Skip to content
Toggle Navigation
ISO/IEC 27001
Introducción a ISO 27001
Requisitos Normativos
ISO 27001 – GAP Analysis (Tool)
Todos el contenido
Ciberseguridad
Introducción a la ciberseguridad
Defensa de sistemas informáticos
Amenazas y tendencias
Eventos de ciberseguridad
Glosario
Todos los artículos
Vulnerabilidades CVE
Desarrollo seguro (SDLC)
Desarrollo de software seguro
Normativa y Leyes
Leyes de protección de datos
Agencias nacionales de ciberseguridad
Contacto
Vulnerabilidades CVE
Vulnerabilidades CVE
drmunozcl
2025-06-04T18:44:58-04:00
Vulnerabilidades CVE
A continuación la lista de las últimas vulnerabilidades publicadas por el instituto NIST:
Filtrar por severidad:
Todas
NONE
LOW
MEDIUM
HIGH
CRITICAL
UNKNOWN
Filtrar
CVE ID
Publicado
Severidad
CVSS
Descripción
CVE-2025-21479
2025-06-03
HIGH
8.6
Memory corruption due to unauthorized command execution in GPU micronode while executing specific sequence of commands.
CVE-2025-5581
2025-06-04
HIGH
7.3
A vulnerability was found in CodeAstro Real Estate Management System 1.0. It has been declared as critical. This vulnerability affects…
CVE-2025-5582
2025-06-04
MEDIUM
6.3
A vulnerability was found in CodeAstro Real Estate Management System 1.0. It has been rated as critical. This issue affects…
CVE-2025-5583
2025-06-04
HIGH
7.3
A vulnerability classified as critical has been found in CodeAstro Real Estate Management System 1.0. Affected is an unknown function…
CVE-2025-5580
2025-06-04
HIGH
7.3
A vulnerability was found in CodeAstro Real Estate Management System 1.0. It has been classified as critical. This affects an…
CVE-2024-33526
2024-05-21
HIGH
7.1
A Stored Cross-site Scripting (XSS) vulnerability in the "Import of user role and title of user role" feature in ILIAS…
CVE-2024-33527
2024-05-21
MEDIUM
5.4
A Stored Cross-site Scripting (XSS) vulnerability in the "Import of Users and login name of user" feature in ILIAS 7…
CVE-2024-33528
2024-05-21
MEDIUM
4.7
A Stored Cross-site Scripting (XSS) vulnerability in ILIAS 7 before 7.30 and ILIAS 8 before 8.11 allows remote authenticated attackers…
CVE-2024-33529
2024-05-21
HIGH
7.2
ILIAS 7 before 7.30 and ILIAS 8 before 8.11 as well as ILIAS 9.0 allow remote authenticated attackers with administrative…
CVE-2024-48905
2025-05-01
CRITICAL
9.1
Sematell ReplyOne 7.4.3.0 has Insecure Permissions for the /rest/sessions endpoint.
CVE-2024-48906
2025-05-01
MEDIUM
6.1
Sematell ReplyOne 7.4.3.0 allows XSS via a ReplyDesk e-mail attachment name.
CVE-2024-48907
2025-05-01
HIGH
7.5
Sematell ReplyOne 7.4.3.0 allows SSRF via the application server API.
CVE-2023-35712
2024-05-03
HIGH
7.8
Ashlar-Vellum Cobalt XE File Parsing Uninitialized Memory Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code…
CVE-2023-35710
2024-05-03
HIGH
7.8
Ashlar-Vellum Cobalt Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected…
CVE-2025-45800
2025-05-02
CRITICAL
9.8
TOTOLINK A950RG V4.1.2cu.5204_B20210112 contains a command execution vulnerability in the setDeviceName interface of the /lib/cste_modules/global.so library, specifically in the processing…
CVE-2025-44900
2025-05-06
MEDIUM
6.5
In Tenda RX3 V1.0br_V16.03.13.11 in the GetParentControlInfo function of the web url /goform/GetParentControlInfo, the manipulation of the parameter mac leads…
CVE-2025-44899
2025-05-06
CRITICAL
9.8
There is a stack overflow vulnerability in Tenda RX3 V1.0br_V16.03.13.11 In the fromSetWifiGusetBasic function of the web url /goform/ WifiGuestSet,…
CVE-2024-36650
2024-06-11
HIGH
7.5
TOTOLINK AC1200 Wireless Dual Band Gigabit Router firmware A3100R V4.1.2cu.5247_B20211129, in the cgi function `setNoticeCfg` of the file `/lib/cste_modules/system.so`, the…
CVE-2025-21480
2025-06-03
HIGH
8.6
Memory corruption due to unauthorized command execution in GPU micronode while executing specific sequence of commands.
CVE-2023-34302
2024-05-03
HIGH
7.8
Ashlar-Vellum Cobalt CO File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary…
CVE-2025-27038
2025-06-03
HIGH
7.5
Memory corruption while rendering graphics using Adreno GPU drivers in Chrome.
