Skip to content
Toggle Navigation
ISO/IEC 27001
Introducción a ISO 27001
Requisitos Normativos
ISO 27001 – GAP Analysis (Tool)
Todos el contenido
Ciberseguridad
Introducción a la ciberseguridad
Defensa de sistemas informáticos
Amenazas y tendencias
Eventos de ciberseguridad
Glosario
Todos los artículos
Vulnerabilidades CVE
Desarrollo seguro (SDLC)
Desarrollo de software seguro
Normativa y Leyes
Leyes de protección de datos
Agencias nacionales de ciberseguridad
Contacto
Vulnerabilidades CVE
Vulnerabilidades CVE
drmunozcl
2025-06-04T18:44:58-04:00
Vulnerabilidades CVE
A continuación la lista de las últimas vulnerabilidades publicadas por el instituto NIST:
Filtrar por severidad:
Todas
NONE
LOW
MEDIUM
HIGH
CRITICAL
UNKNOWN
Filtrar
CVE ID
Publicado
Severidad
CVSS
Descripción
CVE-2025-33050
2025-06-10
HIGH
7.5
Protection mechanism failure in Windows DHCP Server allows an unauthorized attacker to deny service over a network.
CVE-2025-32725
2025-06-10
HIGH
7.5
Protection mechanism failure in Windows DHCP Server allows an unauthorized attacker to deny service over a network.
CVE-2025-32724
2025-06-10
HIGH
7.5
Uncontrolled resource consumption in Windows Local Security Authority Subsystem Service (LSASS) allows an unauthorized attacker to deny service over a…
CVE-2025-32722
2025-06-10
MEDIUM
5.5
Improper access control in Windows Storage Port Driver allows an authorized attacker to disclose information locally.
CVE-2025-32721
2025-06-10
HIGH
7.3
Improper link resolution before file access ('link following') in Windows Recovery Driver allows an authorized attacker to elevate privileges locally.
CVE-2025-32720
2025-06-10
MEDIUM
5.5
Out-of-bounds read in Windows Storage Management Provider allows an authorized attacker to disclose information locally.
CVE-2025-32719
2025-06-10
MEDIUM
5.5
Out-of-bounds read in Windows Storage Management Provider allows an authorized attacker to disclose information locally.
CVE-2025-32718
2025-06-10
HIGH
7.8
Integer overflow or wraparound in Windows SMB allows an authorized attacker to elevate privileges locally.
CVE-2025-32716
2025-06-10
HIGH
7.8
Out-of-bounds read in Windows Media allows an authorized attacker to elevate privileges locally.
CVE-2025-32715
2025-06-10
MEDIUM
6.5
Out-of-bounds read in Remote Desktop Client allows an unauthorized attacker to disclose information over a network.
CVE-2025-32714
2025-06-10
HIGH
7.8
Improper access control in Windows Installer allows an authorized attacker to elevate privileges locally.
CVE-2025-32713
2025-06-10
HIGH
7.8
Heap-based buffer overflow in Windows Common Log File System Driver allows an authorized attacker to elevate privileges locally.
CVE-2025-32712
2025-06-10
HIGH
7.8
Use after free in Windows Win32K - GRFX allows an authorized attacker to elevate privileges locally.
CVE-2025-32710
2025-06-10
HIGH
8.1
Use after free in Windows Remote Desktop Services allows an unauthorized attacker to execute code over a network.
CVE-2025-31104
2025-06-10
HIGH
7.2
An Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability [CWE-78] in FortiADC 7.6.0 through…
CVE-2025-30321
2025-06-10
MEDIUM
5.5
InDesign Desktop versions ID20.2, ID19.5.3 and earlier are affected by a NULL Pointer Dereference vulnerability that could lead to application…
CVE-2025-30317
2025-06-10
HIGH
7.8
InDesign Desktop versions ID20.2, ID19.5.3 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary…
CVE-2025-29828
2025-06-10
HIGH
8.1
Missing release of memory after effective lifetime in Windows Cryptographic Services allows an unauthorized attacker to execute code over a…
CVE-2025-25250
2025-06-10
MEDIUM
4.3
An Exposure of Sensitive Information to an Unauthorized Actor vulnerability [CWE-200] in FortiOS version 7.6.0, version 7.4.7 and below, 7.2…
CVE-2025-24471
2025-06-10
MEDIUM
6.5
An Improper Certificate Validation vulnerability [CWE-295] in FortiOS version 7.6.1 and below, version 7.4.7 and below may allow an EAP verified…
CVE-2025-24069
2025-06-10
MEDIUM
5.5
Out-of-bounds read in Windows Storage Management Provider allows an authorized attacker to disclose information locally.
CVE-2025-24068
2025-06-10
MEDIUM
5.5
Buffer over-read in Windows Storage Management Provider allows an authorized attacker to disclose information locally.
CVE-2025-24065
2025-06-10
MEDIUM
5.5
Out-of-bounds read in Windows Storage Management Provider allows an authorized attacker to disclose information locally.
