Skip to content
Toggle Navigation
ISO/IEC 27001
Introducción a ISO 27001
Requisitos Normativos
ISO 27001 – GAP Analysis (Tool)
Todos el contenido
Ciberseguridad
Introducción a la ciberseguridad
Defensa de sistemas informáticos
Amenazas y tendencias
Eventos de ciberseguridad
Glosario
Todos los artículos
Vulnerabilidades CVE
Desarrollo seguro (SDLC)
Desarrollo de software seguro
Normativa y Leyes
Leyes de protección de datos
Agencias nacionales de ciberseguridad
Contacto
Vulnerabilidades CVE
Vulnerabilidades CVE
drmunozcl
2025-06-04T18:44:58-04:00
Vulnerabilidades CVE
A continuación la lista de las últimas vulnerabilidades publicadas por el instituto NIST:
Filtrar por severidad:
Todas
NONE
LOW
MEDIUM
HIGH
CRITICAL
UNKNOWN
Filtrar
CVE ID
Publicado
Severidad
CVSS
Descripción
CVE-2025-47162
2025-06-10
HIGH
8.4
Heap-based buffer overflow in Microsoft Office allows an unauthorized attacker to execute code locally.
CVE-2025-47160
2025-06-10
MEDIUM
5.4
Protection mechanism failure in Windows Shell allows an unauthorized attacker to bypass a security feature over a network.
CVE-2025-47108
2025-06-10
HIGH
7.8
Substance3D - Painter versions 11.0.1 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code…
CVE-2025-47106
2025-06-10
MEDIUM
5.5
InDesign Desktop versions ID20.2, ID19.5.3 and earlier are affected by a Use After Free vulnerability that could lead to disclosure…
CVE-2025-47105
2025-06-10
MEDIUM
5.5
InDesign Desktop versions ID20.2, ID19.5.3 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of…
CVE-2025-47104
2025-06-10
MEDIUM
5.5
InDesign Desktop versions ID20.2, ID19.5.3 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of…
CVE-2025-43593
2025-06-10
HIGH
7.8
InDesign Desktop versions ID20.2, ID19.5.3 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code…
CVE-2025-43590
2025-06-10
HIGH
7.8
InDesign Desktop versions ID20.2, ID19.5.3 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code…
CVE-2025-43589
2025-06-10
HIGH
7.8
InDesign Desktop versions ID20.2, ID19.5.3 and earlier are affected by a Use After Free vulnerability that could result in arbitrary…
CVE-2025-43558
2025-06-10
HIGH
7.8
InDesign Desktop versions ID20.2, ID19.5.3 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code…
CVE-2025-33112
2025-06-10
HIGH
8.4
IBM AIX 7.3 and IBM VIOS 4.1.1 Perl implementation could allow a non-privileged local user to exploit a vulnerability to…
CVE-2025-33075
2025-06-10
HIGH
7.8
Improper link resolution before file access ('link following') in Windows Installer allows an authorized attacker to elevate privileges locally.
CVE-2025-33073
2025-06-10
HIGH
8.8
Improper access control in Windows SMB allows an authorized attacker to elevate privileges over a network.
CVE-2025-33071
2025-06-10
HIGH
8.1
Use after free in Windows KDC Proxy Service (KPSSVC) allows an unauthorized attacker to execute code over a network.
CVE-2025-33070
2025-06-10
HIGH
8.1
Use of uninitialized resource in Windows Netlogon allows an unauthorized attacker to elevate privileges over a network.
CVE-2025-33069
2025-06-10
MEDIUM
5.1
Improper verification of cryptographic signature in App Control for Business (WDAC) allows an unauthorized attacker to bypass a security feature…
CVE-2025-33068
2025-06-10
HIGH
7.5
Uncontrolled resource consumption in Windows Standards-Based Storage Management Service allows an unauthorized attacker to deny service over a network.
CVE-2025-33067
2025-06-10
HIGH
8.4
Improper privilege management in Windows Kernel allows an unauthorized attacker to elevate privileges locally.
CVE-2025-33066
2025-06-10
HIGH
8.8
Heap-based buffer overflow in Windows Routing and Remote Access Service (RRAS) allows an unauthorized attacker to execute code over a…
CVE-2025-33065
2025-06-10
MEDIUM
5.5
Out-of-bounds read in Windows Storage Management Provider allows an authorized attacker to disclose information locally.
CVE-2025-33064
2025-06-10
HIGH
8.8
Heap-based buffer overflow in Windows Routing and Remote Access Service (RRAS) allows an authorized attacker to execute code over a…
CVE-2025-33063
2025-06-10
MEDIUM
5.5
Out-of-bounds read in Windows Storage Management Provider allows an authorized attacker to disclose information locally.