CVE-2024-32674
2024-05-08
MEDIUM
5.4
Heateor Social Login WordPress prior to 1.1.32 contains a cross-site scripting vulnerability. If this vulnerability is exploited, an arbitrary script…
CVE-2024-27731
2024-08-15
MEDIUM
6.1
Cross Site Scripting vulnerability in Friendica v.2023.12 allows a remote attacker to obtain sensitive information via the lack of file…
CVE-2024-27730
2024-08-15
CRITICAL
9.8
Insecure Permissions vulnerability in Friendica v.2023.12 allows a remote attacker to obtain sensitive information and execute arbitrary code via the…
CVE-2024-27728
2024-08-15
MEDIUM
6.1
Cross Site Scripting vulnerability in Friendica v.2023.12 allows a remote attacker to obtain sensitive information via the text parameter of…
CVE-2025-5688
2025-06-04
N/A
0.0
We have identified a buffer overflow issue allowing out-of-bounds write when processing LLMNR or mDNS queries with very long DNS…
CVE-2025-5596
2025-06-04
HIGH
7.3
A vulnerability was found in FreeFloat FTP Server 1.0. It has been classified as critical. Affected is an unknown function…
CVE-2025-5595
2025-06-04
HIGH
7.3
A vulnerability was found in FreeFloat FTP Server 1.0 and classified as critical. This issue affects some unknown processing of…
CVE-2025-20279
2025-06-04
MEDIUM
4.8
A vulnerability in the web-based management interface of Cisco Unified CCX could allow an authenticated, remote attacker to conduct a…
CVE-2025-20278
2025-06-04
MEDIUM
6.0
A vulnerability in the CLI of multiple Cisco Unified Communications products could allow an authenticated, local attacker to execute arbitrary…
CVE-2025-20277
2025-06-04
LOW
3.4
A vulnerability in the web-based management interface of Cisco Unified CCX could allow an authenticated, local attacker to execute arbitrary…
CVE-2025-20276
2025-06-04
LOW
3.8
A vulnerability in the web-based management interface of Cisco Unified CCX could allow an authenticated, remote attacker to execute arbitrary…
CVE-2025-20275
2025-06-04
MEDIUM
5.3
A vulnerability in the file opening process of Cisco Unified Contact Center Express (Unified CCX) Editor could allow an unauthenticated…
CVE-2025-20273
2025-06-04
MEDIUM
6.1
A vulnerability in the web-based management interface of Cisco Unified Intelligent Contact Management Enterprise could allow an unauthenticated, remote attacker…
CVE-2025-20261
2025-06-04
HIGH
8.8
A vulnerability in the SSH connection handling of Cisco Integrated Management Controller (IMC) for Cisco UCS B-Series, UCS C-Series, UCS…
CVE-2025-20259
2025-06-04
MEDIUM
5.3
Multiple vulnerabilities in the update process of Cisco ThousandEyes Endpoint Agent for Windows could allow an authenticated, local attacker to…
CVE-2025-20163
2025-06-04
HIGH
8.7
A vulnerability in the SSH implementation of Cisco Nexus Dashboard Fabric Controller (NDFC) could allow an unauthenticated, remote attacker to…
CVE-2025-20130
2025-06-04
MEDIUM
4.9
A vulnerability in the API of Cisco Identity Services Engine (ISE) and Cisco ISE Passive Identity Connector (ISE-PIC) could allow…
CVE-2025-20129
2025-06-04
MEDIUM
4.3
A vulnerability in the web-based chat interface of Cisco Customer Collaboration Platform (CCP), formerly Cisco SocialMiner, could allow an unauthenticated,…
CVE-2024-46278
2024-10-07
HIGH
8.4
Teedy 1.11 is vulnerable to Cross Site Scripting (XSS) via the management console.
CVE-2023-32167
2024-05-03
MEDIUM
6.5
D-Link D-View uploadMib Directory Traversal Arbitrary File Creation or Deletion Vulnerability. This vulnerability allows remote attackers to create and delete…
CVE-2024-52711
2024-11-19
MEDIUM
5.7
DI-8100 v16.07.26A1 is vulnerable to Buffer Overflow In the ip_position_asp function via the ip parameter.
CVE-2024-39963
2024-07-19
HIGH
8.0
AX3000 Dual-Band Gigabit Wi-Fi 6 Router AX9 V22.03.01.46 and AX3000 Dual-Band Gigabit Wi-Fi 6 Router AX12 V1.0 V22.03.01.46 were discovered…
CVE-2024-41281
2024-07-19
HIGH
8.8
Linksys WRT54G v4.21.5 has a stack overflow vulnerability in get_merge_mac function.
CVE-2024-8521
2024-09-07
MEDIUM
4.3
A vulnerability, which was classified as problematic, was found in Wavelog up to 1.8.0. Affected is the function index of…
CVE-2024-8023
2024-08-21
MEDIUM
6.3
A vulnerability classified as critical has been found in chillzhuang SpringBlade 4.1.0. Affected is an unknown function of the file…
CVE-2024-13244
2025-01-09
HIGH
8.8
Cross-Site Request Forgery (CSRF) vulnerability in Drupal Migrate Tools allows Cross Site Request Forgery.This issue affects Migrate Tools: from 0.0.0…
CVE-2024-41726
2024-07-29
HIGH
7.5
Path traversal vulnerability exists in SKYSEA Client View Ver.3.013.00 to Ver.19.210.04e. If this vulnerability is exploited, an arbitrary executable file…
CVE-2024-41139
2024-07-29
HIGH
7.8
Incorrect privilege assignment vulnerability exists in SKYSEA Client View Ver.6.010.06 to Ver.19.210.04e. If a user who can log in to…
CVE-2024-10076
2025-05-15
MEDIUM
5.9
The Jetpack WordPress plugin before 13.8, Jetpack Boost WordPress plugin before 3.4.8 use regexes in the Site Accelerator features when…
« Anterior
Página 303 de 3509
Siguiente »
Page load link
Go to Top
