Skip to content
Toggle Navigation
ISO/IEC 27001
Introducción a ISO 27001
Requisitos Normativos
ISO 27001 – GAP Analysis (Tool)
Todos el contenido
Ciberseguridad
Introducción a la ciberseguridad
Defensa de sistemas informáticos
Amenazas y tendencias
Eventos de ciberseguridad
Glosario
Todos los artículos
Vulnerabilidades CVE
Desarrollo seguro (SDLC)
Desarrollo de software seguro
Normativa y Leyes
Leyes de protección de datos
Agencias nacionales de ciberseguridad
Contacto
Vulnerabilidades CVE
Vulnerabilidades CVE
drmunozcl
2025-06-04T18:44:58-04:00
Vulnerabilidades CVE
A continuación la lista de las últimas vulnerabilidades publicadas por el instituto NIST:
Filtrar por severidad:
Todas
NONE
LOW
MEDIUM
HIGH
CRITICAL
UNKNOWN
Filtrar
CVE ID
Publicado
Severidad
CVSS
Descripción
CVE-2025-3054
2025-06-05
HIGH
8.8
The WP User Frontend Pro plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation…
CVE-2025-5638
2025-06-05
MEDIUM
6.3
A vulnerability has been found in PHPGurukul Notice Board System 1.0 and classified as critical. Affected by this vulnerability is…
CVE-2025-5637
2025-06-05
HIGH
7.3
A vulnerability, which was classified as critical, was found in PCMan FTP Server 2.0.7. Affected is an unknown function of…
CVE-2025-5636
2025-06-05
HIGH
7.3
A vulnerability, which was classified as critical, has been found in PCMan FTP Server 2.0.7. This issue affects some unknown…
CVE-2025-1793
2025-06-05
CRITICAL
9.8
Multiple vector store integrations in run-llama/llama_index version v0.12.21 have SQL injection vulnerabilities. These vulnerabilities allow an attacker to read and…
CVE-2025-5635
2025-06-05
HIGH
7.3
A vulnerability classified as critical was found in PCMan FTP Server 2.0.7. This vulnerability affects unknown code of the component…
CVE-2025-5634
2025-06-05
HIGH
7.3
A vulnerability classified as critical has been found in PCMan FTP Server 2.0.7. This affects an unknown part of the…
CVE-2025-5633
2025-06-05
MEDIUM
6.3
A vulnerability was found in code-projects/anirbandutta9 Content Management System and News-Buzz 1.0. It has been rated as critical. Affected by…
CVE-2025-5632
2025-06-05
MEDIUM
6.3
A vulnerability was found in code-projects/anirbandutta9 Content Management System and News-Buzz 1.0. It has been declared as critical. Affected by…
CVE-2025-5631
2025-06-05
HIGH
7.3
A vulnerability was found in code-projects/anirbandutta9 Content Management System and News-Buzz 1.0. It has been classified as critical. Affected is…
CVE-2025-5630
2025-06-05
CRITICAL
9.8
A vulnerability has been found in D-Link DIR-816 1.10CNB05 and classified as critical. This vulnerability affects unknown code of the…
CVE-2025-5629
2025-06-05
HIGH
8.8
A vulnerability, which was classified as critical, was found in Tenda AC10 up to 15.03.06.47. This affects the function formSetPPTPServer…
CVE-2025-49466
2025-06-05
MEDIUM
5.8
aerc before 93bec0d allows directory traversal in commands/msgview/open.go because of direct path concatenation of the name of an attachment part,
CVE-2025-48432
2025-06-05
MEDIUM
4.0
An issue was discovered in Django 5.2 before 5.2.2, 5.1 before 5.1.10, and 4.2 before 4.2.22. Internal HTTP response logging…
CVE-2025-5628
2025-06-05
LOW
3.5
A vulnerability, which was classified as problematic, has been found in SourceCodester Food Menu Manager 1.0. Affected by this issue…
CVE-2025-5627
2025-06-05
MEDIUM
6.3
A vulnerability classified as critical was found in code-projects Patient Record Management System 1.0. Affected by this vulnerability is an…
CVE-2025-5626
2025-06-05
HIGH
7.3
A vulnerability classified as critical has been found in Campcodes Online Teacher Record Management System 1.0. Affected is an unknown…
CVE-2025-5625
2025-06-05
HIGH
7.3
A vulnerability was found in Campcodes Online Teacher Record Management System 1.0. It has been rated as critical. This issue…
CVE-2025-5624
2025-06-05
CRITICAL
9.8
A vulnerability was found in D-Link DIR-816 1.10CNB05. It has been declared as critical. This vulnerability affects the function QoSPortSetup…
CVE-2025-49008
2025-06-05
N/A
0.0
Atheos is a self-hosted browser-based cloud integrated development environment. Prior to version 6.0.4, improper use of `escapeshellcmd()` in `/components/codegit/traits/execute.php` allows…
CVE-2025-5623
2025-06-05
CRITICAL
9.8
A vulnerability was found in D-Link DIR-816 1.10CNB05. It has been classified as critical. This affects the function qosClassifier of…
CVE-2025-5622
2025-06-05
CRITICAL
9.8
A vulnerability was found in D-Link DIR-816 1.10CNB05 and classified as critical. Affected by this issue is the function wirelessApcli_5g…
CVE-2025-5621
2025-06-05
HIGH
7.3
A vulnerability has been found in D-Link DIR-816 1.10CNB05 and classified as critical. Affected by this vulnerability is the function…
