Skip to content
Toggle Navigation
ISO/IEC 27001
Introducción a ISO 27001
Requisitos Normativos
ISO 27001 – GAP Analysis (Tool)
Todos el contenido
Ciberseguridad
Introducción a la ciberseguridad
Defensa de sistemas informáticos
Amenazas y tendencias
Eventos de ciberseguridad
Glosario
Todos los artículos
Vulnerabilidades CVE
Desarrollo seguro (SDLC)
Desarrollo de software seguro
Normativa y Leyes
Leyes de protección de datos
Agencias nacionales de ciberseguridad
Contacto
Vulnerabilidades CVE
Vulnerabilidades CVE
drmunozcl
2025-06-04T18:44:58-04:00
Vulnerabilidades CVE
A continuación la lista de las últimas vulnerabilidades publicadas por el instituto NIST:
Filtrar por severidad:
Todas
NONE
LOW
MEDIUM
HIGH
CRITICAL
UNKNOWN
Filtrar
CVE ID
Publicado
Severidad
CVSS
Descripción
CVE-2025-6561
2025-06-26
CRITICAL
9.8
Certain hybrid DVR models ((HBF-09KD and HBF-16NK)) from Hunt Electronic have an Exposure of Sensitive Information vulnerability, allowing unauthenticated remote…
CVE-2025-3773
2025-06-26
N/A
0.0
A sensitive information exposure vulnerability in System Information Reporter (SIR) 1.0.3 and prior allows an authenticated non-admin local user to…
CVE-2025-3771
2025-06-26
N/A
0.0
A path or symbolic link manipulation vulnerability in SIR 1.0.3 and prior versions allows an authenticated non-admin local user to…
CVE-2025-3722
2025-06-26
N/A
0.0
A path traversal vulnerability in System Information Reporter (SIR) 1.0.3 and prior allowed an authenticated high privileged user to issue…
CVE-2025-6703
2025-06-26
N/A
0.0
Improper Input Validation vulnerability in Mozilla neqo leads to an unexploitable crash..This issue affects neqo: from 0.4.24 through 0.13.2.
CVE-2025-6212
2025-06-26
HIGH
7.2
The Ultra Addons for Contact Form 7 plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the Database module…
CVE-2025-5842
2025-06-26
MEDIUM
6.4
The Modern Design Library plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘class’ parameter in all versions…
CVE-2025-5338
2025-06-26
MEDIUM
6.4
The Royal Elementor Addons plugin for WordPress is vulnerable to Stored Cross-Site Scripting via multiple widgets in all versions up…
CVE-2024-6174
2025-06-26
HIGH
8.8
When a non-x86 platform is detected, cloud-init grants root access to a hardcoded url with a local IP address. To…
CVE-2025-5459
2025-06-26
N/A
0.0
A user with specific node group editing permissions and a specially crafted class parameter could be used to execute commands…
CVE-2025-5846
2025-06-26
LOW
2.7
An issue has been discovered in GitLab EE affecting all versions from 16.10 before 17.11.5, 18.0 before 18.0.3, and 18.1…
CVE-2025-5315
2025-06-26
MEDIUM
4.3
An issue has been discovered in GitLab CE/EE affecting all versions from 17.2 before 17.11.5, 18.0 before 18.0.3, and 18.1…
CVE-2025-48497
2025-06-26
MEDIUM
4.3
Cross-site request forgery vulnerability exists in iroha Board versions v0.10.12 and earlier. If a user accesses a specially crafted URL…
CVE-2025-41404
2025-06-26
MEDIUM
4.3
Direct request ('Forced Browsing') issue exists in iroha Board versions v0.10.12 and earlier. If this vulnerability is exploited, non-public contents…
CVE-2025-3279
2025-06-26
MEDIUM
6.5
An issue has been discovered in GitLab CE/EE affecting all versions from 10.7 before 17.11.5, 18.0 before 18.0.3, and 18.1…
CVE-2025-37101
2025-06-26
HIGH
8.7
A potential security vulnerability has been identified in HPE OneView for VMware vCenter (OV4VC). This vulnerability could be exploited allowing…
CVE-2025-2938
2025-06-26
LOW
3.1
An issue has been discovered in GitLab CE/EE affecting all versions from 17.3 before 17.11.5, 18.0 before 18.0.3, and 18.1…
CVE-2025-1754
2025-06-26
MEDIUM
5.3
An issue has been discovered in GitLab CE/EE affecting all versions from 17.2 before 17.11.5, 18.0 before 18.0.3, and 18.1…
CVE-2025-6624
2025-06-26
HIGH
7.2
Versions of the package snyk before 1.1297.3 are vulnerable to Insertion of Sensitive Information into Log File through local Snyk…
CVE-2025-6546
2025-06-26
MEDIUM
6.4
The Drive Folder Embedder plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘tablecssclass’ parameter in all versions…
CVE-2025-6540
2025-06-26
MEDIUM
6.4
The web-cam plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘slug’ parameter in all versions up to,…
CVE-2025-6537
