Vulnerabilidades CVE

A continuación la lista de las últimas vulnerabilidades publicadas por el instituto NIST:

Borrar filtros
CVE ID Publicado Severidad CVSS Descripción
CVE-2025-60722 2025-11-11 MEDIUM 6.5 Improper limitation of a pathname to a restricted directory ('path traversal') in OneDrive for Android allows an authorized attacker to elevate privileges over a network.
CVE-2025-60721 2025-11-11 HIGH 7.8 Privilege context switching error in Windows Administrator Protection allows an authorized attacker to elevate privileges locally.
CVE-2025-60720 2025-11-11 HIGH 7.8 Buffer over-read in Windows TDX.sys allows an authorized attacker to elevate privileges locally.
CVE-2025-60719 2025-11-11 HIGH 7.0 Untrusted pointer dereference in Windows Ancillary Function Driver for WinSock allows an authorized attacker to elevate privileges locally.
CVE-2025-60718 2025-11-11 HIGH 7.8 Untrusted search path in Windows Administrator Protection allows an authorized attacker to elevate privileges locally.
CVE-2025-60717 2025-11-11 HIGH 7.0 Use after free in Windows Broadcast DVR User Service allows an authorized attacker to elevate privileges locally.
CVE-2025-60716 2025-11-11 HIGH 7.0 Use after free in Windows DirectX allows an authorized attacker to elevate privileges locally.
CVE-2025-60715 2025-11-11 HIGH 8.0 Heap-based buffer overflow in Windows Routing and Remote Access Service (RRAS) allows an authorized attacker to execute code over a network.
CVE-2025-60714 2025-11-11 HIGH 7.8 Heap-based buffer overflow in Windows OLE allows an unauthorized attacker to execute code locally.
CVE-2025-60713 2025-11-11 HIGH 7.8 Untrusted pointer dereference in Windows Routing and Remote Access Service (RRAS) allows an authorized attacker to elevate privileges locally.
CVE-2025-60710 2025-11-11 HIGH 7.8 Improper link resolution before file access ('link following') in Host Process for Windows Tasks allows an authorized attacker to elevate privileges locally.
CVE-2025-60709 2025-11-11 HIGH 7.8 Out-of-bounds read in Windows Common Log File System Driver allows an authorized attacker to elevate privileges locally.
CVE-2025-60708 2025-11-11 MEDIUM 6.5 Untrusted pointer dereference in Storvsp.sys Driver allows an authorized attacker to deny service locally.
CVE-2025-60707 2025-11-11 HIGH 7.8 Use after free in Multimedia Class Scheduler Service (MMCSS) allows an authorized attacker to elevate privileges locally.
CVE-2025-60706 2025-11-11 MEDIUM 5.5 Out-of-bounds read in Windows Hyper-V allows an authorized attacker to disclose information locally.
CVE-2025-60705 2025-11-11 HIGH 7.8 Improper access control in Windows Client-Side Caching (CSC) Service allows an authorized attacker to elevate privileges locally.
CVE-2025-60704 2025-11-11 HIGH 7.5 Missing cryptographic step in Windows Kerberos allows an unauthorized attacker to elevate privileges over a network.
CVE-2025-60703 2025-11-11 HIGH 7.8 Untrusted pointer dereference in Windows Remote Desktop allows an authorized attacker to elevate privileges locally.
CVE-2025-59515 2025-11-11 HIGH 7.0 Use after free in Windows Broadcast DVR User Service allows an authorized attacker to elevate privileges locally.
CVE-2025-59514 2025-11-11 HIGH 7.8 Improper privilege management in Microsoft Streaming Service allows an authorized attacker to elevate privileges locally.
