Skip to content
Toggle Navigation
ISO/IEC 27001
Introducción a ISO 27001
Requisitos Normativos
ISO 27001 – GAP Analysis (Tool)
Todos el contenido
Ciberseguridad
Introducción a la ciberseguridad
Defensa de sistemas informáticos
Amenazas y tendencias
Eventos de ciberseguridad
Glosario
Todos los artículos
Vulnerabilidades CVE
Desarrollo seguro (SDLC)
Desarrollo de software seguro
Normativa y Leyes
Leyes de protección de datos
Agencias nacionales de ciberseguridad
Contacto
Vulnerabilidades CVE
Vulnerabilidades CVE
drmunozcl
2025-06-04T18:44:58-04:00
Vulnerabilidades CVE
A continuación la lista de las últimas vulnerabilidades publicadas por el instituto NIST:
Filtrar por severidad:
Todas
NONE
LOW
MEDIUM
HIGH
CRITICAL
UNKNOWN
Filtrar
CVE ID
Publicado
Severidad
CVSS
Descripción
CVE-2025-0051
2025-06-10
N/A
0.0
Improper input validation performed during the authentication process of FlashArray could lead to a system Denial of Service.
CVE-2025-5970
2025-06-10
LOW
2.4
A vulnerability was found in PHPGurukul Restaurant Table Booking System 1.0 and classified as problematic. Affected by this issue is…
CVE-2025-5969
2025-06-10
HIGH
8.8
A vulnerability has been found in D-Link DIR-632 FW103B08 and classified as critical. Affected by this vulnerability is the function…
CVE-2025-47977
2025-06-10
HIGH
7.6
Improper neutralization of input during web page generation ('cross-site scripting') in Nuance Digital Engagement Platform allows an authorized attacker to…
CVE-2025-47969
2025-06-10
MEDIUM
4.4
Exposure of sensitive information to an unauthorized actor in Windows Hello allows an authorized attacker to disclose information locally.
CVE-2025-47968
2025-06-10
HIGH
7.8
Improper input validation in Microsoft AutoUpdate (MAU) allows an authorized attacker to elevate privileges locally.
CVE-2025-47962
2025-06-10
HIGH
7.8
Improper access control in Windows SDK allows an authorized attacker to elevate privileges locally.
CVE-2025-47957
2025-06-10
HIGH
8.4
Use after free in Microsoft Office Word allows an unauthorized attacker to execute code locally.
CVE-2025-47956
2025-06-10
MEDIUM
5.5
External control of file name or path in Windows Security App allows an authorized attacker to perform spoofing locally.
CVE-2025-47955
2025-06-10
HIGH
7.8
Improper privilege management in Windows Remote Access Connection Manager allows an authorized attacker to elevate privileges locally.
CVE-2025-47953
2025-06-10
HIGH
8.4
Use after free in Microsoft Office allows an unauthorized attacker to execute code locally.
CVE-2025-47175
2025-06-10
HIGH
7.8
Use after free in Microsoft Office PowerPoint allows an unauthorized attacker to execute code locally.
CVE-2025-47174
2025-06-10
HIGH
7.8
Heap-based buffer overflow in Microsoft Office Excel allows an unauthorized attacker to execute code locally.
CVE-2025-47173
2025-06-10
HIGH
7.8
Improper input validation in Microsoft Office allows an unauthorized attacker to execute code locally.
CVE-2025-47172
2025-06-10
HIGH
8.8
Improper neutralization of special elements used in an sql command ('sql injection') in Microsoft Office SharePoint allows an authorized attacker…
CVE-2025-47171
2025-06-10
MEDIUM
6.7
Improper input validation in Microsoft Office Outlook allows an authorized attacker to execute code locally.
CVE-2025-47170
2025-06-10
HIGH
7.8
Use after free in Microsoft Office Word allows an unauthorized attacker to execute code locally.
CVE-2025-47169
2025-06-10
HIGH
7.8
Heap-based buffer overflow in Microsoft Office Word allows an unauthorized attacker to execute code locally.
CVE-2025-47168
2025-06-10
HIGH
7.8
Use after free in Microsoft Office Word allows an unauthorized attacker to execute code locally.
CVE-2025-47167
2025-06-10
HIGH
8.4
Access of resource using incompatible type ('type confusion') in Microsoft Office allows an unauthorized attacker to execute code locally.
CVE-2025-47166
2025-06-10
HIGH
8.8
Deserialization of untrusted data in Microsoft Office SharePoint allows an authorized attacker to execute code over a network.
CVE-2025-47165
2025-06-10
HIGH
7.8
Use after free in Microsoft Office Excel allows an unauthorized attacker to execute code locally.
