Skip to content
Toggle Navigation
ISO/IEC 27001
Introducción a ISO 27001
Requisitos Normativos
ISO 27001 – GAP Analysis (Tool)
Todos el contenido
Ciberseguridad
Introducción a la ciberseguridad
Defensa de sistemas informáticos
Amenazas y tendencias
Eventos de ciberseguridad
Glosario
Todos los artículos
Vulnerabilidades CVE
Desarrollo seguro (SDLC)
Desarrollo de software seguro
Normativa y Leyes
Leyes de protección de datos
Agencias nacionales de ciberseguridad
Contacto
Vulnerabilidades CVE
Vulnerabilidades CVE
drmunozcl
2025-06-04T18:44:58-04:00
Vulnerabilidades CVE
A continuación la lista de las últimas vulnerabilidades publicadas por el instituto NIST:
Filtrar por severidad:
Todas
NONE
LOW
MEDIUM
HIGH
CRITICAL
UNKNOWN
Filtrar
CVE ID
Publicado
Severidad
CVSS
Descripción
CVE-2025-5539
2025-06-04
MEDIUM
6.4
The Simple Contact Form Plugin for WordPress – WP Easy Contact plugin for WordPress is vulnerable to Stored Cross-Site Scripting…
CVE-2025-20996
2025-06-04
MEDIUM
5.0
Improper authorization in Smart Switch installed on non-Samsung Device prior to version 3.7.64.10 allows local attackers to read data with…
CVE-2025-20995
2025-06-04
MEDIUM
4.9
Improper handling of insufficient permission in ClientProvider in Samsung Internet installed on non-Samsung Device prior to version 28.0.0.59 allows local…
CVE-2025-20994
2025-06-04
MEDIUM
4.5
Improper handling of insufficient permission in SyncClientProvider in Samsung Internet installed on non-Samsung Device prior to version 28.0.0.59 allows local…
CVE-2025-20993
2025-06-04
MEDIUM
4.0
Out-of-bounds write in libsecimaging.camera.samsung.so prior to SMR Jun-2025 Release 1 allows local attackers to write out-of-bounds memory.
CVE-2025-20992
2025-06-04
MEDIUM
4.0
Out-of-bound read in libsecimaging.camera.samsung.so prior to SMR Feb-2025 Release 1 allows local attackers to read out-of-bounds memory.
CVE-2025-20991
2025-06-04
MEDIUM
4.0
Improper export of Android application components in Bluetooth prior to SMR Jun-2025 Release 1 allows local attackers to make devices…
CVE-2025-20989
2025-06-04
MEDIUM
5.2
Improper logging in fingerprint trustlet prior to SMR May-2025 Release 1 allows local privileged attackers to get a hmac_key.
CVE-2025-20988
2025-06-04
MEDIUM
5.5
Out-of-bounds read in fingerprint trustlet prior to SMR May-2025 Release 1 allows local privileged attackers to read out-of-bounds memory.
CVE-2025-20987
2025-06-04
MEDIUM
5.2
Improper access control in fingerprint trustlet prior to SMR May-2025 Release 1 allows local privileged attackers to get a auth_token.
CVE-2025-20986
2025-06-04
MEDIUM
5.5
Improper access control in ScreenCapture for Galaxy Watch prior to SMR Jun-2025 Release 1 allows local attackers to take screenshots.
CVE-2025-20985
2025-06-04
MEDIUM
5.5
Improper privilege management in ThemeManager prior to SMR Jun-2025 Release 1 allows local privileged attackers to reuse trial items.
CVE-2025-20984
2025-06-04
MEDIUM
6.8
Incorrect default permission in Samsung Cloud for Galaxy Watch prior to SMR Jun-2025 Release 1 allows local attackers to access…
CVE-2025-20981
2025-06-04
MEDIUM
6.2
Improper access control in AudioService prior to SMR Jun-2025 Release 1 allows local attackers to access sensitive information.
