Skip to content
Toggle Navigation
ISO/IEC 27001
Introducción a ISO 27001
Requisitos Normativos
ISO 27001 – GAP Analysis (Tool)
Todos el contenido
Ciberseguridad
Introducción a la ciberseguridad
Defensa de sistemas informáticos
Amenazas y tendencias
Eventos de ciberseguridad
Glosario
Todos los artículos
Vulnerabilidades CVE
Desarrollo seguro (SDLC)
Desarrollo de software seguro
Normativa y Leyes
Leyes de protección de datos
Agencias nacionales de ciberseguridad
Contacto
Vulnerabilidades CVE
Vulnerabilidades CVE
drmunozcl
2025-06-04T18:44:58-04:00
Vulnerabilidades CVE
A continuación la lista de las últimas vulnerabilidades publicadas por el instituto NIST:
Filtrar por severidad:
Todas
NONE
LOW
MEDIUM
HIGH
CRITICAL
UNKNOWN
Filtrar
CVE ID
Publicado
Severidad
CVSS
Descripción
CVE-2025-6712
2025-07-07
MEDIUM
6.5
MongoDB Server may be susceptible to disruption caused by high memory usage, potentially leading to server crash. This condition is…
CVE-2025-6711
2025-07-07
MEDIUM
4.4
An issue has been identified in MongoDB Server where unredacted queries may inadvertently appear in server logs when certain error…
CVE-2025-6663
2025-07-07
HIGH
7.8
GStreamer H266 Codec Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code…
CVE-2025-5987
2025-07-07
MEDIUM
5.0
A flaw was found in libssh when using the ChaCha20 cipher with the OpenSSL library. If an attacker manages to…
CVE-2025-43930
2025-07-07
N/A
0.0
Hashview 0.8.1 allows account takeover via the password reset feature because SERVER_NAME is not configured and thus a reset depends…
CVE-2025-7131
2025-07-07
HIGH
7.3
A vulnerability was found in Campcodes Payroll Management System 1.0. It has been declared as critical. Affected by this vulnerability…
CVE-2025-7130
2025-07-07
HIGH
7.3
A vulnerability was found in Campcodes Payroll Management System 1.0. It has been classified as critical. Affected is an unknown…
CVE-2025-7128
2025-07-07
HIGH
7.3
A vulnerability has been found in Campcodes Payroll Management System 1.0 and classified as critical. This vulnerability affects unknown code…
CVE-2025-7127
2025-07-07
MEDIUM
4.7
A vulnerability, which was classified as critical, was found in itsourcecode Employee Management System up to 1.0. This affects an…
CVE-2025-6209
2025-07-07
HIGH
7.5
A path traversal vulnerability exists in run-llama/llama_index versions 0.12.27 through 0.12.40, specifically within the `encode_image` function in `generic_utils.py`. This vulnerability…
CVE-2025-7126
2025-07-07
MEDIUM
6.3
A vulnerability, which was classified as critical, has been found in itsourcecode Employee Management System up to 1.0. Affected by…
CVE-2025-7125
2025-07-07
MEDIUM
6.3
A vulnerability classified as critical was found in itsourcecode Employee Management System up to 1.0. Affected by this vulnerability is…
CVE-2025-3046
2025-07-07
HIGH
7.5
A vulnerability in the `ObsidianReader` class of the run-llama/llama_index repository, versions 0.12.23 to 0.12.28, allows for arbitrary file read through…
CVE-2025-7129
2025-07-07
HIGH
7.3
A vulnerability was found in Campcodes Payroll Management System 1.0 and classified as critical. This issue affects some unknown processing…
CVE-2025-7124
2025-07-07
MEDIUM
6.3
A vulnerability classified as critical has been found in code-projects Online Note Sharing 1.0. Affected is an unknown function of…
CVE-2025-7123
2025-07-07
MEDIUM
4.7
A vulnerability was found in Campcodes Complaint Management System 1.0. It has been rated as critical. This issue affects some…
CVE-2025-7122
2025-07-07
HIGH
7.3
A vulnerability was found in Campcodes Complaint Management System 1.0. It has been declared as critical. This vulnerability affects unknown…
CVE-2025-6386
2025-07-07
HIGH
7.5
The parisneo/lollms repository is affected by a timing attack vulnerability in the `authenticate_user` function within the `lollms_authentication.py` file. This vulnerability…
CVE-2025-6210
2025-07-07
MEDIUM
6.2
A vulnerability in the ObsidianReader class of the run-llama/llama_index repository, specifically in version 0.12.27, allows for hardlink-based path traversal. This…
CVE-2025-5472
2025-07-07
MEDIUM
6.5
The JSONReader in run-llama/llama_index versions 0.12.28 is vulnerable to a stack overflow due to uncontrolled recursive JSON parsing. This vulnerability…
CVE-2025-4779
2025-07-07
CRITICAL
9.1
lunary-ai/lunary versions prior to 1.9.24 are vulnerable to stored cross-site scripting (XSS). An unauthenticated attacker can inject malicious JavaScript into…
CVE-2025-3777
2025-07-07
LOW
3.5
Hugging Face Transformers versions up to 4.49.0 are affected by an improper input validation vulnerability in the `image_utils.py` file. The…
CVE-2025-3705
2025-07-07
MEDIUM
6.8
A physical attacker with no privileges can gain full control of the affected device due to improper neutralization of special…
