Skip to content
Toggle Navigation
ISO/IEC 27001
Introducción a ISO 27001
Requisitos Normativos
ISO 27001 – GAP Analysis (Tool)
Todos el contenido
Ciberseguridad
Introducción a la ciberseguridad
Defensa de sistemas informáticos
Amenazas y tendencias
Eventos de ciberseguridad
Glosario
Todos los artículos
Vulnerabilidades CVE
Desarrollo seguro (SDLC)
Desarrollo de software seguro
Normativa y Leyes
Leyes de protección de datos
Agencias nacionales de ciberseguridad
Contacto
Vulnerabilidades CVE
Vulnerabilidades CVE
drmunozcl
2025-06-04T18:44:58-04:00
Vulnerabilidades CVE
A continuación la lista de las últimas vulnerabilidades publicadas por el instituto NIST:
Filtrar por severidad:
Todas
NONE
LOW
MEDIUM
HIGH
CRITICAL
UNKNOWN
Filtrar
CVE ID
Publicado
Severidad
CVSS
Descripción
CVE-2024-23207
2024-01-23
MEDIUM
5.5
This issue was addressed with improved redaction of sensitive information. This issue is fixed in watchOS 10.3, iOS 17.3 and…
CVE-2024-23172
2024-01-12
MEDIUM
5.4
An issue was discovered in the CheckUser extension in MediaWiki before 1.35.14, 1.36.x through 1.39.x before 1.39.6, and 1.40.x before…
CVE-2024-23031
2024-02-01
MEDIUM
6.1
Cross Site Scripting (XSS) vulnerability in is_water parameter in eyoucms v.1.6.5 allows a remote attacker to run arbitrary code via…
CVE-2022-37137
2022-09-14
MEDIUM
5.4
PayMoney 3.3 is vulnerable to Stored Cross-Site Scripting (XSS) during replying the ticket. The XSS can be obtain from injecting…
CVE-2022-34707
2022-08-09
HIGH
7.8
Windows Kernel Elevation of Privilege Vulnerability
CVE-2022-34706
2022-08-09
HIGH
7.8
Windows Local Security Authority (LSA) Elevation of Privilege Vulnerability
CVE-2022-34705
2022-08-09
HIGH
7.8
Windows Defender Credential Guard Elevation of Privilege Vulnerability
CVE-2022-34703
2022-08-09
HIGH
7.8
Windows Partition Management Driver Elevation of Privilege Vulnerability
CVE-2022-34702
2022-08-09
HIGH
8.1
Windows Secure Socket Tunneling Protocol (SSTP) Remote Code Execution Vulnerability
CVE-2022-34701
2022-08-09
HIGH
7.5
Windows Secure Socket Tunneling Protocol (SSTP) Denial of Service Vulnerability
CVE-2024-13254
2025-01-09
HIGH
7.5
Insertion of Sensitive Information Into Sent Data vulnerability in Drupal REST Views allows Forceful Browsing.This issue affects REST Views: from…
CVE-2024-13252
2025-01-09
MEDIUM
5.4
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Drupal TacJS allows Cross-Site Scripting (XSS).This issue affects…
CVE-2025-4887
2025-05-18
MEDIUM
4.3
A vulnerability, which was classified as problematic, has been found in SourceCodester Online Student Clearance System 1.0. Affected by this…
CVE-2025-4886
2025-05-18
HIGH
7.3
A vulnerability classified as critical was found in itsourcecode Sales and Inventory System 1.0. Affected by this vulnerability is an…
CVE-2025-4813
2025-05-16
HIGH
7.3
A vulnerability, which was classified as critical, was found in PHPGurukul Human Metapneumovirus Testing Management System 1.0. Affected is an…
CVE-2025-4812
2025-05-16
HIGH
7.3
A vulnerability, which was classified as critical, has been found in PHPGurukul Human Metapneumovirus Testing Management System 1.0. This issue…
CVE-2025-4811
2025-05-16
HIGH
7.3
A vulnerability was found in CodeAstro Pharmacy Management System 1.0. It has been rated as critical. Affected by this issue…
CVE-2024-13253
2025-01-09
CRITICAL
9.1
Incorrect Authorization vulnerability in Drupal Advanced PWA inc Push Notifications allows Forceful Browsing.This issue affects Advanced PWA inc Push Notifications:…
CVE-2024-13251
2025-01-09
HIGH
8.8
Incorrect Privilege Assignment vulnerability in Drupal Registration role allows Privilege Escalation.This issue affects Registration role: from 0.0.0 before 2.0.1.
