Skip to content
Toggle Navigation
ISO/IEC 27001
Introducción a ISO 27001
Requisitos Normativos
ISO 27001 – GAP Analysis (Tool)
Todos el contenido
Ciberseguridad
Introducción a la ciberseguridad
Defensa de sistemas informáticos
Amenazas y tendencias
Eventos de ciberseguridad
Glosario
Todos los artículos
Vulnerabilidades CVE
Desarrollo seguro (SDLC)
Desarrollo de software seguro
Normativa y Leyes
Leyes de protección de datos
Agencias nacionales de ciberseguridad
Contacto
Vulnerabilidades CVE
Vulnerabilidades CVE
drmunozcl
2025-06-04T18:44:58-04:00
Vulnerabilidades CVE
A continuación la lista de las últimas vulnerabilidades publicadas por el instituto NIST:
Filtrar por severidad:
Todas
NONE
LOW
MEDIUM
HIGH
CRITICAL
UNKNOWN
Filtrar
CVE ID
Publicado
Severidad
CVSS
Descripción
CVE-2024-49784
2025-07-08
MEDIUM
5.3
IBM OpenPages with Watson 8.3 and 9.0 could provide weaker than expected security in storage of encrypted data with AES…
CVE-2024-49783
2025-07-08
MEDIUM
5.3
IBM OpenPages with Watson 8.3 and 9.0 could provide weaker than expected security in storage of encrypted data. If an…
CVE-2023-43039
2025-07-08
MEDIUM
6.1
IBM OpenPages with Watson 9.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in…
CVE-2025-7152
2025-07-08
MEDIUM
6.3
A vulnerability classified as critical has been found in Campcodes Advanced Online Voting System 1.0. Affected is an unknown function…
CVE-2025-7153
2025-07-08
LOW
3.5
A vulnerability classified as problematic was found in CodeAstro Simple Hospital Management System 1.0. Affected by this vulnerability is an…
CVE-2025-7363
2025-07-08
N/A
0.0
The TitleIcon extension for MediaWiki is vulnerable to stored XSS through the #titleicon_unicode parser function. User input passed to this…
CVE-2025-7362
2025-07-08
N/A
0.0
The MsUpload extension for MediaWiki is vulnerable to stored XSS via the msu-continue system message, which is inserted into the…
CVE-2025-7189
2025-07-08
MEDIUM
6.3
A vulnerability, which was classified as critical, has been found in code-projects Chat System 1.0. Affected by this issue is…
CVE-2025-7188
2025-07-08
MEDIUM
6.3
A vulnerability classified as critical was found in code-projects Chat System 1.0. Affected by this vulnerability is an unknown functionality…
CVE-2025-7140
2025-07-07
LOW
2.4
A vulnerability classified as problematic has been found in SourceCodester Best Salon Management System 1.0. Affected is an unknown function…
CVE-2025-6044
2025-07-07
MEDIUM
6.1
An Improper Access Control vulnerability in the Stylus Tools component of Google ChromeOS version 16238.64.0 on Lenovo devices allows a…
CVE-2025-53499
2025-07-07
CRITICAL
9.1
: Missing Authorization vulnerability in Wikimedia Foundation Mediawiki - AbuseFilter Extension allows Unauthorized Access.This issue affects Mediawiki - AbuseFilter Extension:…
CVE-2025-53498
2025-07-07
MEDIUM
5.3
: Insufficient Logging vulnerability in Wikimedia Foundation Mediawiki - AbuseFilter Extension allows Data Leakage Attacks.This issue affects Mediawiki - AbuseFilter…
CVE-2025-53495
2025-07-07
CRITICAL
9.1
Missing Authorization vulnerability in Wikimedia Foundation Mediawiki - AbuseFilter Extension allows Unauthorized Access.This issue affects Mediawiki - AbuseFilter Extension: from…
CVE-2025-53488
2025-07-07
MEDIUM
6.1
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Wikimedia Foundation Mediawiki - WikiHiero Extension…
CVE-2025-4663
2025-07-08
N/A
0.0
An Improper Check for Unusual or Exceptional Conditions vulnerability in Brocade Fabric OS before 9.2.2.a could allow an authenticated, network-based…
CVE-2025-49691
2025-07-08
HIGH
8.0
Heap-based buffer overflow in Windows Media allows an unauthorized attacker to execute code over an adjacent network.
CVE-2025-47135
2025-07-08
MEDIUM
5.5
Dimension versions 4.1.2 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory.…
CVE-2025-30312
2025-07-08
HIGH
7.8
Dimension versions 4.1.2 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in…
CVE-2025-0928
2025-07-08
HIGH
8.8
In Juju versions prior to 3.6.8 and 2.9.52, any authenticated controller user was allowed to upload arbitrary agent binaries to…
CVE-2025-7173
2025-07-08
HIGH
7.3
A vulnerability has been found in code-projects Library System 1.0 and classified as critical. This vulnerability affects unknown code of…
CVE-2025-7186
2025-07-08
MEDIUM
6.3
A vulnerability was found in code-projects Chat System 1.0. It has been rated as critical. This issue affects some unknown…
CVE-2025-7155
2025-07-08
HIGH
7.3
A vulnerability, which was classified as critical, was found in PHPGurukul Online Notes Sharing System 1.0. This affects an unknown…
CVE-2025-53512
2025-07-08
MEDIUM
6.5
The /log endpoint on a Juju controller lacked sufficient authorization checks, allowing unauthorized users to access debug messages that could…
CVE-2025-49760
2025-07-08
LOW
3.5
External control of file name or path in Windows Storage allows an authorized attacker to perform spoofing over a network.
