Skip to content
Toggle Navigation
ISO/IEC 27001
Introducción a ISO 27001
Requisitos Normativos
ISO 27001 – GAP Analysis (Tool)
Todos el contenido
Ciberseguridad
Introducción a la ciberseguridad
Defensa de sistemas informáticos
Amenazas y tendencias
Eventos de ciberseguridad
Glosario
Todos los artículos
Vulnerabilidades CVE
Desarrollo seguro (SDLC)
Desarrollo de software seguro
Normativa y Leyes
Leyes de protección de datos
Agencias nacionales de ciberseguridad
Contacto
Vulnerabilidades CVE
Vulnerabilidades CVE
drmunozcl
2025-06-04T18:44:58-04:00
Vulnerabilidades CVE
A continuación la lista de las últimas vulnerabilidades publicadas por el instituto NIST:
Filtrar por severidad:
Todas
NONE
LOW
MEDIUM
HIGH
CRITICAL
UNKNOWN
Filtrar
CVE ID
Publicado
Severidad
CVSS
Descripción
CVE-2025-25208
2025-06-09
MEDIUM
5.7
A Developer persona can bring down the Authorino service, preventing the evaluation of all AuthPolicies on the cluster
CVE-2025-25207
2025-06-09
MEDIUM
5.7
The Authorino service in the Red Hat Connectivity Link is the authorization service for zero trust API security. Authorino allows…
CVE-2025-5858
2025-06-09
MEDIUM
6.3
A vulnerability was found in PHPGurukul Nipah Virus Testing Management System 1.0. It has been classified as critical. Affected is…
CVE-2025-5857
2025-06-09
MEDIUM
6.3
A vulnerability was found in code-projects Patient Record Management System 1.0 and classified as critical. This issue affects some unknown…
CVE-2025-5856
2025-06-09
HIGH
7.3
A vulnerability has been found in PHPGurukul BP Monitoring Management System 1.0 and classified as critical. This vulnerability affects unknown…
CVE-2025-3461
2025-06-08
CRITICAL
9.1
The Quantenna Wi-Fi chips ship with an unauthenticated telnet interface by default. This is an instance of CWE-306, "Missing Authentication…
CVE-2025-3460
2025-06-08
HIGH
7.7
The Quantenna Wi-Fi chipset ships with a local control script, set_tx_pow, that is vulnerable to command injection. This is an…
CVE-2025-3459
2025-06-08
HIGH
7.7
The Quantenna Wi-Fi chipset ships with a local control script, transmit_file, that is vulnerable to command injection. This is an…
CVE-2025-35010
2025-06-08
HIGH
7.1
Products that incorporate the Microhard BulletLTE-NA2 and IPn4Gii-NA2 are vulnerable to a post-authentication command injection issue in the AT+MNPINGTM command…
CVE-2025-35009
2025-06-08
HIGH
7.1
Products that incorporate the Microhard BulletLTE-NA2 and IPn4Gii-NA2 are vulnerable to a post-authentication command injection issue in the AT+MNNETSP command…
CVE-2025-35008
2025-06-08
HIGH
7.1
Products that incorporate the Microhard BulletLTE-NA2 and IPn4Gii-NA2 are vulnerable to a post-authentication command injection issue in the AT+MMNAME command…
CVE-2025-35007
2025-06-08
HIGH
7.1
Products that incorporate the Microhard BulletLTE-NA2 and IPn4Gii-NA2 are vulnerable to a post-authentication command injection issue in the AT+MFRULE command…
CVE-2025-35006
2025-06-08
HIGH
7.1
Products that incorporate the Microhard BulletLTE-NA2 and IPn4Gii-NA2 are vulnerable to a post-authentication command injection issue in the AT+MFPORTFWD command…
CVE-2025-35005
2025-06-08
HIGH
7.1
Products that incorporate the Microhard BulletLTE-NA2 and IPn4Gii-NA2 are vulnerable to a post-authentication command injection issue in the AT+MFMAC command…
CVE-2025-35004
2025-06-08
HIGH
7.1
Products that incorporate the Microhard BulletLTE-NA2 and IPn4Gii-NA2 are vulnerable to a post-authentication command injection issue in the AT+MFIP command…
CVE-2025-32459
2025-06-08
HIGH
7.7
The Quantenna Wi-Fi chipset ships with a local control script, router_command.sh (in the sync_time argument), that is vulnerable to command…
CVE-2025-32458
2025-06-08
HIGH
7.7
The Quantenna Wi-Fi chipset ships with a local control script, router_command.sh (in the get_syslog_from_qtn argument), that is vulnerable to command…
CVE-2025-32457
2025-06-08
HIGH
7.7
The Quantenna Wi-Fi chipset ships with a local control script, router_command.sh (in the get_file_from_qtn argument), that is vulnerable to command…
CVE-2025-32456
2025-06-08
HIGH
7.7
The Quantenna Wi-Fi chipset ships with a local control script, router_command.sh (in the put_file_to_qtn argument), that is vulnerable to command…
CVE-2025-32455
2025-06-08
HIGH
7.7
The Quantenna Wi-Fi chipset ships with a local control script, router_command.sh (in the run_cmd argument), that is vulnerable to command…
CVE-2025-5847
2025-06-08
HIGH
8.8
A vulnerability has been found in Tenda AC9 15.03.02.13 and classified as critical. Affected by this vulnerability is the function…
CVE-2025-27563
2025-06-08
LOW
3.3
in OpenHarmony v5.0.3 and prior versions allow a local attacker cause information leak through get permission.
