
0.0
An incorrect privilege assignment vulnerability in the Palo Alto Networks GlobalProtect™ App on enables a locally authenticated non administrative user…
CVE-2025-0140
2025-07-09
N/A
0.0
An incorrect privilege assignment vulnerability in the Palo Alto Networks GlobalProtect™ App on macOS and Linux devices enables a locally…
CVE-2025-0139
2025-07-09
N/A
0.0
An incorrect privilege assignment vulnerability in Palo Alto Networks Autonomous Digital Experience Manager allows a locally authenticated low privileged user…
CVE-2025-6377
2025-07-09
N/A
0.0
A remote code execution security issue exists in the Rockwell Automation Arena®. A crafted DOE file can force Arena Simulation to write…
CVE-2025-6376
2025-07-09
N/A
0.0
A remote code execution security issue exists in the Rockwell Automation Arena®. A crafted DOE file can force Arena Simulation to write…
CVE-2025-53624
2025-07-09
CRITICAL
10.0
The Docusaurus gists plugin adds a page to your Docusaurus instance, displaying all public gists of a GitHub user. docusaurus-plugin-content-gists…
CVE-2025-52357
2025-07-09
MEDIUM
4.1
Cross-Site Scripting (XSS) vulnerability exists in the ping diagnostic feature of FiberHome FD602GW-DX-R410 router (firmware V2.2.14), allowing an authenticated attacker…
CVE-2025-53620
2025-07-09
N/A
0.0
@builder.io/qwik-city is the meta-framework for Qwik. When a Qwik Server Action QRL is executed it dynamically load the file containing…
CVE-2025-36599
2025-07-09
MEDIUM
4.3
Dell PowerFlex Manager VM, versions prior to 4.6.2.1, contains an Insertion of Sensitive Information into Log File vulnerability. A low…
CVE-2021-27961
2025-07-09
MEDIUM
6.5
evesys 7.1 (2152) through 8.0 (2202) allows Reflected XSS via the indexeva.php action parameter.
CVE-2025-53548
2025-07-09
HIGH
7.5
Clerk helps developers build user management. Applications that use the verifyWebhook() helper to verify incoming Clerk webhooks are susceptible to…
« Anterior
Página 164 de 3469
Siguiente »
Page load link
Go to Top