CVE-2025-5620
2025-06-05
HIGH
7.3
A vulnerability, which was classified as critical, was found in D-Link DIR-816 1.10CNB05. Affected is the function setipsec_config of the…
CVE-2025-5619
2025-06-04
HIGH
8.8
A vulnerability, which was classified as critical, has been found in Tenda CH22 1.0.0.1. This issue affects the function formaddUserName…
CVE-2025-5618
2025-06-04
MEDIUM
6.3
A vulnerability classified as critical was found in PHPGurukul Online Fire Reporting System 1.2. This vulnerability affects unknown code of…
CVE-2025-5617
2025-06-04
MEDIUM
6.3
A vulnerability classified as critical has been found in PHPGurukul Online Fire Reporting System 1.2. This affects an unknown part…
CVE-2025-5616
2025-06-04
MEDIUM
6.3
A vulnerability was found in PHPGurukul Online Fire Reporting System 1.2. It has been rated as critical. Affected by this…
CVE-2025-49007
2025-06-04
N/A
0.0
Rack is a modular Ruby web server interface. Starting in version 3.1.0 and prior to version 3.1.16, there is a…
CVE-2025-5690
2025-06-04
MEDIUM
6.5
PostgreSQL Anonymizer v2.0 and v2.1 contain a vulnerability that allows a masked user to bypass the masking rules defined on…
CVE-2025-5615
2025-06-04
MEDIUM
6.3
A vulnerability was found in PHPGurukul Online Fire Reporting System 1.2. It has been declared as critical. Affected by this…
CVE-2025-5614
2025-06-04
MEDIUM
6.3
A vulnerability was found in PHPGurukul Online Fire Reporting System 1.2. It has been classified as critical. Affected is an…
CVE-2025-5613
2025-06-04
MEDIUM
6.3
A vulnerability was found in PHPGurukul Online Fire Reporting System 1.2 and classified as critical. This issue affects some unknown…
CVE-2025-5612
2025-06-04
MEDIUM
6.3
A vulnerability has been found in PHPGurukul Online Fire Reporting System 1.2 and classified as critical. This vulnerability affects unknown…
CVE-2025-5611
2025-06-04
MEDIUM
6.3
A vulnerability, which was classified as critical, was found in CodeAstro Real Estate Management System 1.0. This affects an unknown…
CVE-2025-5610
2025-06-04
MEDIUM
6.3
A vulnerability, which was classified as critical, has been found in CodeAstro Real Estate Management System 1.0. Affected by this…
CVE-2025-48947
2025-06-04
N/A
0.0
The Auth0 Next.js SDK is a library for implementing user authentication in Next.js applications. In Auth0 Next.js SDK versions 4.0.1…
CVE-2025-48951
2025-06-03
N/A
0.0
Auth0-PHP is a PHP SDK for Auth0 Authentication and Management APIs. Versions 8.0.0-BETA3 prior to 8.3.1 contain a vulnerability due…
CVE-2025-46548
2025-06-03
MEDIUM
6.5
If you enable Basic Authentication in Pekko Management using the Java DSL, the authenticator may not be properly applied. Users…
CVE-2025-48881
2025-05-30
HIGH
8.3
Valtimo is a platform for Business Process Automation. In versions starting from 11.0.0.RELEASE to 11.3.3.RELEASE and 12.0.0.RELEASE to 12.12.0.RELEASE, all…
CVE-2025-4353
2025-05-06
MEDIUM
6.3
A vulnerability, which was classified as critical, was found in Brilliance Golden Link Secondary System up to 20250424. Affected is…
CVE-2025-4352
2025-05-06
MEDIUM
6.3
A vulnerability, which was classified as critical, has been found in Brilliance Golden Link Secondary System up to 20250424. This…
CVE-2025-46341
2025-06-04
HIGH
7.1
FreshRSS is a self-hosted RSS feed aggregator. Prior to version 1.26.2, when the server is using HTTP auth via reverse…
CVE-2025-46204
2025-06-04
MEDIUM
6.5
An issue in Unifiedtransform v2.0 allows a remote attacker to escalate privileges via the /course/edit/{id} endpoint.
CVE-2025-46203
2025-06-04
MEDIUM
6.5
An issue in Unifiedtransform v2.0 allows a remote attacker to escalate privileges via the /students/edit/{id} endpoint.
CVE-2025-46011
2025-06-04
MEDIUM
6.5
Listmonk v2.4.0 through v4.1.0 is vulnerable to SQL Injection in the QuerySubscribers function which allows attackers to escalate privileges.
CVE-2025-43924
2025-06-03
MEDIUM
6.1
Cross Site Scripting vulnerability was discovered in Unicom Focal Point 7.6.1. The val parameter in SettingController (for /fp/admin/settings/loginpage) and the…
CVE-2025-43923
2025-06-03
MEDIUM
6.5
An issue was discovered in ReportController in Unicom Focal Point 7.6.1. A user who has administrative privilege in Focal Point…
CVE-2025-31136
2025-06-04
MEDIUM
6.7
FreshRSS is a self-hosted RSS feed aggregator. Prior to version 1.26.2, it's possible to run arbitrary JavaScript on the feeds…
CVE-2025-29093
2025-06-04
HIGH
8.2
File Upload vulnerability in Motivian Content Mangment System v.41.0.0 allows a remote attacker to execute arbitrary code via the Content/Gallery/Images…
« Anterior
Página 297 de 3506
Siguiente »
Page load link
Go to Top
