Skip to content
Toggle Navigation
Kit ISO 27001
Ingeniería y Consultoría
Recursos
ISO 27001
ISO 27001 – GAP Analysis Tool
Ciberseguridad
Vulnerabilidades CVE
Blog
Contacto
Obtener el Toolkit
Toggle Navigation
Kit ISO 27001
Ingeniería y Consultoría
Recursos
ISO 27001
ISO 27001 – GAP Analysis Tool
Ciberseguridad
Vulnerabilidades CVE
Blog
Contacto
Obtener el Toolkit
Vulnerabilidades CVE
Vulnerabilidades CVE
drmunozcl
2025-06-04T18:44:58-04:00
Vulnerabilidades CVE
A continuación la lista de las últimas vulnerabilidades publicadas por el instituto NIST:
Severidad:
Todas
NONE
LOW
MEDIUM
HIGH
CRITICAL
UNKNOWN
CVE:
Aplicar
Borrar filtros
CVE ID
Publicado
Severidad
CVSS
Descripción
CVE-2026-32188
2026-04-14
HIGH
7.1
Out-of-bounds read in Microsoft Office Excel allows an unauthorized attacker to disclose information locally.
CVE-2026-32184
2026-04-14
HIGH
7.8
Deserialization of untrusted data in Microsoft High Performance Compute Pack (HPC) allows an authorized attacker to elevate privileges locally.
CVE-2026-32183
2026-04-14
HIGH
7.8
Improper neutralization of special elements used in a command ('command injection') in Windows Snipping Tool allows an unauthorized attacker to execute code locally.
CVE-2026-32181
2026-04-14
MEDIUM
5.5
Improper privilege management in Microsoft Windows allows an authorized attacker to deny service locally.
CVE-2026-32178
2026-04-14
HIGH
7.5
Improper neutralization of special elements in .NET allows an unauthorized attacker to perform spoofing over a network.
CVE-2026-32176
2026-04-14
MEDIUM
6.7
Improper neutralization of special elements used in an sql command ('sql injection') in SQL Server allows an authorized attacker to elevate privileges locally.
CVE-2026-32171
2026-04-14
HIGH
8.8
Insufficiently protected credentials in Azure Logic Apps allows an authorized attacker to elevate privileges over a network.
CVE-2026-32168
2026-04-14
HIGH
7.8
Improper input validation in Azure Monitor Agent allows an authorized attacker to elevate privileges locally.
CVE-2026-32167
2026-04-14
MEDIUM
6.7
Improper neutralization of special elements used in an sql command ('sql injection') in SQL Server allows an authorized attacker to elevate privileges locally.
CVE-2026-32165
2026-04-14
HIGH
7.8
Use after free in Windows User Interface Core allows an authorized attacker to elevate privileges locally.
CVE-2026-32164
2026-04-14
HIGH
7.8
Concurrent execution using shared resource with improper synchronization ('race condition') in Windows User Interface Core allows an authorized attacker to elevate privileges locally.
CVE-2026-32163
2026-04-14
HIGH
7.8
Concurrent execution using shared resource with improper synchronization ('race condition') in Windows User Interface Core allows an authorized attacker to elevate privileges locally.
CVE-2026-32162
2026-04-14
HIGH
8.4
Acceptance of extraneous untrusted data with trusted data in Windows COM allows an unauthorized attacker to elevate privileges locally.
CVE-2026-32160
2026-04-14
HIGH
7.8
Concurrent execution using shared resource with improper synchronization ('race condition') in Windows Push Notifications allows an authorized attacker to elevate privileges locally.
CVE-2026-32159
2026-04-14
HIGH
7.8
Concurrent execution using shared resource with improper synchronization ('race condition') in Windows Push Notifications allows an authorized attacker to elevate privileges locally.
CVE-2026-32158
2026-04-14
HIGH
7.8
Concurrent execution using shared resource with improper synchronization ('race condition') in Windows Push Notifications allows an authorized attacker to elevate privileges locally.
CVE-2026-32157
2026-04-14
HIGH
8.8
Use after free in Remote Desktop Client allows an unauthorized attacker to execute code over a network.
CVE-2026-32156
2026-04-14
HIGH
7.4
Use after free in Windows Universal Plug and Play (UPnP) Device Host allows an unauthorized attacker to execute code locally.
CVE-2026-32155
2026-04-14
HIGH
7.8
Use after free in Desktop Window Manager allows an authorized attacker to elevate privileges locally.
CVE-2026-32154
2026-04-14
HIGH
7.8
Use after free in Desktop Window Manager allows an authorized attacker to elevate privileges locally.
CVE-2026-32153
2026-04-14
HIGH
7.8
Use after free in Microsoft Windows Speech allows an authorized attacker to elevate privileges locally.
CVE-2026-32152
2026-04-14
HIGH
7.8
Use after free in Desktop Window Manager allows an authorized attacker to elevate privileges locally.
CVE-2026-32151
2026-04-14
MEDIUM
6.5
Exposure of sensitive information to an unauthorized actor in Windows Shell allows an authorized attacker to disclose information over a network.
