Skip to content
Toggle Navigation
ISO/IEC 27001
Introducción a ISO 27001
Requisitos Normativos
ISO 27001 – GAP Analysis (Tool)
Todos el contenido
Ciberseguridad
Introducción a la ciberseguridad
Defensa de sistemas informáticos
Amenazas y tendencias
Eventos de ciberseguridad
Glosario
Todos los artículos
Vulnerabilidades CVE
Desarrollo seguro (SDLC)
Desarrollo de software seguro
Normativa y Leyes
Leyes de protección de datos
Agencias nacionales de ciberseguridad
Contacto
Vulnerabilidades CVE
Vulnerabilidades CVE
drmunozcl
2025-06-04T18:44:58-04:00
Vulnerabilidades CVE
A continuación la lista de las últimas vulnerabilidades publicadas por el instituto NIST:
Filtrar por severidad:
Todas
NONE
LOW
MEDIUM
HIGH
CRITICAL
UNKNOWN
Filtrar
CVE ID
Publicado
Severidad
CVSS
Descripción
CVE-2025-50641
2025-07-01
MEDIUM
6.5
Tenda AC6 15.03.05.16_multi is vulnerable to Buffer Overflow in the addWifiMacFilter function via the parameter deviceId.
CVE-2025-6960
2025-07-01
HIGH
7.3
A vulnerability classified as critical was found in Campcodes Employee Management System 1.0. Affected by this vulnerability is an unknown…
CVE-2025-6959
2025-07-01
HIGH
7.3
A vulnerability classified as critical has been found in Campcodes Employee Management System 1.0. Affected is an unknown function of…
CVE-2025-6958
2025-07-01
HIGH
7.3
A vulnerability was found in Campcodes Employee Management System 1.0. It has been rated as critical. This issue affects some…
CVE-2025-6957
2025-07-01
HIGH
7.3
A vulnerability was found in Campcodes Employee Management System 1.0. It has been declared as critical. This vulnerability affects unknown…
CVE-2025-53099
2025-07-01
N/A
0.0
Sentry is a developer-first error tracking and performance monitoring tool. Prior to version 25.5.0, an attacker with a malicious OAuth…
CVE-2025-50404
2025-07-01
N/A
0.0
Intelbras RX1500 Router v2.2.17 and before is vulnerable to Integer Overflow. The websReadEvent function incorrectly uses the int type when…
CVE-2025-37098
2025-07-01
HIGH
7.5
A path traversal vulnerability exists in HPE Insight Remote Support (IRS) prior to v7.15.0.646.
CVE-2025-34066
2025-07-01
N/A
0.0
An improper certificate validation vulnerability exists in AVTECH IP cameras, DVRs, and NVRs due to the use of wget with…
CVE-2025-34065
2025-07-01
N/A
0.0
An authentication bypass vulnerability exists in AVTECH IP camera, DVR, and NVR devices’ streamd web server. The strstr() function allows…
CVE-2025-34064
2025-07-01
N/A
0.0
A cloud infrastructure misconfiguration in OneLogin AD Connector results in log data being sent to a hardcoded S3 bucket (onelogin-adc-logs-production)…
CVE-2025-37097
2025-07-01
HIGH
7.5
A vulnerability in HPE Insight Remote Support (IRS) prior to v7.15.0.646 may allow an unauthenticated denial of service
CVE-2025-34063
2025-07-01
N/A
0.0
A cryptographic authentication bypass vulnerability exists in OneLogin AD Connector prior to 6.1.5 due to the exposure of a tenant’s…
CVE-2025-34062
2025-07-01
N/A
0.0
An information disclosure vulnerability exists in OneLogin AD Connector versions prior to 6.1.5 via the /api/adc/v4/configuration endpoint. An attacker with access…
CVE-2025-34060
2025-07-01
N/A
0.0
A PHP objection injection vulnerability exists in the Monero Project’s Laravel-based forum software due to unsafe handling of untrusted input…
CVE-2025-34059
2025-07-01
N/A
0.0
An SQL injection vulnerability exists in the Dahua Smart Cloud Gateway Registration Management Platform via the username parameter in the…
CVE-2025-34058
2025-07-01
N/A
0.0
Hikvision Streaming Media Management Server v2.3.5 uses default credentials that allow remote attackers to authenticate and access restricted functionality. After…
CVE-2025-34056
2025-07-01
N/A
0.0
An OS command injection vulnerability exists in AVTECH IP camera, DVR, and NVR devices via the PwdGrp.cgi endpoint, which handles…
CVE-2025-34055
2025-07-01
N/A
0.0
An OS command injection vulnerability exists in AVTECH DVR, NVR, and IP camera devices within the adcommand.cgi endpoint, which interfaces…
CVE-2025-34054
2025-07-01
N/A
0.0
An unauthenticated command injection vulnerability exists in AVTECH DVR devices via Search.cgi?action=cgi_query. The use of wget without input sanitization allows…
CVE-2025-34053
2025-07-01
N/A
0.0
An authentication bypass vulnerability exists in AVTECH IP camera, DVR, and NVR devices’ streamd web server. The strstr() function is…
CVE-2025-34052
2025-07-01
N/A
0.0
An unauthenticated information disclosure vulnerability exists in AVTECH IP cameras, DVRs, and NVRs via Machine.cgi?action=get_capability. Sensitive internal device information such…
CVE-2025-34051
2025-07-01
N/A
0.0
A server-side request forgery vulnerability exists in multiple firmware versions of AVTECH DVR devices that exposes the /cgi-bin/nobody/Search.cgi?action=cgi_query endpoint without…