CVE-2024-31127
2025-06-04
HIGH
7.3
An improper verification of a loaded library in Zscaler Client Connector on Mac < 4.2.0.241 may allow a local attacker…
CVE-2025-5560
2025-06-04
HIGH
7.3
A vulnerability was found in PHPGurukul Curfew e-Pass Management System 1.0. It has been classified as critical. Affected is an…
CVE-2025-5558
2025-06-04
MEDIUM
6.3
A vulnerability was found in PHPGurukul Teacher Subject Allocation Management System 1.0 and classified as critical. This issue affects some…
CVE-2025-5557
2025-06-04
MEDIUM
6.3
A vulnerability has been found in PHPGurukul Teacher Subject Allocation Management System 1.0 and classified as critical. This vulnerability affects…
CVE-2025-5556
2025-06-04
MEDIUM
6.3
A vulnerability, which was classified as critical, was found in PHPGurukul Teacher Subject Allocation Management System 1.0. This affects an…
CVE-2025-5532
2025-06-04
MEDIUM
6.4
The Campus Directory – Faculty, Staff & Student Directory Plugin for WordPress plugin for WordPress is vulnerable to Stored Cross-Site…
CVE-2025-5531
2025-06-04
MEDIUM
6.4
The Employee Directory – Staff Listing & Team Directory Plugin for WordPress plugin for WordPress is vulnerable to Stored Cross-Site…
CVE-2025-5554
2025-06-04
MEDIUM
6.3
A vulnerability, which was classified as critical, has been found in PHPGurukul Rail Pass Management System 1.0. Affected by this…
CVE-2025-5553
2025-06-04
HIGH
7.3
A vulnerability classified as critical was found in PHPGurukul Rail Pass Management System 1.0. Affected by this vulnerability is an…
CVE-2025-5552
2025-06-04
MEDIUM
6.3
A vulnerability was found in ChestnutCMS up to 15.1. It has been declared as critical. This vulnerability affects unknown code…
CVE-2025-49223
2025-06-04
CRITICAL
9.8
billboard.js before 3.15.1 was discovered to contain a prototype pollution via the function generate, which could allow attackers to execute…
CVE-2025-5551
2025-06-04
HIGH
7.3
A vulnerability was found in FreeFloat FTP Server 1.0. It has been classified as critical. This affects an unknown part…
CVE-2025-5550
2025-06-04
HIGH
7.3
A vulnerability was found in FreeFloat FTP Server 1.0 and classified as critical. Affected by this issue is some unknown…
CVE-2025-5549
2025-06-04
HIGH
7.3
A vulnerability has been found in FreeFloat FTP Server 1.0 and classified as critical. Affected by this vulnerability is an…
CVE-2025-5548
2025-06-04
HIGH
7.3
A vulnerability, which was classified as critical, was found in FreeFloat FTP Server 1.0. Affected is an unknown function of…
CVE-2025-5547
2025-06-04
HIGH
7.3
A vulnerability, which was classified as critical, has been found in FreeFloat FTP Server 1.0. This issue affects some unknown…
CVE-2025-5546
2025-06-04
MEDIUM
6.3
A vulnerability classified as critical was found in PHPGurukul Daily Expense Tracker System 1.1. This vulnerability affects unknown code of…
CVE-2025-5545
2025-06-04
MEDIUM
4.3
A vulnerability classified as problematic has been found in aaluoxiang oa_system up to 5b445a6227b51cee287bd0c7c33ed94b801a82a5. This affects the function image of…
CVE-2025-5544
2025-06-03
MEDIUM
4.3
A vulnerability was found in aaluoxiang oa_system up to 5b445a6227b51cee287bd0c7c33ed94b801a82a5. It has been rated as problematic. Affected by this issue…
CVE-2025-5543
2025-06-03
LOW
2.4
A vulnerability was found in TOTOLINK X2000R 1.0.0-B20230726.1108. It has been declared as problematic. Affected by this vulnerability is an…
CVE-2025-5542
2025-06-03
LOW
2.4
A vulnerability was found in TOTOLINK X2000R 1.0.0-B20230726.1108. It has been classified as problematic. Affected is an unknown function of…
CVE-2025-5527
2025-06-03
HIGH
8.8
A vulnerability was found in Tenda RX3 16.03.13.11_multi_TDE01. It has been rated as critical. This issue affects the function save_staticroute_data…
CVE-2025-49002
2025-06-03
N/A
0.0
DataEase is an open source business intelligence and data visualization tool. Versions prior to version 2.10.10 have a flaw in…
CVE-2025-49001
2025-06-03
N/A
0.0
DataEase is an open source business intelligence and data visualization tool. Prior to version 2.10.10, secret verification does not take…
CVE-2025-49000
2025-06-03
LOW
3.5
InvenTree is an Open Source Inventory Management System. Prior to version 0.17.13, the skip field in the built-in `label-sheet` plugin…
CVE-2025-48999
2025-06-03
N/A
0.0
DataEase is an open source business intelligence and data visualization tool. A bypass of CVE-2025-46566's patch exists in versions prior…
CVE-2025-5525
2025-06-03
MEDIUM
5.6
A vulnerability was found in Jrohy trojan up to 2.15.3. It has been declared as critical. This vulnerability affects the…
CVE-2025-5523
2025-06-03
LOW
3.5
A vulnerability classified as problematic has been found in enilu web-flash 1.0. This affects the function fileService.upload of the file…
CVE-2025-35036
2025-06-03
HIGH
7.3
Hibernate Validator before 6.2.0 and 7.0.0, by default and depending how it is used, may interpolate user-supplied input in a…
CVE-2025-5522
2025-06-03
HIGH
7.3
A vulnerability was found in jack0240 魏 bskms 蓝天幼儿园管理系统 up to dffe6640b5b54d8e29da6f060e0493fea74b3fad. It has been rated as critical. Affected by…
CVE-2025-5521
2025-06-03
MEDIUM
4.3
A vulnerability was found in WuKongOpenSource WukongCRM 9.0. It has been declared as problematic. Affected by this vulnerability is an…
CVE-2025-48998
2025-06-03
N/A
0.0
DataEase is an open source business intelligence and data visualization tool. Prior to version 2.10.6, a bypass of the patch…
CVE-2025-48997
2025-06-03
N/A
0.0
Multer is a node.js middleware for handling `multipart/form-data`. A vulnerability that is present starting in version 1.4.4-lts.1 and prior to…
CVE-2025-48953
2025-06-03
MEDIUM
5.5
Umbraco is an ASP.NET content management system (CMS). Starting in version 14.0.0 and prior to versions 15.4.2 and 16.0.0, it's…
CVE-2025-48950
2025-06-03
N/A
0.0
MaxKB is an open-source AI assistant for enterprise. Prior to version 1.10.8-lts, Sandbox only restricts the execution permissions of binary…
CVE-2025-23102
2025-06-03
HIGH
8.8
An issue was discovered in Samsung Mobile Processor Exynos 9820, 9825, 980, 990, 1080, 2100, 1280, 2200, and 1380. A…
« Anterior
Página 307 de 3509
Siguiente »
Page load link
Go to Top