CVE-2025-22256
2025-06-10
MEDIUM
6.3
A improper handling of insufficient permissions or privileges in Fortinet FortiPAM 1.4.0 through 1.4.1, 1.3.0, 1.2.0, 1.1.0 through 1.1.2, 1.0.0…
CVE-2025-22254
2025-06-10
MEDIUM
6.6
An Improper Privilege Management vulnerability [CWE-269] affecting Fortinet FortiOS version 7.6.0 through 7.6.1, 7.4.0 through 7.4.6, 7.2.0 through 7.2.10, 7.0.0…
CVE-2025-22251
2025-06-10
LOW
3.1
An improper restriction of communication channel to intended endpoints vulnerability [CWE-923] in FortiOS 7.6.0, 7.4.0 through 7.4.5, 7.2 all versions,…
CVE-2024-57189
2025-06-10
N/A
0.0
In Erxes
CVE-2024-57186
2025-06-10
N/A
0.0
In Erxes
CVE-2024-54019
2025-06-10
MEDIUM
4.8
A improper validation of certificate with host mismatch in Fortinet FortiClientWindows version 7.4.0, versions 7.2.0 through 7.2.6, and 7.0 all…
CVE-2024-50568
2025-06-10
MEDIUM
5.9
A channel accessible by non-endpoint vulnerability [CWE-300] in Fortinet FortiOS version 7.4.0 through 7.4.3, 7.2.0 through 7.2.7 and before 7.0.14…
CVE-2024-50562
2025-06-10
MEDIUM
4.8
An Insufficient Session Expiration vulnerability [CWE-613] in FortiOS SSL-VPN version 7.6.0, version 7.4.6 and below, version 7.2.10 and below, 7.0…
CVE-2024-45329
2025-06-10
MEDIUM
4.3
A authorization bypass through user-controlled key in Fortinet FortiPortal versions 7.4.0, versions 7.2.0 through 7.2.5, and versions 7.0.0 through 7.0.8…
CVE-2024-43706
2025-06-10
HIGH
7.6
Improper authorization in Kibana can lead to privilege abuse via a direct HTTP request to a Synthetic monitor endpoint.
CVE-2024-32119
2025-06-10
MEDIUM
4.8
An improper authentication vulnerability [CWE-287] in Fortinet FortiClientEMS version 7.4.0 and before 7.2.4 allows an unauthenticated attacker with the knowledge…
CVE-2023-48786
2025-06-10
MEDIUM
4.3
A server-side request forgery vulnerability [CWE-918] in Fortinet FortiClientEMS version 7.4.0 through 7.4.2 and before 7.2.6 may allow an authenticated…
CVE-2023-29184
2025-06-10
LOW
3.2
An incomplete cleanup vulnerability [CWE-459] in FortiOS 7.2 all versions and before & FortiProxy version 7.2.0 through 7.2.2 and before…
CVE-2023-20599
2025-06-10
HIGH
7.9
Improper register access control in ASP may allow a privileged attacker to perform unauthorized access to ASP’s Crypto Co-Processor (CCP)…
CVE-2025-5952
2025-06-10
HIGH
7.3
A vulnerability, which was classified as critical, has been found in Zend.To up to 6.10-6 Beta. This issue affects the…
CVE-2025-5910
2025-06-10
HIGH
8.8
A vulnerability has been found in TOTOLINK EX1200T up to 4.1.2cu.5232_B20210713 and classified as critical. Affected by this vulnerability is…
CVE-2025-5909
2025-06-10
HIGH
8.8
A vulnerability, which was classified as critical, was found in TOTOLINK EX1200T up to 4.1.2cu.5232_B20210713. Affected is an unknown function…
CVE-2025-5908
2025-06-10
HIGH
8.8
A vulnerability, which was classified as critical, has been found in TOTOLINK EX1200T up to 4.1.2cu.5232_B20210713. This issue affects some…
CVE-2025-5907
2025-06-10
HIGH
8.8
A vulnerability classified as critical was found in TOTOLINK EX1200T up to 4.1.2cu.5232_B20210713. This vulnerability affects unknown code of the…
CVE-2025-5914
2025-06-09
LOW
3.9
A vulnerability has been identified in the libarchive library, specifically within the archive_read_format_rar_seek_data() function. This flaw involves an integer overflow…
CVE-2025-5906
2025-06-10
HIGH
7.3
A vulnerability classified as critical has been found in code-projects Laundry System 1.0. This affects an unknown part of the…
CVE-2025-5905
2025-06-10
HIGH
8.8
A vulnerability was found in TOTOLINK T10 4.1.8cu.5207. It has been rated as critical. Affected by this issue is the…
CVE-2025-5904
2025-06-10
HIGH
8.8
A vulnerability was found in TOTOLINK T10 4.1.8cu.5207. It has been declared as critical. Affected by this vulnerability is the…
CVE-2025-5903
2025-06-10
HIGH
8.8
A vulnerability was found in TOTOLINK T10 4.1.8cu.5207. It has been classified as critical. Affected is the function setWiFiAclRules of…
CVE-2025-5902
2025-06-09
HIGH
8.8
A vulnerability was found in TOTOLINK T10 4.1.8cu.5207 and classified as critical. This issue affects the function setUpgradeFW of the…
CVE-2025-5901
2025-06-09
HIGH
8.8
A vulnerability has been found in TOTOLINK T10 4.1.8cu.5207 and classified as critical. This vulnerability affects the function UploadCustomModule of…
CVE-2025-5900
2025-06-09
MEDIUM
4.3
A vulnerability, which was classified as problematic, was found in Tenda AC9 15.03.02.13. This affects an unknown part. The manipulation…
« Anterior
Página 271 de 3496
Siguiente »
Page load link
Go to Top