CVE-2025-2676
2025-03-24
HIGH
7.3
A vulnerability, which was classified as critical, was found in PHPGurukul Bank Locker Management System 1.0. This affects an unknown…
CVE-2025-2677
2025-03-24
HIGH
7.3
A vulnerability has been found in PHPGurukul Bank Locker Management System 1.0 and classified as critical. This vulnerability affects unknown…
CVE-2024-13249
2025-01-09
MEDIUM
5.4
Improper Ownership Management vulnerability in Drupal Node Access Rebuild Progressive allows Target Influence via Framing.This issue affects Node Access Rebuild…
CVE-2024-13248
2025-01-09
MEDIUM
5.5
Incorrect Privilege Assignment vulnerability in Drupal Private content allows Target Influence via Framing.This issue affects Private content: from 0.0.0 before…
CVE-2025-2678
2025-03-24
HIGH
7.3
A vulnerability was found in PHPGurukul Bank Locker Management System 1.0 and classified as critical. This issue affects some unknown…
CVE-2025-24473
2025-05-28
LOW
3.7
A exposure of sensitive system information to an unauthorized control sphere in Fortinet FortiClientWindows versions 7.2.0 through 7.2.1 may allow…
CVE-2025-25251
2025-05-28
HIGH
7.8
An Incorrect Authorization vulnerability [CWE-863] in FortiClient Mac 7.4.0 through 7.4.2, 7.2.0 through 7.2.8, 7.0.0 through 7.0.14 may allow a…
CVE-2025-46777
2025-05-28
LOW
2.3
A insertion of sensitive information into log file in Fortinet FortiPortal versions 7.4.0, versions 7.2.0 through 7.2.5, and versions 7.0.0…
CVE-2025-47294
2025-05-28
MEDIUM
5.3
A integer overflow or wraparound in Fortinet FortiOS versions 7.2.0 through 7.2.7, versions 7.0.0 through 7.0.14 may allow a remote…
CVE-2025-47295
2025-05-28
LOW
3.7
A buffer over-read in Fortinet FortiOS versions 7.4.0 through 7.4.3, versions 7.2.0 through 7.2.7, and versions 7.0.0 through 7.0.14 may…
CVE-2025-27702
2025-05-28
MEDIUM
4.9
CVE-2025-27702 is a vulnerability in the management console of Absolute Secure Access prior to version 13.54. Attackers with administrative access…
CVE-2025-5332
2025-05-29
HIGH
7.3
A vulnerability was found in 1000 Projects Online Notice Board 1.0 and classified as critical. This issue affects some unknown…
CVE-2025-48476
2025-05-30
HIGH
8.8
FreeScout is a free self-hosted help desk and shared mailbox. Prior to version 1.8.180, when adding and editing user records…
CVE-2025-48477
2025-05-30
HIGH
8.1
FreeScout is a free self-hosted help desk and shared mailbox. Prior to version 1.8.180, the application's logic requires the user…
CVE-2025-48478
2025-05-30
MEDIUM
4.9
FreeScout is a free self-hosted help desk and shared mailbox. Prior to version 1.8.180, insufficient input validation during user creation…
CVE-2025-48479
2025-05-30
LOW
2.7
FreeScout is a free self-hosted help desk and shared mailbox. Prior to version 1.8.180, the laravel-translation-manager package does not correctly…
CVE-2025-48480
2025-05-30
LOW
2.7
FreeScout is a free self-hosted help desk and shared mailbox. Prior to version 1.8.180, an authorized user with the administrator…
CVE-2025-48481
2025-05-30
CRITICAL
9.8
FreeScout is a free self-hosted help desk and shared mailbox. Prior to version 1.8.180, an attacker with an unactivated email…
CVE-2025-48482
2025-05-30
MEDIUM
4.3
FreeScout is a free self-hosted help desk and shared mailbox. Prior to version 1.8.180, there is a mass assignment vulnerability.…
CVE-2025-48483
2025-05-30
MEDIUM
5.4
FreeScout is a free self-hosted help desk and shared mailbox. Prior to version 1.8.180, the application is vulnerable to Cross-Site…
CVE-2025-48484
2025-05-30
MEDIUM
5.4
FreeScout is a free self-hosted help desk and shared mailbox. Prior to version 1.8.178, the application is vulnerable to Cross-Site…
CVE-2024-13247
2025-01-09
MEDIUM
4.8
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Drupal Coffee allows Cross-Site Scripting (XSS).This issue affects…
CVE-2025-2679
2025-03-24
HIGH
7.3
A vulnerability was found in PHPGurukul Bank Locker Management System 1.0. It has been classified as critical. Affected is an…
CVE-2024-13246
2025-01-09
MEDIUM
5.3
Improper Ownership Management vulnerability in Drupal Node Access Rebuild Progressive allows Target Influence via Framing.This issue affects Node Access Rebuild…
CVE-2025-2680
2025-03-24
HIGH
7.3
A vulnerability was found in PHPGurukul Bank Locker Management System 1.0. It has been declared as critical. Affected by this…
CVE-2025-5592
2025-06-04
HIGH
7.3
A vulnerability, which was classified as critical, has been found in FreeFloat FTP Server 1.0. Affected by this issue is…
CVE-2024-23899
2024-01-24
MEDIUM
6.5
Jenkins Git server Plugin 99.va_0826a_b_cdfa_d and earlier does not disable a feature of its command parser that replaces an '@'…
CVE-2022-25708
2022-09-16
CRITICAL
9.8
Memory corruption in WLAN due to buffer copy without checking size of input while parsing keys in Snapdragon Connectivity, Snapdragon…
CVE-2020-36603
2022-09-14
MEDIUM
6.5
The HoYoVerse (formerly miHoYo) Genshin Impact mhyprot2.sys 1.0.0.0 anti-cheat driver does not adequately restrict unprivileged function calls, allowing local, unprivileged…
CVE-2024-13260
2025-01-09
HIGH
8.8
Cross-Site Request Forgery (CSRF) vulnerability in Drupal Migrate queue importer allows Cross Site Request Forgery.This issue affects Migrate queue importer:…
CVE-2024-13259
2025-01-09
HIGH
7.5
Insertion of Sensitive Information Into Sent Data vulnerability in Drupal Image Sizes allows Forceful Browsing.This issue affects Image Sizes: from…
« Anterior
Página 305 de 3509
Siguiente »
Page load link
Go to Top
