Skip to content
Toggle Navigation
ISO/IEC 27001
Introducción a ISO 27001
Requisitos Normativos
ISO 27001 – GAP Analysis (Tool)
Todos el contenido
Ciberseguridad
Introducción a la ciberseguridad
Defensa de sistemas informáticos
Amenazas y tendencias
Eventos de ciberseguridad
Glosario
Todos los artículos
Vulnerabilidades CVE
Desarrollo seguro (SDLC)
Desarrollo de software seguro
Normativa y Leyes
Leyes de protección de datos
Agencias nacionales de ciberseguridad
Contacto
Vulnerabilidades CVE
Vulnerabilidades CVE
drmunozcl
2025-06-04T18:44:58-04:00
Vulnerabilidades CVE
A continuación la lista de las últimas vulnerabilidades publicadas por el instituto NIST:
Filtrar por severidad:
Todas
NONE
LOW
MEDIUM
HIGH
CRITICAL
UNKNOWN
Filtrar
CVE ID
Publicado
Severidad
CVSS
Descripción
CVE-2025-6297
2025-07-01
HIGH
8.2
It was discovered that dpkg-deb does not properly sanitize directory permissions when extracting a control member into a temporary directory,…
CVE-2025-53107
2025-07-01
HIGH
7.5
@cyanheads/git-mcp-server is an MCP server designed to interact with Git repositories. Prior to version 2.1.5, there is a command injection…
CVE-2025-53103
2025-07-01
MEDIUM
5.8
JUnit is a testing framework for Java and the JVM. From version 5.12.0 to 5.13.1, JUnit's support for writing Open…
CVE-2025-53100
2025-07-01
N/A
0.0
RestDB's Codehooks.io MCP Server is an MCP server on the Codehooks.io platform. Prior to version 0.2.2, the MCP server is…
CVE-2025-37099
2025-07-01
CRITICAL
9.8
A remote code execution vulnerability exists in HPE Insight Remote Support (IRS) prior to v7.15.0.646.
CVE-2025-34081
2025-07-01
N/A
0.0
The Contec Co.,Ltd. CONPROSYS HMI System (CHS) exposes a PHP phpinfo() debug page to unauthenticated users that may contain sensitive…
CVE-2025-34080
2025-07-01
N/A
0.0
The Contec Co.,Ltd. CONPROSYS HMI System (CHS) is vulnerable to Cross-Site Scripting (XSS) in the getqsetting.php functionality that could allow…
CVE-2025-6963
2025-07-01
HIGH
7.3
A vulnerability has been found in Campcodes Employee Management System 1.0 and classified as critical. This vulnerability affects unknown code…
CVE-2025-6962
2025-07-01
HIGH
7.3
A vulnerability, which was classified as critical, was found in Campcodes Employee Management System 1.0. This affects an unknown part…
CVE-2025-6961
2025-07-01
HIGH
7.3
A vulnerability, which was classified as critical, has been found in Campcodes Employee Management System 1.0. Affected by this issue…
CVE-2025-50641
2025-07-01
MEDIUM
6.5
Tenda AC6 15.03.05.16_multi is vulnerable to Buffer Overflow in the addWifiMacFilter function via the parameter deviceId.
CVE-2025-6960
2025-07-01
HIGH
7.3
A vulnerability classified as critical was found in Campcodes Employee Management System 1.0. Affected by this vulnerability is an unknown…
CVE-2025-6959
2025-07-01
HIGH
7.3
A vulnerability classified as critical has been found in Campcodes Employee Management System 1.0. Affected is an unknown function of…
CVE-2025-6958
2025-07-01
HIGH
7.3
A vulnerability was found in Campcodes Employee Management System 1.0. It has been rated as critical. This issue affects some…
CVE-2025-6957
2025-07-01
HIGH
7.3
A vulnerability was found in Campcodes Employee Management System 1.0. It has been declared as critical. This vulnerability affects unknown…
CVE-2025-53099
2025-07-01
N/A
0.0
Sentry is a developer-first error tracking and performance monitoring tool. Prior to version 25.5.0, an attacker with a malicious OAuth…
CVE-2025-50404
2025-07-01
N/A
0.0
Intelbras RX1500 Router v2.2.17 and before is vulnerable to Integer Overflow. The websReadEvent function incorrectly uses the int type when…
CVE-2025-37098
2025-07-01
HIGH
7.5
A path traversal vulnerability exists in HPE Insight Remote Support (IRS) prior to v7.15.0.646.