CVE-2025-33062
2025-06-10
MEDIUM
5.5
Out-of-bounds read in Windows Storage Management Provider allows an authorized attacker to disclose information locally.
CVE-2025-33061
2025-06-10
MEDIUM
5.5
Out-of-bounds read in Windows Storage Management Provider allows an authorized attacker to disclose information locally.
CVE-2025-33060
2025-06-10
MEDIUM
5.5
Out-of-bounds read in Windows Storage Management Provider allows an authorized attacker to disclose information locally.
CVE-2025-33059
2025-06-10
MEDIUM
5.5
Out-of-bounds read in Windows Storage Management Provider allows an authorized attacker to disclose information locally.
CVE-2025-33058
2025-06-10
MEDIUM
5.5
Out-of-bounds read in Windows Storage Management Provider allows an authorized attacker to disclose information locally.
CVE-2025-33057
2025-06-10
MEDIUM
6.5
Null pointer dereference in Windows Local Security Authority (LSA) allows an authorized attacker to deny service over a network.
CVE-2025-33056
2025-06-10
HIGH
7.5
Improper access control in Microsoft Local Security Authority Server (lsasrv) allows an unauthorized attacker to deny service over a network.
CVE-2025-33055
2025-06-10
MEDIUM
5.5
Out-of-bounds read in Windows Storage Management Provider allows an authorized attacker to disclose information locally.
CVE-2025-33052
2025-06-10
MEDIUM
5.5
Use of uninitialized resource in Windows DWM Core Library allows an authorized attacker to disclose information locally.
CVE-2025-33050
2025-06-10
HIGH
7.5
Protection mechanism failure in Windows DHCP Server allows an unauthorized attacker to deny service over a network.
CVE-2025-32725
2025-06-10
HIGH
7.5
Protection mechanism failure in Windows DHCP Server allows an unauthorized attacker to deny service over a network.
CVE-2025-32724
2025-06-10
HIGH
7.5
Uncontrolled resource consumption in Windows Local Security Authority Subsystem Service (LSASS) allows an unauthorized attacker to deny service over a…
CVE-2025-32722
2025-06-10
MEDIUM
5.5
Improper access control in Windows Storage Port Driver allows an authorized attacker to disclose information locally.
CVE-2025-32721
2025-06-10
HIGH
7.3
Improper link resolution before file access ('link following') in Windows Recovery Driver allows an authorized attacker to elevate privileges locally.
CVE-2025-32720
2025-06-10
MEDIUM
5.5
Out-of-bounds read in Windows Storage Management Provider allows an authorized attacker to disclose information locally.
CVE-2025-32719
2025-06-10
MEDIUM
5.5
Out-of-bounds read in Windows Storage Management Provider allows an authorized attacker to disclose information locally.
CVE-2025-32718
2025-06-10
HIGH
7.8
Integer overflow or wraparound in Windows SMB allows an authorized attacker to elevate privileges locally.
CVE-2025-32716
2025-06-10
HIGH
7.8
Out-of-bounds read in Windows Media allows an authorized attacker to elevate privileges locally.
CVE-2025-32715
2025-06-10
MEDIUM
6.5
Out-of-bounds read in Remote Desktop Client allows an unauthorized attacker to disclose information over a network.
CVE-2025-32714
2025-06-10
HIGH
7.8
Improper access control in Windows Installer allows an authorized attacker to elevate privileges locally.
CVE-2025-32713
2025-06-10
HIGH
7.8
Heap-based buffer overflow in Windows Common Log File System Driver allows an authorized attacker to elevate privileges locally.
CVE-2025-32712
2025-06-10
HIGH
7.8
Use after free in Windows Win32K - GRFX allows an authorized attacker to elevate privileges locally.
CVE-2025-32710
2025-06-10
HIGH
8.1
Use after free in Windows Remote Desktop Services allows an unauthorized attacker to execute code over a network.
CVE-2025-31104
2025-06-10
HIGH
7.2
An Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability [CWE-78] in FortiADC 7.6.0 through…
CVE-2025-30321
2025-06-10
MEDIUM
5.5
InDesign Desktop versions ID20.2, ID19.5.3 and earlier are affected by a NULL Pointer Dereference vulnerability that could lead to application…
CVE-2025-30317
2025-06-10
HIGH
7.8
InDesign Desktop versions ID20.2, ID19.5.3 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary…
CVE-2025-29828
2025-06-10
HIGH
8.1
Missing release of memory after effective lifetime in Windows Cryptographic Services allows an unauthorized attacker to execute code over a…
CVE-2025-25250
2025-06-10
MEDIUM
4.3
An Exposure of Sensitive Information to an Unauthorized Actor vulnerability [CWE-200] in FortiOS version 7.6.0, version 7.4.7 and below, 7.2…
« Anterior
Página 278 de 3504
Siguiente »
Page load link
Go to Top