2025-06-26
MEDIUM
6.4
The Namasha By Mdesign plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘playicon_title’ parameter in all versions…
CVE-2025-5932
2025-06-26
MEDIUM
4.3
The Homerunner plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.0.29. This…
CVE-2025-5929
2025-06-26
MEDIUM
6.4
The The Countdown plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘clientId’ parameter in all versions up…
CVE-2025-5813
2025-06-26
MEDIUM
5.3
The Amazon Products to WooCommerce plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability…
CVE-2025-5275
2025-06-26
MEDIUM
4.4
The Charitable – Donation Plugin for WordPress – Fundraising with Recurring Donations & More plugin for WordPress is vulnerable to…
CVE-2025-6538
2025-06-26
MEDIUM
6.4
The Post Rating and Review plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘class’ parameter in all…
CVE-2025-6383
2025-06-26
MEDIUM
6.4
The WP-PhotoNav plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's photonav shortcode in all versions up…
CVE-2025-6378
2025-06-26
MEDIUM
6.4
The Responsive Food and Drink Menu plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's display_pdf_menus shortcode…
CVE-2025-6290
2025-06-26
MEDIUM
6.4
The Tournament Bracket Generator plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'bracket' shortcode in all…
CVE-2025-6258
2025-06-26
MEDIUM
6.4
The WP SoundSystem plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's wpsstm-track shortcode in all versions…
CVE-2025-5812
2025-06-26
MEDIUM
4.3
The VG WORT METIS plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check…
CVE-2025-5590
2025-06-26
HIGH
8.8
The Owl carousel responsive plugin for WordPress is vulnerable to time-based SQL Injection via the ‘id’ parameter in all versions…
CVE-2025-5588
2025-06-26
MEDIUM
6.4
The Image Editor by Pixo plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘download’ parameter in all…
CVE-2025-5564
2025-06-26
MEDIUM
6.4
The GC Social Wall plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'gc_social_wall' shortcode in all…
CVE-2025-5559
2025-06-26
MEDIUM
6.4
The TimeZoneCalculator plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'timezonecalculator_output' shortcode in all versions up…
CVE-2025-5540
2025-06-26
MEDIUM
6.4
The Event RSVP and Simple Event Management Plugin plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's…
CVE-2025-5535
2025-06-26
MEDIUM
6.4
The e.nigma buttons plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'button' shortcode in all versions…
CVE-2025-5488
2025-06-26
MEDIUM
6.4
The WP Masonry & Infinite Scroll plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'wmis' shortcode…
CVE-2025-4334
2025-06-26
CRITICAL
9.8
The Simple User Registration plugin for WordPress is vulnerable to Privilege Escalation in all versions up to, and including, 6.3.…
CVE-2025-3863
2025-06-26
MEDIUM
4.3
The Post Carousel Slider for Elementor plugin for WordPress is vulnerable to improper authorization due to a missing capability check…
CVE-2025-6669
2025-06-25
LOW
3.7
A vulnerability was found in gooaclok819 sublinkX up to 1.8. It has been declared as problematic. This vulnerability affects unknown…
CVE-2025-6668
2025-06-25
HIGH
7.3
A vulnerability was found in code-projects Inventory Management System 1.0. It has been classified as critical. This affects an unknown…
CVE-2025-6667
2025-06-25
MEDIUM
6.3
A vulnerability was found in code-projects Car Rental System 1.0 and classified as critical. Affected by this issue is some…
CVE-2025-6662
2025-06-25
LOW
3.3
PDF-XChange Editor PRC File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on…
CVE-2025-6661
2025-06-25
HIGH
7.8
PDF-XChange Editor App Object Use-After-Free Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected…
CVE-2025-6660
2025-06-25
HIGH
7.8
PDF-XChange Editor GIF File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary…
CVE-2025-6659
2025-06-25
HIGH
7.8
PDF-XChange Editor PRC File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code…
CVE-2025-6658
2025-06-25
LOW
3.3
PDF-XChange Editor PRC File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on…
CVE-2025-6657
2025-06-25
LOW
3.3
PDF-XChange Editor PRC File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on…
« Anterior
Página 227 de 3494
Siguiente »
Page load link
Go to Top
