Skip to content
Toggle Navigation
ISO/IEC 27001
Introducción a ISO 27001
Requisitos Normativos
ISO 27001 – GAP Analysis (Tool)
Todos el contenido
Ciberseguridad
Introducción a la ciberseguridad
Defensa de sistemas informáticos
Amenazas y tendencias
Eventos de ciberseguridad
Glosario
Todos los artículos
Vulnerabilidades CVE
Desarrollo seguro (SDLC)
Desarrollo de software seguro
Normativa y Leyes
Leyes de protección de datos
Agencias nacionales de ciberseguridad
Contacto
Vulnerabilidades CVE
Vulnerabilidades CVE
drmunozcl
2025-06-04T18:44:58-04:00
Vulnerabilidades CVE
A continuación la lista de las últimas vulnerabilidades publicadas por el instituto NIST:
Filtrar por severidad:
Todas
NONE
LOW
MEDIUM
HIGH
CRITICAL
UNKNOWN
Filtrar
CVE ID
Publicado
Severidad
CVSS
Descripción
CVE-2025-38011
2025-06-18
N/A
0.0
In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: csa unmap use uninterruptible lock After process exit to…
CVE-2025-38010
2025-06-18
N/A
0.0
In the Linux kernel, the following vulnerability has been resolved: phy: tegra: xusb: Use a bitmask for UTMI pad power…
CVE-2025-38009
2025-06-18
N/A
0.0
In the Linux kernel, the following vulnerability has been resolved: wifi: mt76: disable napi on driver removal A warning on…
CVE-2025-38008
2025-06-18
N/A
0.0
In the Linux kernel, the following vulnerability has been resolved: mm/page_alloc: fix race condition in unaccepted memory handling The page…
CVE-2025-38007
2025-06-18
N/A
0.0
In the Linux kernel, the following vulnerability has been resolved: HID: uclogic: Add NULL check in uclogic_input_configured() devm_kasprintf() returns NULL…
CVE-2025-38006
2025-06-18
N/A
0.0
In the Linux kernel, the following vulnerability has been resolved: net: mctp: Don't access ifa_index when missing In mctp_dump_addrinfo, ifa_index…
CVE-2025-38005
2025-06-18
N/A
0.0
In the Linux kernel, the following vulnerability has been resolved: dmaengine: ti: k3-udma: Add missing locking Recent kernels complain about…
CVE-2025-23999
2025-06-18
MEDIUM
4.3
Missing Authorization vulnerability in Cloudways Breeze allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Breeze: from n/a through…
CVE-2025-1088
2025-06-18
LOW
2.7
In Grafana, an excessively long dashboard title or panel name will cause Chromium browsers to become unresponsive due to Improper…
CVE-2025-5981
2025-06-18
N/A
0.0
Arbitrary file write as the OSV-SCALIBR user on the host system via a path traversal vulnerability when using OSV-SCALIBR's unpack() function…
CVE-2025-1562
2025-06-18
CRITICAL
9.8
The Recover WooCommerce Cart Abandonment, Newsletter, Email Marketing, Marketing Automation By FunnelKit plugin for WordPress is vulnerable to unauthorized arbitrary…
CVE-2025-51381
2025-06-18
CRITICAL
9.8
An authentication bypass vulnerability exists in KCM3100 Ver1.4.2 and earlier. If this vulnerability is exploited, an attacker may bypass the…
CVE-2025-50202
2025-06-18
HIGH
7.5
Lychee is a free photo-management tool. In versions starting from 6.6.6 to before 6.6.10, an attacker can leak local files…
CVE-2025-4413
2025-06-18
HIGH
8.8
The Pixabay Images plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the…
CVE-2025-23252
2025-06-18
MEDIUM
4.5
The NVIDIA NVDebug tool contains a vulnerability that may allow an actor to gain access to restricted components. A successful…
CVE-2025-49149
2025-06-17
N/A
0.0
Dify is an open-source LLM app development platform. In version 1.2.0, there is insufficient filtering of user input by web…
CVE-2025-49825
2025-06-17
CRITICAL
9.8
Teleport provides connectivity, authentication, access controls and audit for infrastructure. Community Edition versions before and including 17.5.1 are vulnerable to…
CVE-2025-49593
2025-06-17
MEDIUM
6.8
Portainer Community Edition is a lightweight service delivery platform for containerized applications that can be used to manage Docker, Swarm,…
CVE-2025-49843
2025-06-17
N/A
0.0
conda-smithy is a tool for combining a conda recipe with configurations to build using freely hosted CI services into a…
CVE-2025-49824
2025-06-17
N/A
0.0
conda-smithy is a tool for combining a conda recipe with configurations to build using freely hosted CI services into a…
CVE-2025-49385
2025-06-17
HIGH
7.8
Trend Micro Security 17.8 (Consumer) is vulnerable to a link following local privilege escalation vulnerability that could allow a local…
CVE-2025-49384
2025-06-17
HIGH
7.8
Trend Micro Security 17.8 (Consumer) is vulnerable to a link following local privilege escalation vulnerability that could allow a local…
CVE-2025-49218
2025-06-17
HIGH
7.7
A post-auth SQL injection vulnerability in the Trend Micro Endpoint Encryption PolicyServer could allow an attacker to escalate privileges on…
CVE-2025-49217
2025-06-17
CRITICAL
9.8
An insecure deserialization operation in the Trend Micro Endpoint Encryption PolicyServer could lead to a pre-authentication remote code execution on…
CVE-2025-49216
2025-06-17
CRITICAL
9.8
An authentication bypass vulnerability in the Trend Micro Endpoint Encryption PolicyServer could allow an attacker to access key methods as…
CVE-2025-49215
2025-06-17
HIGH
8.8
A post-auth SQL injection vulnerability in the Trend Micro Endpoint Encryption PolicyServer could allow an attacker to escalate privileges on…
CVE-2025-49214
2025-06-17
HIGH
8.8
An insecure deserialization operation in the Trend Micro Endpoint Encryption PolicyServer could lead to a post-authentication remote code execution on…
CVE-2025-49213
2025-06-17
CRITICAL
9.8
An insecure deserialization operation in the Trend Micro Endpoint Encryption PolicyServer could lead to a pre-authentication remote code execution on…
CVE-2025-49212
2025-06-17
CRITICAL
9.8
An insecure deserialization operation in the Trend Micro Endpoint Encryption PolicyServer could lead to a pre-authentication remote code execution on…
CVE-2025-38046
2025-06-18
N/A
0.0
Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.