CVE-2025-47164
2025-06-10
HIGH
8.4
Use after free in Microsoft Office allows an unauthorized attacker to execute code locally.
CVE-2025-47163
2025-06-10
HIGH
8.8
Deserialization of untrusted data in Microsoft Office SharePoint allows an authorized attacker to execute code over a network.
CVE-2025-47162
2025-06-10
HIGH
8.4
Heap-based buffer overflow in Microsoft Office allows an unauthorized attacker to execute code locally.
CVE-2025-47160
2025-06-10
MEDIUM
5.4
Protection mechanism failure in Windows Shell allows an unauthorized attacker to bypass a security feature over a network.
CVE-2025-47108
2025-06-10
HIGH
7.8
Substance3D - Painter versions 11.0.1 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code…
CVE-2025-47106
2025-06-10
MEDIUM
5.5
InDesign Desktop versions ID20.2, ID19.5.3 and earlier are affected by a Use After Free vulnerability that could lead to disclosure…
CVE-2025-47105
2025-06-10
MEDIUM
5.5
InDesign Desktop versions ID20.2, ID19.5.3 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of…
CVE-2025-47104
2025-06-10
MEDIUM
5.5
InDesign Desktop versions ID20.2, ID19.5.3 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of…
CVE-2025-43593
2025-06-10
HIGH
7.8
InDesign Desktop versions ID20.2, ID19.5.3 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code…
CVE-2025-43590
2025-06-10
HIGH
7.8
InDesign Desktop versions ID20.2, ID19.5.3 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code…
CVE-2025-43589
2025-06-10
HIGH
7.8
InDesign Desktop versions ID20.2, ID19.5.3 and earlier are affected by a Use After Free vulnerability that could result in arbitrary…
CVE-2025-43558
2025-06-10
HIGH
7.8
InDesign Desktop versions ID20.2, ID19.5.3 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code…
CVE-2025-33112
2025-06-10
HIGH
8.4
IBM AIX 7.3 and IBM VIOS 4.1.1 Perl implementation could allow a non-privileged local user to exploit a vulnerability to…
CVE-2025-33075
2025-06-10
HIGH
7.8
Improper link resolution before file access ('link following') in Windows Installer allows an authorized attacker to elevate privileges locally.
CVE-2025-33073
2025-06-10
HIGH
8.8
Improper access control in Windows SMB allows an authorized attacker to elevate privileges over a network.
CVE-2025-33071
2025-06-10
HIGH
8.1
Use after free in Windows KDC Proxy Service (KPSSVC) allows an unauthorized attacker to execute code over a network.
CVE-2025-33070
2025-06-10
HIGH
8.1
Use of uninitialized resource in Windows Netlogon allows an unauthorized attacker to elevate privileges over a network.
CVE-2025-33069
2025-06-10
MEDIUM
5.1
Improper verification of cryptographic signature in App Control for Business (WDAC) allows an unauthorized attacker to bypass a security feature…
CVE-2025-33068
2025-06-10
HIGH
7.5
Uncontrolled resource consumption in Windows Standards-Based Storage Management Service allows an unauthorized attacker to deny service over a network.
CVE-2025-33067
2025-06-10
HIGH
8.4
Improper privilege management in Windows Kernel allows an unauthorized attacker to elevate privileges locally.
CVE-2025-33066
2025-06-10
HIGH
8.8
Heap-based buffer overflow in Windows Routing and Remote Access Service (RRAS) allows an unauthorized attacker to execute code over a…
CVE-2025-33065
2025-06-10
MEDIUM
5.5
Out-of-bounds read in Windows Storage Management Provider allows an authorized attacker to disclose information locally.
CVE-2025-33064
2025-06-10
HIGH
8.8
Heap-based buffer overflow in Windows Routing and Remote Access Service (RRAS) allows an authorized attacker to execute code over a…
CVE-2025-33063
2025-06-10
MEDIUM
5.5
Out-of-bounds read in Windows Storage Management Provider allows an authorized attacker to disclose information locally.
CVE-2025-33062
2025-06-10
MEDIUM
5.5
Out-of-bounds read in Windows Storage Management Provider allows an authorized attacker to disclose information locally.
CVE-2025-33061
2025-06-10
MEDIUM
5.5
Out-of-bounds read in Windows Storage Management Provider allows an authorized attacker to disclose information locally.
CVE-2025-33060
2025-06-10
MEDIUM
5.5
Out-of-bounds read in Windows Storage Management Provider allows an authorized attacker to disclose information locally.
CVE-2025-33059
2025-06-10
MEDIUM
5.5
Out-of-bounds read in Windows Storage Management Provider allows an authorized attacker to disclose information locally.
« Anterior
Página 277 de 3503
Siguiente »
Page load link
Go to Top