CVE-2025-49756
2025-07-08
LOW
3.3
Use of a broken or risky cryptographic algorithm in Office Developer Platform allows an authorized attacker to bypass a security…
CVE-2025-7154
2025-07-08
MEDIUM
6.3
A vulnerability, which was classified as critical, has been found in TOTOLINK N200RE 9.3.5u.6095_B20200916/9.3.5u.6139_B20201216. Affected by this issue is the…
CVE-2025-49753
2025-07-08
HIGH
8.8
Heap-based buffer overflow in Windows Routing and Remote Access Service (RRAS) allows an unauthorized attacker to execute code over a…
CVE-2025-49744
2025-07-08
HIGH
7.0
Heap-based buffer overflow in Microsoft Graphics Component allows an authorized attacker to elevate privileges locally.
CVE-2025-49742
2025-07-08
HIGH
7.8
Integer overflow or wraparound in Microsoft Graphics Component allows an authorized attacker to execute code locally.
CVE-2025-49740
2025-07-08
HIGH
8.8
Protection mechanism failure in Windows SmartScreen allows an unauthorized attacker to bypass a security feature over a network.
CVE-2025-49739
2025-07-08
HIGH
8.8
Improper link resolution before file access ('link following') in Visual Studio allows an unauthorized attacker to elevate privileges over a…
CVE-2025-49738
2025-07-08
HIGH
7.8
Improper link resolution before file access ('link following') in Microsoft PC Manager allows an authorized attacker to elevate privileges locally.
CVE-2025-49737
2025-07-08
HIGH
7.0
Concurrent execution using shared resource with improper synchronization ('race condition') in Microsoft Teams allows an authorized attacker to elevate privileges…
CVE-2025-49735
2025-07-08
HIGH
8.1
Use after free in Windows KDC Proxy Service (KPSSVC) allows an unauthorized attacker to execute code over a network.
CVE-2025-49733
2025-07-08
HIGH
7.8
Use after free in Windows Win32K - ICOMP allows an authorized attacker to elevate privileges locally.
CVE-2025-49732
2025-07-08
HIGH
7.8
Heap-based buffer overflow in Microsoft Graphics Component allows an authorized attacker to elevate privileges locally.
CVE-2025-49731
2025-07-08
LOW
3.1
Improper handling of insufficient permissions or privileges in Microsoft Teams allows an authorized attacker to elevate privileges over a network.
CVE-2025-49730
2025-07-08
HIGH
7.8
Time-of-check time-of-use (toctou) race condition in Microsoft Windows QoS scheduler allows an authorized attacker to elevate privileges locally.
CVE-2025-49729
2025-07-08
HIGH
8.8
Heap-based buffer overflow in Windows Routing and Remote Access Service (RRAS) allows an unauthorized attacker to execute code over a…
CVE-2025-49727
2025-07-08
HIGH
7.0
Heap-based buffer overflow in Windows Win32K - GRFX allows an authorized attacker to elevate privileges locally.
CVE-2025-49726
2025-07-08
HIGH
7.8
Use after free in Windows Notification allows an authorized attacker to elevate privileges locally.
CVE-2025-49725
2025-07-08
HIGH
7.8
Use after free in Windows Notification allows an authorized attacker to elevate privileges locally.
CVE-2025-49724
2025-07-08
HIGH
8.8
Use after free in Windows Connected Devices Platform Service allows an unauthorized attacker to execute code over a network.
CVE-2025-49723
2025-07-08
HIGH
8.8
Missing authorization in Windows StateRepository API allows an authorized attacker to perform tampering locally.
CVE-2025-49722
2025-07-08
MEDIUM
5.7
Uncontrolled resource consumption in Windows Print Spooler Components allows an authorized attacker to deny service over an adjacent network.
CVE-2025-49721
2025-07-08
HIGH
7.8
Heap-based buffer overflow in Windows Fast FAT Driver allows an unauthorized attacker to elevate privileges locally.
CVE-2025-49719
2025-07-08
HIGH
7.5
Improper input validation in SQL Server allows an unauthorized attacker to disclose information over a network.
CVE-2025-49718
2025-07-08
HIGH
7.5
Use of uninitialized resource in SQL Server allows an unauthorized attacker to disclose information over a network.
CVE-2025-49717
2025-07-08
HIGH
8.5
Heap-based buffer overflow in SQL Server allows an authorized attacker to execute code over a network.
« Anterior
Página 170 de 3469
Siguiente »
Page load link
Go to Top