CVE-2025-27247
2025-06-08
MEDIUM
5.5
in OpenHarmony v5.0.3 and prior versions allow a local attacker cause information leak through get permission.
CVE-2025-27242
2025-06-08
LOW
3.3
in OpenHarmony v5.0.3 and prior versions allow a local attacker cause DOS through improper input.
CVE-2025-27131
2025-06-08
MEDIUM
6.1
in OpenHarmony v5.0.3 and prior versions allow a local attacker cause DOS through improper input.
CVE-2025-26693
2025-06-08
LOW
3.3
in OpenHarmony v5.0.3 and prior versions allow a local attacker cause information leak through get permission.
CVE-2025-26691
2025-06-08
MEDIUM
5.5
in OpenHarmony v5.0.3 and prior versions allow a local attacker cause information leak through get permission.
CVE-2025-25217
2025-06-08
LOW
3.3
in OpenHarmony v5.0.3 and prior versions allow a local attacker case DOS through NULL pointer dereference.
CVE-2025-24493
2025-06-08
MEDIUM
5.5
in OpenHarmony v5.0.3 and prior versions allow a local attacker cause information leak through race condition.
CVE-2025-23235
2025-06-08
LOW
3.3
in OpenHarmony v5.0.3 and prior versions allow a local attacker cause DOS through out-of-bounds read.
CVE-2025-21082
2025-06-08
LOW
3.3
in OpenHarmony v5.0.3 and prior versions allow a local attacker cause apps crash through type confusion.
CVE-2025-20063
2025-06-08
LOW
3.3
in OpenHarmony v5.0.3 and prior versions allow a local attacker cause apps crash through type confusion.
CVE-2025-38004
2025-06-08
N/A
0.0
In the Linux kernel, the following vulnerability has been resolved: can: bcm: add locking for bcm_op runtime updates The CAN…
CVE-2025-38003
2025-06-08
N/A
0.0
In the Linux kernel, the following vulnerability has been resolved: can: bcm: add missing rcu read protection for procfs content…
CVE-2025-5242
2025-06-07
N/A
0.0
Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.
CVE-2025-5223
2025-06-07
N/A
0.0
Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.
CVE-2025-5097
2025-06-07
N/A
0.0
Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.
CVE-2025-5026
2025-06-07
N/A
0.0
Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.
CVE-2025-49619
2025-06-07
HIGH
8.5
Skyvern through 0.1.85 has a Jinja runtime leak in sdk/workflow/models/block.py.
CVE-2024-55585
2025-06-07
N/A
0.0
In the moPS App through 1.8.618, all users can access administrative API endpoints without additional authentication, resulting in unrestricted read…
CVE-2025-5840
2025-06-07
HIGH
7.3
A vulnerability, which was classified as critical, was found in SourceCodester Client Database Management System 1.0. This affects an unknown…
CVE-2025-5839
2025-06-07
HIGH
8.8
A vulnerability, which was classified as critical, has been found in Tenda AC9 15.03.02.13. Affected by this issue is the…
CVE-2025-5838
2025-06-07
MEDIUM
6.3
A vulnerability classified as critical was found in PHPGurukul Employee Record Management System 1.3. Affected by this vulnerability is an…
CVE-2025-5837
2025-06-07
MEDIUM
6.3
A vulnerability classified as critical has been found in PHPGurukul Employee Record Management System 1.3. Affected is an unknown function…
CVE-2025-5836
2025-06-07
MEDIUM
6.3
A vulnerability was found in Tenda AC9 15.03.02.13. It has been rated as critical. This issue affects the function formSetIptv…
CVE-2025-5568
2025-06-07
MEDIUM
6.4
The WpEvently plugin for WordPress is vulnerable to Stored Cross-Site Scripting via multiple parameters in all versions up to, and…
CVE-2025-5528
2025-06-07
MEDIUM
6.1
The Social Sharing Plugin – Sassy Social Share plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the heateor_mastodon_share…
CVE-2024-9994
2025-06-07
MEDIUM
6.4
The Essential Addons for Elementor – Best Elementor Addon, Templates, Widgets, Kits & WooCommerce Builders plugin for WordPress is vulnerable…
CVE-2024-9993
2025-06-07
MEDIUM
6.4
The Essential Addons for Elementor – Best Elementor Addon, Templates, Widgets, Kits & WooCommerce Builders plugin for WordPress is vulnerable…
CVE-2025-5303
2025-06-07
HIGH
7.2
The LTL Freight Quotes – Freightview Edition, LTL Freight Quotes – Daylight Edition and LTL Freight Quotes – Day &…
« Anterior
Página 287 de 3506
Siguiente »
Page load link
Go to Top
