Skip to content
Toggle Navigation
ISO/IEC 27001
Introducción a ISO 27001
Requisitos Normativos
ISO 27001 – GAP Analysis (Tool)
Todos el contenido
Ciberseguridad
Introducción a la ciberseguridad
Defensa de sistemas informáticos
Amenazas y tendencias
Eventos de ciberseguridad
Glosario
Todos los artículos
Vulnerabilidades CVE
Desarrollo seguro (SDLC)
Desarrollo de software seguro
Normativa y Leyes
Leyes de protección de datos
Agencias nacionales de ciberseguridad
Contacto
Vulnerabilidades CVE
Vulnerabilidades CVE
drmunozcl
2025-06-04T18:44:58-04:00
Vulnerabilidades CVE
A continuación la lista de las últimas vulnerabilidades publicadas por el instituto NIST:
Filtrar por severidad:
Todas
NONE
LOW
MEDIUM
HIGH
CRITICAL
UNKNOWN
Filtrar
CVE ID
Publicado
Severidad
CVSS
Descripción
CVE-2025-0928
2025-07-08
HIGH
8.8
In Juju versions prior to 3.6.8 and 2.9.52, any authenticated controller user was allowed to upload arbitrary agent binaries to…
CVE-2025-7173
2025-07-08
HIGH
7.3
A vulnerability has been found in code-projects Library System 1.0 and classified as critical. This vulnerability affects unknown code of…
CVE-2025-7186
2025-07-08
MEDIUM
6.3
A vulnerability was found in code-projects Chat System 1.0. It has been rated as critical. This issue affects some unknown…
CVE-2025-7155
2025-07-08
HIGH
7.3
A vulnerability, which was classified as critical, was found in PHPGurukul Online Notes Sharing System 1.0. This affects an unknown…
CVE-2025-53512
2025-07-08
MEDIUM
6.5
The /log endpoint on a Juju controller lacked sufficient authorization checks, allowing unauthorized users to access debug messages that could…
CVE-2025-49760
2025-07-08
LOW
3.5
External control of file name or path in Windows Storage allows an authorized attacker to perform spoofing over a network.
CVE-2025-49756
2025-07-08
LOW
3.3
Use of a broken or risky cryptographic algorithm in Office Developer Platform allows an authorized attacker to bypass a security…
CVE-2025-7154
2025-07-08
MEDIUM
6.3
A vulnerability, which was classified as critical, has been found in TOTOLINK N200RE 9.3.5u.6095_B20200916/9.3.5u.6139_B20201216. Affected by this issue is the…
CVE-2025-49753
2025-07-08
HIGH
8.8
Heap-based buffer overflow in Windows Routing and Remote Access Service (RRAS) allows an unauthorized attacker to execute code over a…
CVE-2025-49744
2025-07-08
HIGH
7.0
Heap-based buffer overflow in Microsoft Graphics Component allows an authorized attacker to elevate privileges locally.
CVE-2025-49742
2025-07-08
HIGH
7.8
Integer overflow or wraparound in Microsoft Graphics Component allows an authorized attacker to execute code locally.
CVE-2025-49740
2025-07-08
HIGH
8.8
Protection mechanism failure in Windows SmartScreen allows an unauthorized attacker to bypass a security feature over a network.
CVE-2025-49739
2025-07-08
HIGH
8.8
Improper link resolution before file access ('link following') in Visual Studio allows an unauthorized attacker to elevate privileges over a…
CVE-2025-49738
2025-07-08
HIGH
7.8
Improper link resolution before file access ('link following') in Microsoft PC Manager allows an authorized attacker to elevate privileges locally.
CVE-2025-49737
2025-07-08
HIGH
7.0
Concurrent execution using shared resource with improper synchronization ('race condition') in Microsoft Teams allows an authorized attacker to elevate privileges…
CVE-2025-49735
2025-07-08
HIGH
8.1
Use after free in Windows KDC Proxy Service (KPSSVC) allows an unauthorized attacker to execute code over a network.
CVE-2025-49733
2025-07-08
HIGH
7.8
Use after free in Windows Win32K - ICOMP allows an authorized attacker to elevate privileges locally.
CVE-2025-49732
2025-07-08
HIGH
7.8
Heap-based buffer overflow in Microsoft Graphics Component allows an authorized attacker to elevate privileges locally.
CVE-2025-49731
2025-07-08
LOW
3.1
Improper handling of insufficient permissions or privileges in Microsoft Teams allows an authorized attacker to elevate privileges over a network.
CVE-2025-49730
2025-07-08
HIGH
7.8
Time-of-check time-of-use (toctou) race condition in Microsoft Windows QoS scheduler allows an authorized attacker to elevate privileges locally.