CVE-2025-12152 2025-11-12 N/A 0.0 Rejected reason: ** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. Reason: This candidate was issued in error. Notes: All references and descriptions in this candidate have been…
CVE-2025-12068 2025-11-12 N/A 0.0 Rejected reason: ** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. Reason: This candidate was issued in error. Notes: All references and descriptions in this candidate have been…
CVE-2025-12942 2025-11-11 N/A 0.0 Improper Input Validation vulnerability in NETGEAR R6260 and NETGEAR R6850 allows unauthenticated attackers connected to LAN with ability to perform MiTM attacks and control over DNS Server to…
CVE-2025-61832 2025-11-11 HIGH 7.8 InDesign Desktop versions 20.5, 19.5.5 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current…
CVE-2025-61824 2025-11-11 HIGH 7.8 InDesign Desktop versions 20.5, 19.5.5 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current…
CVE-2025-61818 2025-11-11 HIGH 7.8 InCopy versions 20.5, 19.5.5 and earlier are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user.…
CVE-2025-61817 2025-11-11 HIGH 7.8 InCopy versions 20.5, 19.5.5 and earlier are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user.…
CVE-2025-61816 2025-11-11 HIGH 7.8 InCopy versions 20.5, 19.5.5 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user.…
CVE-2025-61815 2025-11-11 HIGH 7.8 InDesign Desktop versions 20.5, 19.5.5 and earlier are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current…
CVE-2025-61814 2025-11-11 HIGH 7.8 InDesign Desktop versions 20.5, 19.5.5 and earlier are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current…
CVE-2025-35972 2025-11-11 MEDIUM 6.7 Uncontrolled search path for the Intel MPI Library before version 2021.16 within Ring 3: User Applications may allow an escalation of privilege. Unprivileged software adversary with an authenticated…
CVE-2025-35971 2025-11-11 HIGH 8.2 Out-of-bounds write for some Intel(R) PROSet/Wireless WiFi Software for Windows before version 23.160 within Ring 2: Device Drivers may allow a denial of service. Unprivileged software adversary with…
CVE-2025-35968 2025-11-11 MEDIUM 6.4 Protection mechanism failure in the UEFI firmware for the Slim Bootloader within firmware may allow an escalation of privilege. Startup code and smm adversary with a privileged user…
CVE-2025-35967 2025-11-11 HIGH 7.4 Out-of-bounds read for some Intel(R) PROSet/Wireless WiFi Software for Windows before version 23.160 within Ring 2: Device Drivers may allow a denial of service. Unprivileged software adversary with…
CVE-2025-35963 2025-11-11 HIGH 7.4 Insufficient control flow management for some Intel(R) PROSet/Wireless WiFi Software for Windows before version 23.160 within Ring 2: Device Drivers may allow a denial of service. Unprivileged software…
CVE-2025-33202 2025-11-11 MEDIUM 6.5 NVIDIA Triton Inference Server for Linux and Windows contains a vulnerability where an attacker could cause a stack overflow by sending extra-large payloads. A successful exploit of this…
CVE-2025-33186 2025-11-11 HIGH 8.8 NVIDIA AIStore contains a vulnerability in AuthN. A successful exploit of this vulnerability might lead to escalation of privileges, information disclosure, and data tampering.
CVE-2025-33185 2025-11-11 MEDIUM 5.3 NVIDIA AIStore contains a vulnerability in AuthN where an unauthenticated user may cause information disclosure.  A successful exploit of this vulnerability may lead to information disclosure.
CVE-2025-33178 2025-11-11 HIGH 7.8 NVIDIA NeMo Framework for all platforms contains a vulnerability in the bert services component where malicious data created by an attacker may cause a code injection. A successful…
CVE-2025-33029 2025-11-11 HIGH 7.4 Out-of-bounds write for some Intel(R) PROSet/Wireless WiFi Software for Windows before version 23.160 within Ring 2: Device Drivers may allow a denial of service. Unprivileged software adversary with…
CVE-2025-33000 2025-11-11 HIGH 8.8 Improper input validation for some Intel QuickAssist Technology before version 2.6.0 within Ring 3: User Applications may allow an escalation of privilege. System software adversary with an authenticated…
CVE-2025-32732 2025-11-11 MEDIUM 6.6 Buffer overflow for some Intel(R) QAT Windows software before version 2.6.0. within Ring 3: User Applications may allow a denial of service. System software adversary with an authenticated…
CVE-2025-32449 2025-11-11 MEDIUM 6.7 Unquoted search path for some PRI Driver software before version 03.03.1002 within Ring 3: User Applications may allow an escalation of privilege. Unprivileged software adversary with an authenticated…
CVE-2025-32446 2025-11-11 MEDIUM 6.5 Untrusted pointer dereference for some Intel QuickAssist Technology software before version 2.6.0 within Ring 3: User Applications may allow an escalation of privilege. System software adversary with an…
CVE-2025-32091 2025-11-11 HIGH 8.2 Incorrect default permissions in some firmware for the Intel(R) Arc(TM) B-series GPUs within Ring 1: Device Drivers may allow an escalation of privilege. System software adversary with a…
CVE-2025-32088 2025-11-11 LOW 3.3 Improper conditions check for some Intel(R) QAT Windows software before version 2.6.0. within Ring 3: User Applications may allow a denial of service. System software adversary with an…
CVE-2025-32038 2025-11-11 MEDIUM 6.7 Uncontrolled search path for some FPGA Support Package for the Intel oneAPI DPC++C++ Compiler software before version 2025.0.1 within Ring 3: User Applications may allow an escalation of…
CVE-2025-32037 2025-11-11 LOW 2.0 Improper access control for some Intel(R) PresentMon before version 2.3.1 within Ring 3: User Applications may allow a denial of service. Network adversary with a privileged user combined…
CVE-2025-32001 2025-11-11 MEDIUM 6.7 Uncontrolled search path for the Intel(R) Processor Identification Utility before version 8.0.43 within Ring 3: User Applications may allow an escalation of privilege. System software adversary with an…
CVE-2025-31948 2025-11-11 LOW 3.3 Improper input validation for some Intel(R) oneAPI Math Kernel Library before version 2025.2 within Ring 3: User Applications may allow a denial of service. Unprivileged software adversary with…
« Anterior Página 301 de 3934 Siguiente »