Skip to content
Toggle Navigation
ISO/IEC 27001
Introducción a ISO 27001
Requisitos Normativos
ISO 27001 – GAP Analysis (Tool)
Todos el contenido
Ciberseguridad
Introducción a la ciberseguridad
Defensa de sistemas informáticos
Amenazas y tendencias
Eventos de ciberseguridad
Glosario
Todos los artículos
Vulnerabilidades CVE
Desarrollo seguro (SDLC)
Desarrollo de software seguro
Normativa y Leyes
Leyes de protección de datos
Agencias nacionales de ciberseguridad
Contacto
Vulnerabilidades CVE
Vulnerabilidades CVE
drmunozcl
2025-06-04T18:44:58-04:00
Vulnerabilidades CVE
A continuación la lista de las últimas vulnerabilidades publicadas por el instituto NIST:
Filtrar por severidad:
Todas
NONE
LOW
MEDIUM
HIGH
CRITICAL
UNKNOWN
Filtrar
CVE ID
Publicado
Severidad
CVSS
Descripción
CVE-2025-52995
2025-06-30
HIGH
8.0
File Browser provides a file managing interface within a specified directory and it can be used to upload, delete, preview,…
CVE-2025-52901
2025-06-30
MEDIUM
4.5
File Browser provides a file managing interface within a specified directory and it can be used to upload, delete, preview,…
CVE-2025-52491
2025-06-30
MEDIUM
5.8
Akamai CloudTest before 60 2025.06.09 (12989) allows SSRF.
CVE-2025-49493
2025-06-30
MEDIUM
5.8
Akamai CloudTest before 60 2025.06.02 (12988) allows file inclusion via XML External Entity (XXE) injection.
CVE-2024-53621
2025-06-30
HIGH
7.5
A buffer overflow in the formSetCfm() function of Tenda AC1206 1200M 11ac US_AC1206V1.0RTL_V15.03.06.23_multi_TD01 allows attackers to cause a Denial of…
CVE-2023-47310
2025-06-30
MEDIUM
6.5
A misconfiguration in the default settings of MikroTik RouterOS 7 and fixed in v7.14 allows incoming IPv6 UDP traceroute packets.
CVE-2025-6925
2025-06-30
MEDIUM
5.3
A vulnerability has been found in Dromara RuoYi-Vue-Plus 5.4.0 and classified as critical. Affected by this vulnerability is an unknown…
CVE-2025-5730
2025-06-30
MEDIUM
4.3
The Contact Form Plugin WordPress plugin before 1.1.29 does not sanitise and escape some of its settings, which could allow…
CVE-2025-45931
2025-06-30
CRITICAL
9.8
An issue D-Link DIR-816-A2 DIR-816A2_FWv1.10CNB05_R1B011D88210 allows a remote attacker to execute arbitrary code via system() function in the bin/goahead file
CVE-2025-36593
2025-06-30
HIGH
8.8
Dell OpenManage Network Integration, versions prior to 3.8, contains an Authentication Bypass by Capture-replay vulnerability in the RADIUS protocol. An…
CVE-2025-45143
2025-06-30
HIGH
7.0
string-math v1.2.2 was discovered to contain a Regex Denial of Service (ReDoS) which is exploited via a crafted input.
CVE-2025-3745
2025-06-30
MEDIUM
6.3
The WP Lightbox 2 WordPress plugin before 3.0.6.8 does not correctly sanitize the value of the title attribute of links…
CVE-2025-26074
2025-06-30
CRITICAL
9.8
Orkes Conductor v3.21.11 allows remote attackers to execute arbitrary OS commands through unrestricted access to Java classes.
CVE-2025-6917
2025-06-30
HIGH
7.3
A vulnerability has been found in code-projects Online Hotel Booking 1.0 and classified as critical. This vulnerability affects unknown code…
CVE-2025-52898
2025-06-30
N/A
0.0
Frappe is a full-stack web application framework. Prior to versions 14.94.3 and 15.58.0, a carefully crafted request could lead to…
CVE-2025-6915
2025-06-30
MEDIUM
6.3
A vulnerability, which was classified as critical, has been found in PHPGurukul Student Record System 3.2. Affected by this issue…
CVE-2025-52896
2025-06-30
N/A
0.0
Frappe is a full-stack web application framework. Prior to versions 14.94.2 and 15.57.0, authenticated users could upload carefully crafted malicious…
CVE-2025-52895
2025-06-30
N/A
0.0
Frappe is a full-stack web application framework. Prior to versions 14.94.3 and 15.58.0, SQL injection could be achieved via a…
CVE-2025-47871
2025-06-30
MEDIUM
4.3
Mattermost versions 10.5.x
CVE-2025-46702
2025-06-30
MEDIUM
5.4
Mattermost versions 10.5.x
CVE-2025-6914
2025-06-30
MEDIUM
6.3
A vulnerability classified as critical was found in PHPGurukul Student Record System 3.2. Affected by this vulnerability is an unknown…
CVE-2025-6913
2025-06-30
MEDIUM
6.3
A vulnerability classified as critical has been found in PHPGurukul Student Record System 3.2. Affected is an unknown function of…
CVE-2024-12915
2025-06-30
MEDIUM
4.6
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Devinim Software Library Software allows Reflected…
CVE-2025-6912
2025-06-30
MEDIUM
6.3
A vulnerability was found in PHPGurukul Student Record System 3.2. It has been rated as critical. This issue affects some…