CVE-2025-49729
2025-07-08
HIGH
8.8
Heap-based buffer overflow in Windows Routing and Remote Access Service (RRAS) allows an unauthorized attacker to execute code over a…
CVE-2025-49727
2025-07-08
HIGH
7.0
Heap-based buffer overflow in Windows Win32K - GRFX allows an authorized attacker to elevate privileges locally.
CVE-2025-49726
2025-07-08
HIGH
7.8
Use after free in Windows Notification allows an authorized attacker to elevate privileges locally.
CVE-2025-49725
2025-07-08
HIGH
7.8
Use after free in Windows Notification allows an authorized attacker to elevate privileges locally.
CVE-2025-49724
2025-07-08
HIGH
8.8
Use after free in Windows Connected Devices Platform Service allows an unauthorized attacker to execute code over a network.
CVE-2025-49723
2025-07-08
HIGH
8.8
Missing authorization in Windows StateRepository API allows an authorized attacker to perform tampering locally.
CVE-2025-49722
2025-07-08
MEDIUM
5.7
Uncontrolled resource consumption in Windows Print Spooler Components allows an authorized attacker to deny service over an adjacent network.
CVE-2025-49721
2025-07-08
HIGH
7.8
Heap-based buffer overflow in Windows Fast FAT Driver allows an unauthorized attacker to elevate privileges locally.
CVE-2025-49719
2025-07-08
HIGH
7.5
Improper input validation in SQL Server allows an unauthorized attacker to disclose information over a network.
CVE-2025-49718
2025-07-08
HIGH
7.5
Use of uninitialized resource in SQL Server allows an unauthorized attacker to disclose information over a network.
CVE-2025-49717
2025-07-08
HIGH
8.5
Heap-based buffer overflow in SQL Server allows an authorized attacker to execute code over a network.
CVE-2025-49716
2025-07-08
MEDIUM
5.9
Uncontrolled resource consumption in Windows Netlogon allows an unauthorized attacker to deny service over a network.
CVE-2025-49714
2025-07-08
HIGH
7.8
Trust boundary violation in Visual Studio Code - Python extension allows an unauthorized attacker to execute code locally.
CVE-2025-49711
2025-07-08
HIGH
7.8
Use after free in Microsoft Office Excel allows an unauthorized attacker to execute code locally.
CVE-2025-49706
2025-07-08
MEDIUM
6.3
Improper authentication in Microsoft Office SharePoint allows an authorized attacker to perform spoofing over a network.
CVE-2025-49705
2025-07-08
HIGH
7.8
Heap-based buffer overflow in Microsoft Office PowerPoint allows an unauthorized attacker to execute code locally.
CVE-2025-49704
2025-07-08
HIGH
8.8
Improper control of generation of code ('code injection') in Microsoft Office SharePoint allows an authorized attacker to execute code over…
CVE-2025-49703
2025-07-08
HIGH
7.8
Use after free in Microsoft Office Word allows an unauthorized attacker to execute code locally.
CVE-2025-49702
2025-07-08
HIGH
7.8
Access of resource using incompatible type ('type confusion') in Microsoft Office allows an unauthorized attacker to execute code locally.
CVE-2025-49701
2025-07-08
HIGH
8.8
Improper authorization in Microsoft Office SharePoint allows an authorized attacker to execute code over a network.
CVE-2025-49700
2025-07-08
HIGH
7.8
Use after free in Microsoft Office Word allows an unauthorized attacker to execute code locally.
CVE-2025-49699
2025-07-08
HIGH
7.0
Use after free in Microsoft Office allows an unauthorized attacker to execute code locally.
CVE-2025-49698
2025-07-08
HIGH
7.8
Use after free in Microsoft Office Word allows an unauthorized attacker to execute code locally.
CVE-2025-49697
2025-07-08
HIGH
8.4
Heap-based buffer overflow in Microsoft Office allows an unauthorized attacker to execute code locally.
CVE-2025-49696
2025-07-08
HIGH
8.4
Out-of-bounds read in Microsoft Office allows an unauthorized attacker to execute code locally.
CVE-2025-49695
2025-07-08
HIGH
8.4
Use after free in Microsoft Office allows an unauthorized attacker to execute code locally.
CVE-2025-49694
2025-07-08
HIGH
7.8
Null pointer dereference in Microsoft Brokering File System allows an authorized attacker to elevate privileges locally.
CVE-2025-49693
2025-07-08
HIGH
7.8
Double free in Microsoft Brokering File System allows an authorized attacker to elevate privileges locally.
CVE-2025-49690
2025-07-08
HIGH
7.4
Concurrent execution using shared resource with improper synchronization ('race condition') in Capability Access Management Service (camsvc) allows an unauthorized attacker…
CVE-2025-49689
2025-07-08
HIGH
7.8
Integer overflow or wraparound in Virtual Hard Disk (VHDX) allows an unauthorized attacker to elevate privileges locally.
« Anterior
Página 178 de 3477
Siguiente »
Page load link
Go to Top
