Skip to content
Toggle Navigation
ISO/IEC 27001
Introducción a ISO 27001
Requisitos Normativos
ISO 27001 – GAP Analysis (Tool)
Todos el contenido
Ciberseguridad
Introducción a la ciberseguridad
Defensa de sistemas informáticos
Amenazas y tendencias
Eventos de ciberseguridad
Glosario
Todos los artículos
Vulnerabilidades CVE
Desarrollo seguro (SDLC)
Desarrollo de software seguro
Normativa y Leyes
Leyes de protección de datos
Agencias nacionales de ciberseguridad
Contacto
Vulnerabilidades CVE
Vulnerabilidades CVE
drmunozcl
2025-06-04T18:44:58-04:00
Vulnerabilidades CVE
A continuación la lista de las últimas vulnerabilidades publicadas por el instituto NIST:
Filtrar por severidad:
Todas
NONE
LOW
MEDIUM
HIGH
CRITICAL
UNKNOWN
Filtrar
CVE ID
Publicado
Severidad
CVSS
Descripción
CVE-2025-23102
2025-06-03
HIGH
8.8
An issue was discovered in Samsung Mobile Processor Exynos 9820, 9825, 980, 990, 1080, 2100, 1280, 2200, and 1380. A…
CVE-2025-5520
2025-06-03
MEDIUM
5.3
A vulnerability was found in Open5GS up to 2.7.3. It has been classified as problematic. Affected is the function gmm_state_authentication/emm_state_authentication…
CVE-2025-5516
2025-06-03
LOW
2.4
A vulnerability, which was classified as problematic, was found in TOTOLINK X2000R 1.0.0-B20230726.1108. This affects an unknown part of the…
CVE-2025-5515
2025-06-03
MEDIUM
6.3
A vulnerability, which was classified as critical, has been found in TOTOLINK X2000R 1.0.0-B20230726.1108. Affected by this issue is some…
CVE-2025-5513
2025-06-03
LOW
3.5
A vulnerability has been found in quequnlong shiyi-blog up to 1.2.1 and classified as problematic. Affected by this vulnerability is…
CVE-2025-30360
2025-06-03
MEDIUM
6.5
webpack-dev-server allows users to use webpack with a development server that provides live reloading. Prior to version 5.2.1, webpack-dev-server users'…
CVE-2025-30359
2025-06-03
MEDIUM
5.3
webpack-dev-server allows users to use webpack with a development server that provides live reloading. Prior to version 5.2.1, webpack-dev-server users'…
CVE-2025-5512
2025-06-03
HIGH
7.3
A vulnerability, which was classified as critical, was found in quequnlong shiyi-blog up to 1.2.1. Affected is an unknown function…
CVE-2025-5511
2025-06-03
MEDIUM
5.3
A vulnerability, which was classified as critical, has been found in quequnlong shiyi-blog up to 1.2.1. This issue affects some…
CVE-2025-5510
2025-06-03
MEDIUM
6.3
A vulnerability classified as critical was found in quequnlong shiyi-blog up to 1.2.1. This vulnerability affects unknown code of the…
CVE-2025-32106
2025-06-03
CRITICAL
9.8
In Audiocodes Mediapack MP-11x through 6.60A.369.002, a crafted POST request request may result in an unauthenticated remote user's ability to…
CVE-2025-32105
2025-06-03
CRITICAL
9.8
A buffer overflow in the the Sangoma IMG2020 HTTP server through 2.3.9.6 allows an unauthenticated user to achieve remote code…
CVE-2025-30167
2025-06-03
HIGH
7.3
Jupyter Core is a package for the core common functionality of Jupyter projects. When using Jupyter Core prior to version…
CVE-2025-23107
2025-06-03
HIGH
8.6
An issue was discovered in Samsung Mobile Processor Exynos 1480 and 2400. The lack of a length check leads to…
CVE-2025-5509
2025-06-03
MEDIUM
6.3
A vulnerability classified as critical has been found in quequnlong shiyi-blog up to 1.2.1. This affects an unknown part of…
CVE-2025-5508
2025-06-03
LOW
2.4
A vulnerability was found in TOTOLINK A3002RU 2.1.1-B20230720.1011. It has been rated as problematic. Affected by this issue is some…
CVE-2025-5507
2025-06-03
LOW
2.4
A vulnerability was found in TOTOLINK A3002RU 2.1.1-B20230720.1011. It has been declared as problematic. Affected by this vulnerability is an…
CVE-2025-45854
2025-06-03
CRITICAL
10.0
/server/executeExec of JEHC-BPM 2.0.1 allows attackers to execute arbitrary code via execParams.