CVE-2025-6911
2025-06-30
MEDIUM
6.3
A vulnerability was found in PHPGurukul Student Record System 3.2. It has been declared as critical. This vulnerability affects unknown…
CVE-2025-2895
2025-06-30
MEDIUM
5.4
IBM Cloud Pak System 2.3.3.6, 2.3.36 iFix1, 2.3.3.7, 2.3.3.7 iFix1, 2.3.4.0, 2.3.4.1, and 2.3.4.1 iFix1 is vulnerable to HTML injection.…
CVE-2025-6910
2025-06-30
MEDIUM
6.3
A vulnerability was found in PHPGurukul Student Record System 3.2. It has been classified as critical. This affects an unknown…
CVE-2025-6909
2025-06-30
MEDIUM
6.3
A vulnerability has been found in PHPGurukul Old Age Home Management System 1.0 and classified as critical. Affected by this…
CVE-2025-6908
2025-06-30
MEDIUM
6.3
A vulnerability, which was classified as critical, was found in PHPGurukul Old Age Home Management System 1.0. Affected is an…
CVE-2025-6907
2025-06-30
HIGH
7.3
A vulnerability classified as critical was found in code-projects Car Rental System 1.0. This vulnerability affects unknown code of the…
CVE-2025-6906
2025-06-30
HIGH
7.3
A vulnerability classified as critical has been found in code-projects Car Rental System 1.0. This affects an unknown part of…
CVE-2025-6905
2025-06-30
HIGH
7.3
A vulnerability, which was classified as critical, has been found in code-projects Car Rental System 1.0. This issue affects some…
CVE-2025-4407
2025-06-30
MEDIUM
6.7
Insufficient Session Expiration vulnerability in ABB Lite Panel Pro.This issue affects Lite Panel Pro: through 1.0.1.
CVE-2025-6904
2025-06-30
HIGH
7.3
A vulnerability was found in code-projects Car Rental System 1.0. It has been rated as critical. Affected by this issue…
CVE-2025-6903
2025-06-30
HIGH
7.3
A vulnerability was found in code-projects Car Rental System 1.0. It has been declared as critical. Affected by this vulnerability…
CVE-2025-40710
2025-06-30
N/A
0.0
Host Header Injection (HHI) vulnerability in the Hotspot Shield VPN client, which can induce unexpected behaviour when accessing third-party web…
CVE-2025-6902
2025-06-30
HIGH
7.3
A vulnerability was found in code-projects Inventory Management System 1.0. It has been classified as critical. Affected is an unknown…
CVE-2025-6901
2025-06-30
HIGH
7.3
A vulnerability was found in code-projects Inventory Management System 1.0 and classified as critical. This issue affects some unknown processing…
CVE-2025-41439
2025-06-30
MEDIUM
6.1
A reflected cross-site scripting vulnerability via a specific parameter exists in SLNX Help Documentation of RICOH Streamline NX. If this…
CVE-2024-8419
2025-06-30
HIGH
7.5
The endpoint hosts a script that allows an unauthorized remote attacker to put the system in a fail-safe state over…
CVE-2025-6900
2025-06-30
MEDIUM
6.3
A vulnerability has been found in code-projects Library System 1.0 and classified as critical. This vulnerability affects unknown code of…
CVE-2025-6899
2025-06-30
MEDIUM
6.3
A vulnerability, which was classified as critical, was found in D-Link DI-7300G+ and DI-8200G 17.12.20A1/19.12.25A1. This affects an unknown part…
CVE-2025-53415
2025-06-30
HIGH
7.8
Delta Electronics DTM Soft Project File Parsing Deserialization of Untrusted Data Remote Code Execution
CVE-2025-40734
2025-06-30
N/A
0.0
Reflected Cross-Site Scripting (XSS) vulnerability in Daily Expense Manager v1.0. This vulnerability allows an attacker to execute JavaScript code by…
CVE-2025-40733
2025-06-30
N/A
0.0
Reflected Cross-Site Scripting (XSS) vulnerability in Daily Expense Manager v1.0. This vulnerability allows an attacker to execute JavaScript code by…
CVE-2025-40732
2025-06-30
N/A
0.0
user enumeration vulnerability in Daily Expense Manager v1.0. To exploit this vulnerability a POST request must be sent using the…
CVE-2025-40731
2025-06-30
N/A
0.0
SQL injection vulnerability in Daily Expense Manager v1.0. This vulnerability allows an attacker to retrieve, create, update and delete databases…
CVE-2025-6898
2025-06-30
MEDIUM
6.3
A vulnerability, which was classified as critical, has been found in D-Link DI-7300G+ 19.12.25A1. Affected by this issue is some…
CVE-2025-6897
2025-06-30
MEDIUM
5.5
A vulnerability classified as critical was found in D-Link DI-7300G+ 19.12.25A1. Affected by this vulnerability is an unknown functionality of…
CVE-2025-38090
2025-06-30
N/A
0.0
In the Linux kernel, the following vulnerability has been resolved: drivers/rapidio/rio_cm.c: prevent possible heap overwrite In riocm_cdev_ioctl(RIO_CM_CHAN_SEND) -> cm_chan_msg_send() ->…
« Anterior
Página 215 de 3492
Siguiente »
Page load link
Go to Top