CVE-2025-3626
2025-07-07
CRITICAL
9.1
A remote attacker with administrator account can gain full control of the device due to improper neutralization of special elements…
CVE-2025-3467
2025-07-07
HIGH
8.0
An XSS vulnerability exists in langgenius/dify versions prior to 1.1.3, specifically affecting Firefox browsers. This vulnerability allows an attacker to…
CVE-2025-3466
2025-07-07
CRITICAL
9.8
langgenius/dify versions 1.1.0 to 1.1.2 are vulnerable to unsanitized input in the code node, allowing execution of arbitrary code with…
CVE-2025-3264
2025-07-07
MEDIUM
5.3
A Regular Expression Denial of Service (ReDoS) vulnerability was discovered in the Hugging Face Transformers library, specifically in the `get_imports()`…
CVE-2025-3263
2025-07-07
MEDIUM
5.3
A Regular Expression Denial of Service (ReDoS) vulnerability was discovered in the Hugging Face Transformers library, specifically in the `get_configuration_file()`…
CVE-2025-3225
2025-07-07
HIGH
7.5
An XML Entity Expansion vulnerability, also known as a 'billion laughs' attack, exists in the sitemap parser of the run-llama/llama_index…
CVE-2024-43334
2025-07-07
HIGH
7.1
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Gavias Halpes allows Reflected XSS.This issue affects Halpes:…
CVE-2025-7121
2025-07-07
MEDIUM
6.3
A vulnerability was found in Campcodes Complaint Management System 1.0. It has been classified as critical. This affects an unknown…
CVE-2025-7120
2025-07-07
HIGH
7.3
A vulnerability was found in Campcodes Complaint Management System 1.0 and classified as critical. Affected by this issue is some…
CVE-2025-3920
2025-07-07
N/A
0.0
A vulnerability was identified in SUR-FBD CMMS where hard-coded credentials were found within a compiled DLL file. These credentials correspond…
CVE-2025-7119
2025-07-07
HIGH
7.3
A vulnerability has been found in Campcodes Complaint Management System 1.0 and classified as critical. Affected by this vulnerability is…
CVE-2025-7118
2025-07-07
HIGH
8.8
A vulnerability, which was classified as critical, has been found in UTT HiPER 840G up to 3.1.1-190328. This issue affects…
CVE-2025-7117
2025-07-07
HIGH
8.8
A vulnerability classified as critical was found in UTT HiPER 840G up to 3.1.1-190328. This vulnerability affects unknown code of…
CVE-2025-7116
2025-07-07
HIGH
8.8
A vulnerability classified as critical has been found in UTT 进取 750W up to 3.2.2-191225. This affects an unknown part…
CVE-2025-41672
2025-07-07
CRITICAL
10.0
A remote unauthenticated attacker may use default certificates to generate JWT Tokens and gain full access to the tool and…
CVE-2025-7115
2025-07-07
HIGH
7.3
A vulnerability was found in rowboatlabs rowboat up to 8096eaf63b5a0732edd8f812bee05b78e214ee97. It has been rated as critical. Affected by this issue…
CVE-2025-7114
2025-07-07
HIGH
7.3
A vulnerability was found in SimStudioAI sim up to 37786d371e17d35e0764e1b5cd519d873d90d97b. It has been declared as critical. Affected by this vulnerability…
CVE-2025-7113
2025-07-07
LOW
3.5
A vulnerability was found in Portabilis i-Educar 2.9.0. It has been classified as problematic. Affected is an unknown function of…
CVE-2025-7112
2025-07-07
LOW
3.5
A vulnerability was found in Portabilis i-Educar 2.9.0 and classified as problematic. This issue affects some unknown processing of the…
CVE-2025-7111
2025-07-07
LOW
3.5
A vulnerability has been found in Portabilis i-Educar 2.9.0 and classified as problematic. This vulnerability affects unknown code of the…
CVE-2025-53473
2025-07-07
HIGH
7.3
Server-side request forgery (SSRF) vulnerability exists n multiple versions of Nimesa Backup and Recovery, If this vulnerability is exploited, unintended…
CVE-2025-48501
2025-07-07
CRITICAL
9.8
An OS command injection issue exists in Nimesa Backup and Recovery v2.3 and v2.4. If this vulnerability is exploited, an…
CVE-2025-7110
2025-07-07
LOW
3.5
A vulnerability, which was classified as problematic, was found in Portabilis i-Educar 2.9.0. This affects an unknown part of the…
CVE-2025-7145
2025-07-07
HIGH
7.2
ThreatSonar Anti-Ransomware developed by TeamT5 has an OS Command Injection vulnerability, allowing remote attackers with product platform intermediate privileges to…
CVE-2025-7109
2025-07-07
LOW
3.5
A vulnerability, which was classified as problematic, has been found in Portabilis i-Educar 2.9.0. Affected by this issue is some…
CVE-2025-7108
2025-07-07
MEDIUM
5.4
A vulnerability classified as critical was found in risesoft-y9 Digital-Infrastructure up to 9.6.7. Affected by this vulnerability is the function…
CVE-2025-53186
2025-07-07
MEDIUM
5.9
Vulnerability that allows third-party call apps to send broadcasts without verification in the audio framework module Impact: Successful exploitation of…
« Anterior
Página 194 de 3484
Siguiente »
Page load link
Go to Top