CVE-2025-34050
2025-07-01
N/A
0.0
A cross-site request forgery (CSRF) vulnerability exists in the web interface of AVTECH IP camera, DVR, and NVR devices. An attacker…
CVE-2025-6956
2025-07-01
HIGH
7.3
A vulnerability was found in Campcodes Employee Management System 1.0. It has been classified as critical. This affects an unknown…
CVE-2025-6955
2025-07-01
HIGH
7.3
A vulnerability was found in Campcodes Employee Management System 1.0 and classified as critical. Affected by this issue is some…
CVE-2025-6954
2025-07-01
HIGH
7.3
A vulnerability has been found in Campcodes Employee Management System 1.0 and classified as critical. Affected by this vulnerability is…
CVE-2025-6953
2025-07-01
HIGH
8.8
A vulnerability, which was classified as critical, was found in TOTOLINK A3002RU 3.0.0-B20230809.1615. Affected is an unknown function of the…
CVE-2025-6940
2025-07-01
HIGH
8.8
A vulnerability classified as critical was found in TOTOLINK A702R 4.0.0-B20230721.1521. Affected by this vulnerability is an unknown functionality of…
CVE-2025-6939
2025-07-01
HIGH
8.8
A vulnerability classified as critical has been found in TOTOLINK A3002RU 3.0.0-B20230809.1615. Affected is an unknown function of the file…
CVE-2025-6938
2025-07-01
HIGH
7.3
A vulnerability was found in code-projects Simple Pizza Ordering System 1.0. It has been rated as critical. This issue affects…
CVE-2025-6931
2025-06-30
LOW
3.7
A vulnerability classified as problematic was found in D-Link DCS-6517 and DCS-7517 up to 2.02.0. Affected by this vulnerability is…
CVE-2025-6930
2025-06-30
MEDIUM
6.3
A vulnerability classified as critical has been found in PHPGurukul Zoo Management System 2.1. Affected is an unknown function of…
CVE-2025-6920
2025-07-01
MEDIUM
5.3
A flaw was found in the authentication enforcement mechanism of a model inference API in ai-inference-server. All /v1/* endpoints are…
CVE-2025-6554
2025-06-30
HIGH
8.1
Type confusion in V8 in Google Chrome prior to 138.0.7204.96 allowed a remote attacker to perform arbitrary read/write via a…
CVE-2025-6929
2025-06-30
MEDIUM
6.3
A vulnerability was found in PHPGurukul Zoo Management System 2.1. It has been rated as critical. This issue affects some…
CVE-2025-53003
2025-07-01
N/A
0.0
The Janssen Project is an open-source identity and access management (IAM) platform. Prior to version 1.8.0, the Config API returns…
CVE-2025-53005
2025-07-01
N/A
0.0
DataEase is an open source business intelligence and data visualization tool. Prior to version 2.10.11, there is a bypass vulnerability…
CVE-2025-49029
2025-07-01
CRITICAL
9.1
Improper Control of Generation of Code ('Code Injection') vulnerability in bitto.Kazi Custom Login And Signup Widget allows Code Injection.This issue…
CVE-2025-45872
2025-07-01
N/A
0.0
zrlog v3.1.5 was discovered to contain a Server-Side Request Forgery (SSRF) via the downloadUrl parameter.
CVE-2025-36582
2025-07-01
MEDIUM
4.8
Dell NetWorker, versions 19.12.0.1 and prior, contains a Selection of Less-Secure Algorithm During Negotiation ('Algorithm Downgrade') vulnerability. An unauthenticated attacker…
CVE-2024-49365
2025-07-01
N/A
0.0
tiny-secp256k1 is a tiny secp256k1 native/JS wrapper. Prior to version 1.1.7, a malicious JSON-stringifyable message can be made passing on…
CVE-2024-49364
2025-07-01
N/A
0.0
tiny-secp256k1 is a tiny secp256k1 native/JS wrapper. Prior to version 1.1.7, a private key can be extracted on signing a…
CVE-2025-6952
2025-07-01
LOW
3.3
A vulnerability, which was classified as problematic, has been found in Open5GS up to 2.7.5. This issue affects the function…
CVE-2025-6951
2025-07-01
MEDIUM
4.3
A vulnerability classified as problematic was found in SAFECAM X300 up to 20250611. This vulnerability affects unknown code of the…
CVE-2025-5314
2025-07-01
MEDIUM
6.1
The Dear Flipbook – PDF Flipbook, 3D Flipbook, PDF embed, PDF viewer plugin for WordPress is vulnerable to DOM-Based Reflected…
CVE-2025-49483
2025-07-01
MEDIUM
5.4
Improper Resource Shutdown or Release vulnerability in ASR180x 、ASR190x in tr069 modules allows Resource Leak Exposure. This vulnerability is associated…
CVE-2025-49482
2025-07-01
MEDIUM
5.4
Improper Resource Shutdown or Release vulnerability in ASR180x 、ASR190x in tr069 modules allows Resource Leak Exposure. This vulnerability is associated…
CVE-2025-49481
2025-07-01
MEDIUM
5.4
Improper Resource Shutdown or Release vulnerability in ASR180x 、ASR190x in router modules allows Resource Leak Exposure. This vulnerability is associated…
CVE-2025-49480
2025-07-01
HIGH
7.4
Out-of-bounds access in ASR180x 、ASR190x in lte-telephony, This vulnerability is associated with program files apps/lzma/src/LzmaEnc.c. This issue affects Falcon_Linux、Kestrel、Lapwing_Linux: before…
« Anterior
Página 212 de 3490
Siguiente »
Page load link
Go to Top
