Skip to content
Toggle Navigation
ISO/IEC 27001
Introducción a ISO 27001
Requisitos Normativos
ISO 27001 – GAP Analysis (Tool)
Todos el contenido
Ciberseguridad
Introducción a la ciberseguridad
Defensa de sistemas informáticos
Amenazas y tendencias
Eventos de ciberseguridad
Glosario
Todos los artículos
Vulnerabilidades CVE
Desarrollo seguro (SDLC)
Desarrollo de software seguro
Normativa y Leyes
Leyes de protección de datos
Agencias nacionales de ciberseguridad
Contacto
Vulnerabilidades CVE
Vulnerabilidades CVE
drmunozcl
2025-06-04T18:44:58-04:00
Vulnerabilidades CVE
A continuación la lista de las últimas vulnerabilidades publicadas por el instituto NIST:
Filtrar por severidad:
Todas
NONE
LOW
MEDIUM
HIGH
CRITICAL
UNKNOWN
Filtrar
CVE ID
Publicado
Severidad
CVSS
Descripción
CVE-2025-52480
2025-06-25
N/A
0.0
Registrator is a GitHub app that automates creation of registration pull requests for julia packages to the General registry. Prior…
CVE-2025-4656
2025-06-25
LOW
3.1
Vault Community and Vault Enterprise rekey and recovery key operations can lead to a denial of service due to uncontrolled…
CVE-2025-49153
2025-06-25
CRITICAL
9.8
MICROSENS NMP Web+ could allow an unauthenticated attacker to overwrite files and execute arbitrary code.
CVE-2025-49152
2025-06-25
HIGH
7.5
MICROSENS NMP Web+ contain JSON Web Tokens (JWT) that do not expire, which could allow an attacker to gain access to…
CVE-2025-49151
2025-06-25
CRITICAL
9.1
MICROSENS NMP Web+ could allow an unauthenticated attacker to generate forged JSON Web Tokens (JWT) to bypass authentication.
CVE-2025-20282
2025-06-25
CRITICAL
10.0
A vulnerability in an internal API of Cisco ISE and Cisco ISE-PIC could allow an unauthenticated, remote attacker to upload…
CVE-2025-44206
2025-06-25
MEDIUM
4.6
Hexagon HxGN OnCall Dispatch Advantage (Web) v10.2309.03.00264 and Hexagon HxGN OnCall Dispatch Advantage (Mobile) v10.2402 are vulnerable to Cross Site…
CVE-2025-6615
2025-06-25
HIGH
8.8
A vulnerability, which was classified as critical, was found in D-Link DIR-619L 2.06B01. This affects the function formAutoDetecWAN_wizard4 of the…
CVE-2025-6614
2025-06-25
HIGH
8.8
A vulnerability, which was classified as critical, has been found in D-Link DIR-619L 2.06B01. Affected by this issue is the…
CVE-2025-6612
2025-06-25
HIGH
7.3
A vulnerability was found in code-projects Inventory Management System 1.0. It has been rated as critical. This issue affects some…
CVE-2025-6611
2025-06-25
HIGH
7.3
A vulnerability was found in code-projects Inventory Management System 1.0. It has been declared as critical. This vulnerability affects unknown…
CVE-2025-52479
2025-06-25
N/A
0.0
HTTP.jl provides HTTP client and server functionality for Julia, and URIs.jl parses and works with Uniform Resource Identifiers (URIs). URIs.jl…
CVE-2025-50179
2025-06-25
MEDIUM
4.6
Tuleap is an Open Source Suite to improve management of software developments and collaboration. An attacker could use a cross-site…
CVE-2025-50178
2025-06-25
N/A
0.0
GitForge.jl is a unified interface for interacting with Git "forges." Versions prior to 0.4.3 lack input validation for user provided…
CVE-2025-49845
2025-06-25
N/A
0.0
Discourse is an open-source discussion platform. The visibility of posts typed `whisper` is controlled via the `whispers_allowed_groups` site setting. Only…
CVE-2025-25905
2025-06-25
HIGH
7.1
Cross-Site Scripting (XSS) vulnerability in CADClick v1.13.0 and before allows remote attackers to inject arbitrary web script or HTML via…
CVE-2025-20281
2025-06-25
CRITICAL
9.8
A vulnerability in a specific API of Cisco ISE and Cisco ISE-PIC could allow an unauthenticated, remote attacker to execute…
CVE-2025-20264
2025-06-25
MEDIUM
6.4
A vulnerability in the web-based management interface of Cisco Identity Services Engine (ISE) could allow an authenticated, remote attacker to…
CVE-2024-27685
2025-06-25
HIGH
7.1
SQL Injection vulnerability in Student Record system Using PHP and MySQL v.3.20 allows a remote attacker to obtain sensitive information…
CVE-2025-6610
2025-06-25
MEDIUM
4.7
A vulnerability was found in itsourcecode Employee Management System up to 1.0. It has been classified as critical. This affects…
CVE-2025-6609
2025-06-25
MEDIUM
6.3
A vulnerability was found in SourceCodester Best Salon Management System 1.0 and classified as critical. Affected by this issue is…
CVE-2025-6608
2025-06-25
MEDIUM
6.3
A vulnerability has been found in SourceCodester Best Salon Management System 1.0 and classified as critical. Affected by this vulnerability…
CVE-2025-6607
2025-06-25
MEDIUM
6.3
A vulnerability, which was classified as critical, was found in SourceCodester Best Salon Management System 1.0. Affected is an unknown…
CVE-2025-6606