CVE-2025-34066
2025-07-01
N/A
0.0
An improper certificate validation vulnerability exists in AVTECH IP cameras, DVRs, and NVRs due to the use of wget with…
CVE-2025-34065
2025-07-01
N/A
0.0
An authentication bypass vulnerability exists in AVTECH IP camera, DVR, and NVR devices’ streamd web server. The strstr() function allows…
CVE-2025-34064
2025-07-01
N/A
0.0
A cloud infrastructure misconfiguration in OneLogin AD Connector results in log data being sent to a hardcoded S3 bucket (onelogin-adc-logs-production)…
CVE-2025-37097
2025-07-01
HIGH
7.5
A vulnerability in HPE Insight Remote Support (IRS) prior to v7.15.0.646 may allow an unauthenticated denial of service
CVE-2025-34063
2025-07-01
N/A
0.0
A cryptographic authentication bypass vulnerability exists in OneLogin AD Connector prior to 6.1.5 due to the exposure of a tenant’s…
CVE-2025-34062
2025-07-01
N/A
0.0
An information disclosure vulnerability exists in OneLogin AD Connector versions prior to 6.1.5 via the /api/adc/v4/configuration endpoint. An attacker with access…
CVE-2025-34060
2025-07-01
N/A
0.0
A PHP objection injection vulnerability exists in the Monero Project’s Laravel-based forum software due to unsafe handling of untrusted input…
CVE-2025-34059
2025-07-01
N/A
0.0
An SQL injection vulnerability exists in the Dahua Smart Cloud Gateway Registration Management Platform via the username parameter in the…
CVE-2025-34058
2025-07-01
N/A
0.0
Hikvision Streaming Media Management Server v2.3.5 uses default credentials that allow remote attackers to authenticate and access restricted functionality. After…
CVE-2025-34056
2025-07-01
N/A
0.0
An OS command injection vulnerability exists in AVTECH IP camera, DVR, and NVR devices via the PwdGrp.cgi endpoint, which handles…
CVE-2025-34055
2025-07-01
N/A
0.0
An OS command injection vulnerability exists in AVTECH DVR, NVR, and IP camera devices within the adcommand.cgi endpoint, which interfaces…
CVE-2025-34054
2025-07-01
N/A
0.0
An unauthenticated command injection vulnerability exists in AVTECH DVR devices via Search.cgi?action=cgi_query. The use of wget without input sanitization allows…
CVE-2025-34053
2025-07-01
N/A
0.0
An authentication bypass vulnerability exists in AVTECH IP camera, DVR, and NVR devices’ streamd web server. The strstr() function is…
CVE-2025-34052
2025-07-01
N/A
0.0
An unauthenticated information disclosure vulnerability exists in AVTECH IP cameras, DVRs, and NVRs via Machine.cgi?action=get_capability. Sensitive internal device information such…
CVE-2025-34051
2025-07-01
N/A
0.0
A server-side request forgery vulnerability exists in multiple firmware versions of AVTECH DVR devices that exposes the /cgi-bin/nobody/Search.cgi?action=cgi_query endpoint without…
CVE-2025-34050
2025-07-01
N/A
0.0
A cross-site request forgery (CSRF) vulnerability exists in the web interface of AVTECH IP camera, DVR, and NVR devices. An attacker…
CVE-2025-6956
2025-07-01
HIGH
7.3
A vulnerability was found in Campcodes Employee Management System 1.0. It has been classified as critical. This affects an unknown…
CVE-2025-6955
2025-07-01
HIGH
7.3
A vulnerability was found in Campcodes Employee Management System 1.0 and classified as critical. Affected by this issue is some…
CVE-2025-6954
2025-07-01
HIGH
7.3
A vulnerability has been found in Campcodes Employee Management System 1.0 and classified as critical. Affected by this vulnerability is…
CVE-2025-6953
2025-07-01
HIGH
8.8
A vulnerability, which was classified as critical, was found in TOTOLINK A3002RU 3.0.0-B20230809.1615. Affected is an unknown function of the…
CVE-2025-6940
2025-07-01
HIGH
8.8
A vulnerability classified as critical was found in TOTOLINK A702R 4.0.0-B20230721.1521. Affected by this vulnerability is an unknown functionality of…
CVE-2025-6939
2025-07-01
HIGH
8.8
A vulnerability classified as critical has been found in TOTOLINK A3002RU 3.0.0-B20230809.1615. Affected is an unknown function of the file…
CVE-2025-6938
2025-07-01
HIGH
7.3
A vulnerability was found in code-projects Simple Pizza Ordering System 1.0. It has been rated as critical. This issue affects…
CVE-2025-6931
2025-06-30
LOW
3.7
A vulnerability classified as problematic was found in D-Link DCS-6517 and DCS-7517 up to 2.02.0. Affected by this vulnerability is…
CVE-2025-6930
2025-06-30
MEDIUM
6.3
A vulnerability classified as critical has been found in PHPGurukul Zoo Management System 2.1. Affected is an unknown function of…
CVE-2025-6920
2025-07-01
MEDIUM
5.3
A flaw was found in the authentication enforcement mechanism of a model inference API in ai-inference-server. All /v1/* endpoints are…
CVE-2025-6554
2025-06-30
HIGH
8.1
Type confusion in V8 in Google Chrome prior to 138.0.7204.96 allowed a remote attacker to perform arbitrary read/write via a…
CVE-2025-6929
2025-06-30
MEDIUM
6.3
A vulnerability was found in PHPGurukul Zoo Management System 2.1. It has been rated as critical. This issue affects some…
CVE-2025-53003
2025-07-01
N/A
0.0
The Janssen Project is an open-source identity and access management (IAM) platform. Prior to version 1.8.0, the Config API returns…
CVE-2025-53005
2025-07-01
N/A
0.0
DataEase is an open source business intelligence and data visualization tool. Prior to version 2.10.11, there is a bypass vulnerability…
CVE-2025-49029
2025-07-01
CRITICAL
9.1
Improper Control of Generation of Code ('Code Injection') vulnerability in bitto.Kazi Custom Login And Signup Widget allows Code Injection.This issue…
CVE-2025-45872
2025-07-01
N/A
0.0
zrlog v3.1.5 was discovered to contain a Server-Side Request Forgery (SSRF) via the downloadUrl parameter.
« Anterior
Página 210 de 3488
Siguiente »
Page load link
Go to Top
