Skip to content
Toggle Navigation
ISO/IEC 27001
Introducción a ISO 27001
Requisitos Normativos
ISO 27001 – GAP Analysis (Tool)
Todos el contenido
Ciberseguridad
Introducción a la ciberseguridad
Defensa de sistemas informáticos
Amenazas y tendencias
Eventos de ciberseguridad
Glosario
Todos los artículos
Vulnerabilidades CVE
Desarrollo seguro (SDLC)
Desarrollo de software seguro
Normativa y Leyes
Leyes de protección de datos
Agencias nacionales de ciberseguridad
Contacto
Vulnerabilidades CVE
Vulnerabilidades CVE
drmunozcl
2025-06-04T18:44:58-04:00
Vulnerabilidades CVE
A continuación la lista de las últimas vulnerabilidades publicadas por el instituto NIST:
Filtrar por severidad:
Todas
NONE
LOW
MEDIUM
HIGH
CRITICAL
UNKNOWN
Filtrar
CVE ID
Publicado
Severidad
CVSS
Descripción
CVE-2025-5916
2025-06-09
LOW
3.9
A vulnerability has been identified in the libarchive library. This flaw involves an integer overflow that can be triggered when…
CVE-2025-5915
2025-06-09
LOW
3.9
A vulnerability has been identified in the libarchive library. This flaw can lead to a heap buffer over-read due to…
CVE-2025-5892
2025-06-09
MEDIUM
4.3
A vulnerability, which was classified as problematic, has been found in RocketChat up to 7.6.1. This issue affects the function…
CVE-2025-5891
2025-06-09
MEDIUM
4.3
A vulnerability classified as problematic was found in Unitech pm2 up to 6.0.6. This vulnerability affects unknown code of the…
CVE-2025-5887
2025-06-09
LOW
3.5
A vulnerability was found in jsnjfz WebStack-Guns 1.0. It has been classified as problematic. Affected is an unknown function of…
CVE-2025-46041
2025-06-09
MEDIUM
5.4
A stored cross-site scripting (XSS) vulnerability in Anchor CMS v0.12.7 allows attackers to inject malicious JavaScript via the page description…
CVE-2025-45002
2025-06-09
MEDIUM
5.4
Vigybag v1.0 and before is vulnerable to Cross Site Scripting (XSS) via the upload profile picture function under my profile.
CVE-2025-45001
2025-06-09
HIGH
7.5
react-native-keys 0.7.11 is vulnerable to sensitive information disclosure (remote) as encryption cipher and Base64 chunks are stored as plaintext in…
CVE-2025-29627
2025-06-09
MEDIUM
6.8
An issue in KeeperChat IOS Application v.5.8.8 allows a physically proximate attacker to escalate privileges via the Biometric Authentication Module
CVE-2025-45055
2025-06-09
MEDIUM
5.4
Silverpeas 6.4.2 contains a stored cross-site scripting (XSS) vulnerability in the event management module. An authenticated user can upload a…
CVE-2024-46452
2025-06-09
MEDIUM
6.1
A Host Header injection vulnerability in the password reset function of VigyBag Open Source Online Shop commit 3f0e21b allows attackers…
CVE-2025-5890
2025-06-09
MEDIUM
4.3
A vulnerability classified as problematic has been found in actions toolkit 0.5.0. This affects the function globEscape of the file…
CVE-2025-5889
2025-06-09
LOW
3.1
A vulnerability was found in juliangruber brace-expansion up to 1.1.11. It has been rated as problematic. Affected by this issue…
CVE-2025-5848
2025-06-08
HIGH
8.8
A vulnerability was found in Tenda AC15 15.03.05.19_multi and classified as critical. Affected by this issue is the function formSetPPTPUserList…
CVE-2025-5849
2025-06-08
HIGH
8.8
A vulnerability was found in Tenda AC15 15.03.05.19_multi. It has been classified as critical. This affects the function formSetSafeWanWebMan of…
CVE-2025-5850
2025-06-08
HIGH
8.8
A vulnerability was found in Tenda AC15 15.03.05.19_multi. It has been declared as critical. This vulnerability affects the function formsetschedled…
CVE-2025-5851
2025-06-09
HIGH
8.8
A vulnerability was found in Tenda AC15 15.03.05.19_multi. It has been rated as critical. This issue affects the function fromadvsetlanip…
CVE-2025-5852
2025-06-09
HIGH
8.8
A vulnerability classified as critical has been found in Tenda AC6 15.03.05.16. Affected is the function formSetPPTPUserList of the file…
CVE-2025-5853
2025-06-09
HIGH
8.8
A vulnerability classified as critical was found in Tenda AC6 15.03.05.16. Affected by this vulnerability is the function formSetSafeWanWebMan of…
CVE-2025-5854
2025-06-09
HIGH
8.8
A vulnerability, which was classified as critical, has been found in Tenda AC6 15.03.05.16. Affected by this issue is the…
CVE-2025-5855
2025-06-09
HIGH
8.8
A vulnerability, which was classified as critical, was found in Tenda AC6 15.03.05.16. This affects the function formSetRebootTimer of the…
CVE-2025-5859
2025-06-09
MEDIUM
6.3
A vulnerability was found in PHPGurukul Nipah Virus Testing Management System 1.0. It has been declared as critical. Affected by…