2025-06-25
MEDIUM
6.3
A vulnerability, which was classified as critical, has been found in SourceCodester Best Salon Management System 1.0. This issue affects…
CVE-2025-6605
2025-06-25
MEDIUM
6.3
A vulnerability classified as critical was found in SourceCodester Best Salon Management System 1.0. This vulnerability affects unknown code of…
CVE-2025-6604
2025-06-25
MEDIUM
6.3
A vulnerability classified as critical has been found in SourceCodester Best Salon Management System 1.0. This affects an unknown part…
CVE-2025-6583
2025-06-25
MEDIUM
6.3
A vulnerability, which was classified as critical, was found in SourceCodester Best Salon Management System 1.0. This affects an unknown…
CVE-2025-6582
2025-06-25
MEDIUM
6.3
A vulnerability, which was classified as critical, has been found in SourceCodester Best Salon Management System 1.0. Affected by this…
CVE-2025-6581
2025-06-24
MEDIUM
6.3
A vulnerability classified as critical was found in SourceCodester Best Salon Management System 1.0. Affected by this vulnerability is an…
CVE-2025-6580
2025-06-24
HIGH
7.3
A vulnerability classified as critical has been found in SourceCodester Best Salon Management System 1.0. Affected is an unknown function…
CVE-2025-49135
2025-06-25
N/A
0.0
CVAT is an open source interactive video and image annotation tool for computer vision. Versions 2.2.0 through 2.39.0 have no…
CVE-2024-51984
2025-06-25
MEDIUM
6.8
An authenticated attacker can reconfigure the target device to use an external service (such as LDAP or FTP) controlled by…
CVE-2024-51983
2025-06-25
HIGH
7.5
An unauthenticated attacker who can connect to the Web Services feature (HTTP TCP port 80) can issue a WS-Scan SOAP…
CVE-2024-51982
2025-06-25
HIGH
7.5
An unauthenticated attacker who can connect to TCP port 9100 can issue a Printer Job Language (PJL) command that will…
CVE-2024-51981
2025-06-25
MEDIUM
5.3
An unauthenticated attacker may perform a blind server side request forgery (SSRF), due to a CLRF injection issue that can…
CVE-2024-51980
2025-06-25
MEDIUM
5.3
An unauthenticated attacker may perform a limited server side request forgery (SSRF), forcing the target device to open a TCP…
CVE-2021-4457
2025-06-25
N/A
0.0
The ZoomSounds plugin before 6.05 contains a PHP file allowing unauthenticated users to upload an arbitrary file anywhere on the…
CVE-2021-41691
2025-06-24
CRITICAL
9.8
A SQL injection vulnerability exists in OS4Ed Open Source Information System Community v8.0 via the "student_id" and "TRANSFER{SCHOOL]" parameters in…
CVE-2025-6570
2025-06-24
MEDIUM
6.3
A vulnerability, which was classified as critical, has been found in PHPGurukul Hospital Management System 4.0. Affected by this issue…
CVE-2025-48991
2025-06-25
MEDIUM
4.6
Tuleap is an Open Source Suite to improve management of software developments and collaboration. An attacker could use a vulnerability…
CVE-2025-48954
2025-06-25
HIGH
8.1
Discourse is an open-source discussion platform. Versions prior to 3.5.0.beta6 are vulnerable to cross-site scripting when the content security policy…
CVE-2025-41256
2025-06-25
HIGH
7.4
Cyberduck and Mountain Duck improper handle TLS certificate pinning for untrusted certificates (e.g., self-signed), since the certificate fingerprint is stored…
CVE-2025-41255
2025-06-25
HIGH
8.0
Cyberduck and Mountain Duck improperly handle TLS certificate pinning for untrusted certificates (e.g., self-signed), unnecessarily installing it to the Windows…
CVE-2024-51979
2025-06-25
HIGH
7.2
An authenticated attacker may trigger a stack based buffer overflow by performing a malformed request to either the HTTP service…
CVE-2024-51978
2025-06-25
CRITICAL
9.8
An unauthenticated attacker who knows the target device's serial number, can generate the default administrator password for the device. An…
CVE-2024-51977
2025-06-25
MEDIUM
5.3
An unauthenticated attacker who can access either the HTTP service (TCP port 80), the HTTPS service (TCP port 443), or…
CVE-2025-6543
2025-06-25
N/A
0.0
Memory overflow vulnerability leading to unintended control flow and Denial of Service in NetScaler ADC and NetScaler Gateway when configured as…
CVE-2025-25012
2025-06-25
MEDIUM
4.3
URL redirection to an untrusted site ('Open Redirect') in Kibana can lead to sending a user to an arbitrary site…
CVE-2025-6603
2025-06-25
MEDIUM
5.3
A vulnerability was found in coldfunction qCUDA up to db0085400c2f2011eed46fbc04fdc0873141688e. It has been rated as problematic. Affected by this issue…
CVE-2025-6613
2025-06-25
LOW
3.5
A vulnerability classified as problematic was found in PHPGurukul Hospital Management System 4.0. Affected by this vulnerability is an unknown…
« Anterior
Página 230 de 3495
Siguiente »
Page load link
Go to Top
