Skip to content
Toggle Navigation
Home
ISO/IEC 27001
Introducción a ISO 27001
Requisitos Normativos
Todos el contenido
Ciberseguridad
Introducción a la ciberseguridad
Defensa de sistemas informáticos
Eventos de ciberseguridad
Glosario
Todos los artículos
Vulnerabilidades CVE
Normativa y Leyes
Novedades
Contacto
Vulnerabilidades CVE
Vulnerabilidades CVE
drmunozcl
2025-06-04T18:44:58-04:00
Vulnerabilidades CVE
A continuación la lista de las últimas vulnerabilidades publicadas por el instituto NIST:
Filtrar por severidad:
Todas
NONE
LOW
MEDIUM
HIGH
CRITICAL
UNKNOWN
Filtrar
CVE ID
Publicado
Severidad
CVSS
Descripción
CVE-2024-12348
2024-12-09
LOW
3.5
A vulnerability was found in Guizhou Xiaoma Technology jpress 5.1.2. It has been classified as problematic. Affected is the function…
CVE-2025-48880
2025-05-30
MEDIUM
6.6
FreeScout is a free self-hosted help desk and shared mailbox. Prior to version 1.8.181, when an administrative account is a…
CVE-2025-48936
2025-05-30
HIGH
8.1
Zitadel is open-source identity infrastructure software. Prior to versions 2.70.12, 2.71.10, and 3.2.2, a potential vulnerability exists in the password…
CVE-2025-4943
2025-05-30
MEDIUM
6.4
The LA-Studio Element Kit for Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘data-lakit-element-link’ parameter in…
CVE-2025-4431
2025-05-30
MEDIUM
4.3
The Featured Image Plus – Quick & Bulk Edit with Unsplash plugin for WordPress is vulnerable to unauthorized modification of…
CVE-2025-5236
2025-05-30
MEDIUM
6.4
The NinjaTeam Chat for Telegram plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘username’ parameter in all…
CVE-2025-48334
2025-05-30
MEDIUM
6.5
Missing Authorization vulnerability in BinaryCarpenter Woo Slider Pro allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Woo Slider…
CVE-2025-48912
2025-05-30
MEDIUM
6.5
An authenticated malicious actor using specially crafted requests could bypass row level security configuration by injecting SQL into 'sqlExpression' fields.…
CVE-2025-5142
2025-05-30
MEDIUM
6.5
The Simple Page Access Restriction plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and…
CVE-2025-5235
2025-05-30
MEDIUM
6.4
The OpenSheetMusicDisplay plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘className’ parameter in all versions up to,…
CVE-2025-5576
2025-06-04
HIGH
7.3
A vulnerability, which was classified as critical, has been found in PHPGurukul Dairy Farm Shop Management System 1.3. This issue…
CVE-2025-5577
2025-06-04
HIGH
7.3
A vulnerability, which was classified as critical, was found in PHPGurukul Dairy Farm Shop Management System 1.3. Affected is an…
CVE-2025-5579
2025-06-04
HIGH
7.3
A vulnerability was found in PHPGurukul Dairy Farm Shop Management System 1.3 and classified as critical. Affected by this issue…
CVE-2025-5578
2025-06-04
HIGH
7.3
A vulnerability has been found in PHPGurukul Dairy Farm Shop Management System 1.3 and classified as critical. Affected by this…
CVE-2024-5407
2024-05-27
CRITICAL
10.0
A vulnerability in RhinOS 3.0-1190 could allow PHP code injection through the "search" parameter in /portal/search.htm. This vulnerability could allow…
CVE-2025-5603
2025-06-04
HIGH
7.3
A vulnerability has been found in Campcodes Hospital Management System 1.0 and classified as critical. Affected by this vulnerability is…
CVE-2025-5602
2025-06-04
HIGH
7.3
A vulnerability, which was classified as critical, was found in Campcodes Hospital Management System 1.0. Affected is an unknown function…
CVE-2024-11000
2024-11-08
MEDIUM
4.7
A vulnerability classified as problematic was found in CodeAstro Real Estate Management System 1.0. Affected by this vulnerability is an…
CVE-2024-10999
2024-11-08
MEDIUM
4.7
A vulnerability classified as problematic has been found in CodeAstro Real Estate Management System 1.0. Affected is an unknown function…
CVE-2024-1103
2024-01-31
LOW
3.5
A vulnerability was found in CodeAstro Real Estate Management System 1.0. It has been rated as problematic. Affected by this…
CVE-2025-21479
2025-06-03
HIGH
8.6
Memory corruption due to unauthorized command execution in GPU micronode while executing specific sequence of commands.