CVE-2025-38026
2025-06-18
N/A
0.0
Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.
CVE-2025-5141
2025-06-17
MEDIUM
5.5
A binary in the BoKS Server Agent component of Fortra's Core Privileged Access Manager (BoKS) on versions 7.2.0 (up to…
CVE-2025-49847
2025-06-17
HIGH
8.8
llama.cpp is an inference of several LLM models in C/C++. Prior to version b5662, an attacker‐supplied GGUF model vocabulary can…
CVE-2025-45526
2025-06-17
N/A
0.0
A denial of service (DoS) vulnerability has been identified in the JavaScript library microlight version 0.0.7. This library, used for…
CVE-2025-30680
2025-06-17
HIGH
7.1
A Server-side Request Forgery (SSRF) vulnerability in Trend Micro Apex Central (SaaS) could allow an attacker to manipulate certain parameters…
CVE-2025-30679
2025-06-17
MEDIUM
6.5
A Server-side Request Forgery (SSRF) vulnerability in Trend Micro Apex Central (on-premise) modOSCE component could allow an attacker to manipulate…
CVE-2025-30678
2025-06-17
MEDIUM
6.5
A Server-side Request Forgery (SSRF) vulnerability in Trend Micro Apex Central (on-premise) modTMSM component could allow an attacker to manipulate…
CVE-2025-49850
2025-06-17
N/A
0.0
A Heap-based Buffer Overflow vulnerability exists within the parsing of PRJ files. The issues result from the lack of proper…
CVE-2025-49849
2025-06-17
N/A
0.0
An Out-of-bounds Read vulnerability exists within the parsing of PRJ files. The issues result from the lack of proper validation…
CVE-2025-49848
2025-06-17
N/A
0.0
An Out-of-bounds Write vulnerability exists within the parsing of PRJ files. The issues result from the lack of proper validation…
CVE-2025-49487
2025-06-17
MEDIUM
6.8
An uncontrolled search path vulnerability in the Trend Micro Worry-Free Business Security Services (WFBSS) agent could have allowed an attacker…
CVE-2025-49158
2025-06-17
MEDIUM
6.7
An uncontrolled search path vulnerability in the Trend Micro Apex One security agent could allow a local attacker to escalation…
CVE-2025-49157
2025-06-17
HIGH
7.8
A link following vulnerability in the Trend Micro Apex One Damage Cleanup Engine could allow a local attacker to escalation…
CVE-2025-49156
2025-06-17
HIGH
7.0
A link following vulnerability in the Trend Micro Apex One scan engine could allow a local attacker to escalation privileges…
CVE-2025-49155
2025-06-17
HIGH
8.8
An uncontrolled search path vulnerability in the Trend Micro Apex One Data Loss Prevention module could allow an attacker to…
CVE-2025-49154
2025-06-17
HIGH
8.7
An insecure access control vulnerability in Trend Micro Apex One and Trend Micro Worry-Free Business Security could allow a local…
CVE-2025-34511
2025-06-17
HIGH
8.8
Sitecore PowerShell Extensions, an add-on to Sitecore Experience Manager (XM) and Experience Platform (XP), through version 7.0 is vulnerable to…
CVE-2025-34510
2025-06-17
HIGH
8.8
Sitecore Experience Manager (XM), Experience Platform (XP), and Experience Commerce (XC) versions 9.0 through 9.3 and 10.0 through 10.4 are…
CVE-2025-34509
2025-06-17
HIGH
8.2
Sitecore Experience Manager (XM) and Experience Platform (XP) versions 10.1 to 10.1.4 rev. 011974 PRE, all versions of 10.2, 10.3…
CVE-2025-49220
2025-06-17
CRITICAL
9.8
An insecure deserialization operation in Trend Micro Apex Central below version 8.0.7007 could lead to a pre-authentication remote code execution…
« Anterior
Página 251 de 3495
Siguiente »
Page load link
Go to Top