CVE-2025-5860
2025-06-09
HIGH
7.3
A vulnerability, which was classified as critical, was found in PHPGurukul Maid Hiring Management System 1.0. This affects an unknown…
CVE-2025-5861
2025-06-09
HIGH
8.8
A vulnerability has been found in Tenda AC7 15.03.06.44 and classified as critical. This vulnerability affects the function fromadvsetlanip of…
CVE-2025-5862
2025-06-09
HIGH
8.8
A vulnerability was found in Tenda AC7 15.03.06.44 and classified as critical. This issue affects the function formSetPPTPUserList of the…
CVE-2025-5863
2025-06-09
HIGH
8.8
A vulnerability was found in Tenda AC5 15.03.06.47. It has been classified as critical. Affected is the function formSetRebootTimer of…
CVE-2025-5888
2025-06-09
MEDIUM
4.3
A vulnerability was found in jsnjfz WebStack-Guns 1.0. It has been declared as problematic. Affected by this vulnerability is an…
CVE-2025-49653
2025-06-09
HIGH
8.0
Exposure of sensitive data in active sessions in Lablup's BackendAI allows attackers to retrieve credentials for users on the management…
CVE-2025-49652
2025-06-09
CRITICAL
9.8
Missing Authentication in the registration feature of Lablup's BackendAI allows arbitrary users to create user accounts that can access private…
CVE-2025-49651
2025-06-09
HIGH
8.1
Missing Authorization in Lablup's BackendAI allows attackers to takeover all active sessions; Accessing, stealing, or altering any data accessible in…
CVE-2024-47081
2025-06-09
MEDIUM
5.3
Requests is a HTTP library. Due to a URL parsing issue, Requests releases prior to 2.32.4 may leak .netrc credentials…
CVE-2025-49297
2025-06-09
HIGH
8.1
Path Traversal vulnerability in Mikado-Themes Grill and Chow allows PHP Local File Inclusion. This issue affects Grill and Chow: from…
CVE-2025-49296
2025-06-09
HIGH
8.1
Path Traversal vulnerability in Mikado-Themes GrandPrix allows PHP Local File Inclusion. This issue affects GrandPrix: from n/a through 1.6.
CVE-2025-49295
2025-06-09
HIGH
8.1
Path Traversal vulnerability in Mikado-Themes MediClinic allows PHP Local File Inclusion. This issue affects MediClinic: from n/a through 2.1.
CVE-2025-49282
2025-06-09
HIGH
8.1
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in Unfoldwp Magze allows PHP…
CVE-2025-49281
2025-06-09
HIGH
8.1
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in Unfoldwp Magways allows PHP…
CVE-2025-49280
2025-06-09
HIGH
8.1
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in Unfoldwp Magty allows PHP…
CVE-2025-49279
2025-06-09
HIGH
8.1
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in Unfoldwp Blogvy allows PHP…
CVE-2025-49278
2025-06-09
HIGH
8.1
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in Unfoldwp Blogty allows PHP…
CVE-2025-49277
2025-06-09
HIGH
8.1
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in Unfoldwp Blogprise allows PHP…
CVE-2025-49276
2025-06-09
HIGH
8.1
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in Unfoldwp Blogmine allows PHP…
CVE-2025-49275
2025-06-09
HIGH
8.1
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in Unfoldwp Blogbyte allows PHP…
CVE-2025-49265
2025-06-09
HIGH
7.5
Missing Authorization vulnerability in WP Swings Membership For WooCommerce allows Accessing Functionality Not Properly Constrained by ACLs. This issue affects…
CVE-2025-48281
2025-06-09
CRITICAL
9.3
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in mystyleplatform MyStyle Custom Product Designer allows…
CVE-2025-48279
2025-06-09
HIGH
7.1
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Richard Perdaan WC MyParcel Belgium allows Reflected XSS.…
CVE-2025-48267
2025-06-09
HIGH
8.6
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in ThimPress WP Pipes allows Path Traversal. This…
CVE-2025-48261
2025-06-09
HIGH
7.5
Insertion of Sensitive Information Into Sent Data vulnerability in MultiVendorX MultiVendorX allows Retrieve Embedded Sensitive Data. This issue affects MultiVendorX:…
CVE-2025-48147
2025-06-09
MEDIUM
6.5
Missing Authorization vulnerability in Crypto Cloud CryptoCloud - Crypto Payment Gateway allows Exploiting Incorrectly Configured Access Control Security Levels. This…
CVE-2025-48143
2025-06-09
HIGH
7.1
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in salesup2019 Formulario de contacto SalesUp! allows Reflected XSS.…
CVE-2025-48141
2025-06-09
CRITICAL
9.3
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Alex Zaytseff Multi CryptoCurrency Payments allows…
« Anterior
Página 283 de 3505
Siguiente »
Page load link
Go to Top