CVE-2026-32150
2026-04-14
HIGH
7.0
Concurrent execution using shared resource with improper synchronization ('race condition') in Function Discovery Service (fdwsd.dll) allows an authorized attacker to elevate privileges locally.
CVE-2026-32149
2026-04-14
HIGH
7.3
Improper input validation in Windows Hyper-V allows an authorized attacker to execute code locally.
CVE-2026-32093
2026-04-14
HIGH
7.0
Concurrent execution using shared resource with improper synchronization ('race condition') in Function Discovery Service (fdwsd.dll) allows an authorized attacker to elevate privileges locally.
CVE-2026-32091
2026-04-14
HIGH
8.4
Concurrent execution using shared resource with improper synchronization ('race condition') in Microsoft Brokering File System allows an unauthorized attacker to elevate privileges locally.
CVE-2026-32090
2026-04-14
HIGH
7.8
Concurrent execution using shared resource with improper synchronization ('race condition') in Windows Speech Brokered Api allows an authorized attacker to elevate privileges locally.
CVE-2026-32089
2026-04-14
HIGH
7.8
Use after free in Windows Speech Brokered Api allows an authorized attacker to elevate privileges locally.
CVE-2026-32088
2026-04-14
MEDIUM
6.1
Concurrent execution using shared resource with improper synchronization ('race condition') in Windows Biometric Service allows an unauthorized attacker to bypass a security feature with a physical attack.
CVE-2026-32087
2026-04-14
HIGH
7.0
Heap-based buffer overflow in Function Discovery Service (fdwsd.dll) allows an authorized attacker to elevate privileges locally.
CVE-2026-32086
2026-04-14
HIGH
7.0
Concurrent execution using shared resource with improper synchronization ('race condition') in Function Discovery Service (fdwsd.dll) allows an authorized attacker to elevate privileges locally.
CVE-2026-32085
2026-04-14
MEDIUM
5.5
Exposure of sensitive information to an unauthorized actor in Windows Remote Procedure Call allows an authorized attacker to disclose information locally.
CVE-2026-32084
2026-04-14
MEDIUM
5.5
Exposure of sensitive information to an unauthorized actor in Windows File Explorer allows an authorized attacker to disclose information locally.
CVE-2026-32083
2026-04-14
HIGH
7.0
Concurrent execution using shared resource with improper synchronization ('race condition') in Windows SSDP Service allows an authorized attacker to elevate privileges locally.
CVE-2026-32082
2026-04-14
HIGH
7.0
Concurrent execution using shared resource with improper synchronization ('race condition') in Windows SSDP Service allows an authorized attacker to elevate privileges locally.
CVE-2026-32081
2026-04-14
MEDIUM
5.5
Exposure of sensitive information to an unauthorized actor in Windows File Explorer allows an authorized attacker to disclose information locally.
CVE-2026-32080
2026-04-14
HIGH
7.0
Use after free in Windows WalletService allows an authorized attacker to elevate privileges locally.
CVE-2026-32079
2026-04-14
MEDIUM
5.5
Exposure of sensitive information to an unauthorized actor in Windows File Explorer allows an authorized attacker to disclose information locally.
CVE-2026-32078
2026-04-14
HIGH
7.8
Use after free in Windows Projected File System allows an authorized attacker to elevate privileges locally.
CVE-2026-32077
2026-04-14
HIGH
7.8
Untrusted pointer dereference in Windows Universal Plug and Play (UPnP) Device Host allows an authorized attacker to elevate privileges locally.
CVE-2026-32076
2026-04-14
HIGH
7.8
Out-of-bounds read in Windows Storage Spaces Controller allows an authorized attacker to elevate privileges locally.
CVE-2026-32075
2026-04-14
HIGH
7.0
Use after free in Windows Universal Plug and Play (UPnP) Device Host allows an authorized attacker to elevate privileges locally.
CVE-2026-32074
2026-04-14
HIGH
7.8
Double free in Windows Projected File System allows an authorized attacker to elevate privileges locally.
CVE-2026-32073
2026-04-14
HIGH
7.0
Use after free in Windows Ancillary Function Driver for WinSock allows an authorized attacker to elevate privileges locally.
CVE-2026-32072
2026-04-14
MEDIUM
6.2
Improper authentication in Windows Active Directory allows an unauthorized attacker to perform spoofing locally.
CVE-2026-32071
2026-04-14
HIGH
7.5
Null pointer dereference in Windows Local Security Authority Subsystem Service (LSASS) allows an unauthorized attacker to deny service over a network.
CVE-2026-32070
2026-04-14
HIGH
7.0
Use after free in Windows Common Log File System Driver allows an authorized attacker to elevate privileges locally.
CVE-2026-32069
2026-04-14
HIGH
7.8
Double free in Windows Projected File System allows an authorized attacker to elevate privileges locally.
CVE-2026-32068
2026-04-14
HIGH
7.0
Concurrent execution using shared resource with improper synchronization ('race condition') in Windows SSDP Service allows an authorized attacker to elevate privileges locally.
« Anterior
Página 295 de 4463
Siguiente »
Page load link
Go to Top