CVE-2025-5581
2025-06-04
HIGH
7.3
A vulnerability was found in CodeAstro Real Estate Management System 1.0. It has been declared as critical. This vulnerability affects…
CVE-2025-5582
2025-06-04
MEDIUM
6.3
A vulnerability was found in CodeAstro Real Estate Management System 1.0. It has been rated as critical. This issue affects…
CVE-2025-5583
2025-06-04
HIGH
7.3
A vulnerability classified as critical has been found in CodeAstro Real Estate Management System 1.0. Affected is an unknown function…
CVE-2025-5580
2025-06-04
HIGH
7.3
A vulnerability was found in CodeAstro Real Estate Management System 1.0. It has been classified as critical. This affects an…
CVE-2024-33526
2024-05-21
HIGH
7.1
A Stored Cross-site Scripting (XSS) vulnerability in the "Import of user role and title of user role" feature in ILIAS…
CVE-2024-33527
2024-05-21
MEDIUM
5.4
A Stored Cross-site Scripting (XSS) vulnerability in the "Import of Users and login name of user" feature in ILIAS 7…
CVE-2024-33528
2024-05-21
MEDIUM
4.7
A Stored Cross-site Scripting (XSS) vulnerability in ILIAS 7 before 7.30 and ILIAS 8 before 8.11 allows remote authenticated attackers…
CVE-2024-33529
2024-05-21
HIGH
7.2
ILIAS 7 before 7.30 and ILIAS 8 before 8.11 as well as ILIAS 9.0 allow remote authenticated attackers with administrative…
CVE-2024-48905
2025-05-01
CRITICAL
9.1
Sematell ReplyOne 7.4.3.0 has Insecure Permissions for the /rest/sessions endpoint.
CVE-2024-48906
2025-05-01
MEDIUM
6.1
Sematell ReplyOne 7.4.3.0 allows XSS via a ReplyDesk e-mail attachment name.
CVE-2024-48907
2025-05-01
HIGH
7.5
Sematell ReplyOne 7.4.3.0 allows SSRF via the application server API.
CVE-2023-35712
2024-05-03
HIGH
7.8
Ashlar-Vellum Cobalt XE File Parsing Uninitialized Memory Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code…
CVE-2023-35710
2024-05-03
HIGH
7.8
Ashlar-Vellum Cobalt Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected…
CVE-2025-45800
2025-05-02
CRITICAL
9.8
TOTOLINK A950RG V4.1.2cu.5204_B20210112 contains a command execution vulnerability in the setDeviceName interface of the /lib/cste_modules/global.so library, specifically in the processing…
CVE-2025-44900
2025-05-06
MEDIUM
6.5
In Tenda RX3 V1.0br_V16.03.13.11 in the GetParentControlInfo function of the web url /goform/GetParentControlInfo, the manipulation of the parameter mac leads…
CVE-2025-44899
2025-05-06
CRITICAL
9.8
There is a stack overflow vulnerability in Tenda RX3 V1.0br_V16.03.13.11 In the fromSetWifiGusetBasic function of the web url /goform/ WifiGuestSet,…
CVE-2024-36650
2024-06-11
HIGH
7.5
TOTOLINK AC1200 Wireless Dual Band Gigabit Router firmware A3100R V4.1.2cu.5247_B20211129, in the cgi function `setNoticeCfg` of the file `/lib/cste_modules/system.so`, the…
CVE-2025-21480
2025-06-03
HIGH
8.6
Memory corruption due to unauthorized command execution in GPU micronode while executing specific sequence of commands.
CVE-2023-34302
2024-05-03
HIGH
7.8
Ashlar-Vellum Cobalt CO File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary…
CVE-2025-27038
2025-06-03
HIGH
7.5
Memory corruption while rendering graphics using Adreno GPU drivers in Chrome.
CVE-2024-32674
2024-05-08
MEDIUM
5.4
Heateor Social Login WordPress prior to 1.1.32 contains a cross-site scripting vulnerability. If this vulnerability is exploited, an arbitrary script…
CVE-2024-27731
2024-08-15
MEDIUM
6.1
Cross Site Scripting vulnerability in Friendica v.2023.12 allows a remote attacker to obtain sensitive information via the lack of file…
CVE-2024-27730
2024-08-15
CRITICAL
9.8
Insecure Permissions vulnerability in Friendica v.2023.12 allows a remote attacker to obtain sensitive information and execute arbitrary code via the…
CVE-2024-27728
2024-08-15
MEDIUM
6.1
Cross Site Scripting vulnerability in Friendica v.2023.12 allows a remote attacker to obtain sensitive information via the text parameter of…
CVE-2025-5688
2025-06-04
N/A
0.0
We have identified a buffer overflow issue allowing out-of-bounds write when processing LLMNR or mDNS queries with very long DNS…
CVE-2025-5596
2025-06-04
HIGH
7.3
A vulnerability was found in FreeFloat FTP Server 1.0. It has been classified as critical. Affected is an unknown function…
CVE-2025-5595
2025-06-04
HIGH
7.3
A vulnerability was found in FreeFloat FTP Server 1.0 and classified as critical. This issue affects some unknown processing of…
CVE-2025-20279
2025-06-04
MEDIUM
4.8
A vulnerability in the web-based management interface of Cisco Unified CCX could allow an authenticated, remote attacker to conduct a…
CVE-2025-20278
2025-06-04
MEDIUM
6.0
A vulnerability in the CLI of multiple Cisco Unified Communications products could allow an authenticated, local attacker to execute arbitrary…
« Anterior
Página 17 de 3223
Siguiente »
Page load link
Go to Top