CVE-2025-44148
2025-06-03
CRITICAL
9.8
Cross Site Scripting (XSS) vulnerability in MailEnable before v10 allows a remote attacker to execute arbitrary code via the failure.aspx…
CVE-2025-25022
2025-06-03
CRITICAL
9.6
IBM QRadar Suite Software 1.10.12.0 through 1.11.2.0 and IBM Cloud Pak for Security 1.10.0.0 through 1.10.11.0 could allow an unauthenticated…
CVE-2025-25021
2025-06-03
HIGH
7.2
IBM QRadar Suite Software 1.10.12.0 through 1.11.2.0 and IBM Cloud Pak for Security 1.10.0.0 through 1.10.11.0 could allow a privileged…
CVE-2025-25020
2025-06-03
MEDIUM
6.5
IBM QRadar Suite Software 1.10.12.0 through 1.11.2.0 and IBM Cloud Pak for Security 1.10.0.0 through 1.10.11.0 could allow an authenticated…
CVE-2025-25019
2025-06-03
MEDIUM
4.8
IBM QRadar Suite Software 1.10.12.0 through 1.11.2.0 and IBM Cloud Pak for Security 1.10.0.0 through 1.10.11.0 does not invalidate session…
CVE-2025-23103
2025-06-03
HIGH
8.6
An issue was discovered in Samsung Mobile Processor Exynos 1480 and 2400. The lack of a length check leads to…
CVE-2025-1334
2025-06-03
MEDIUM
4.0
IBM QRadar Suite Software 1.10.12.0 through 1.11.2.0 and IBM Cloud Pak for Security 1.10.0.0 through 1.10.11.0 allows web pages to…
CVE-2025-5506
2025-06-03
LOW
2.4
A vulnerability was found in TOTOLINK A3002RU 2.1.1-B20230720.1011. It has been classified as problematic. Affected is an unknown function of…
CVE-2025-5505
2025-06-03
LOW
2.4
A vulnerability was found in TOTOLINK A3002RU 2.1.1-B20230720.1011 and classified as problematic. This issue affects some unknown processing of the…
CVE-2025-5504
2025-06-03
MEDIUM
6.3
A vulnerability has been found in TOTOLINK X2000R 1.0.0-B20230726.1108 and classified as critical. This vulnerability affects unknown code of the…
CVE-2025-5503
2025-06-03
HIGH
8.8
A vulnerability, which was classified as critical, was found in TOTOLINK X15 1.0.0-B20230714.1105. This affects the function formMapReboot of the…
CVE-2025-43925
2025-06-03
MEDIUM
4.6
An issue was discovered in Unicom Focal Point 7.6.1. The database is encrypted with a hardcoded key, making it easier…
CVE-2025-36564
2025-06-03
HIGH
7.8
Dell Encryption Admin Utilities versions prior to 11.10.2 contain an Improper Link Resolution vulnerability. A local malicious user could potentially…
CVE-2024-45655
2025-06-03
MEDIUM
5.5
IBM Application Gateway 19.12 through 24.09 could allow a local privileged user to perform unauthorized actions due to incorrect permissions…
CVE-2025-5502
2025-06-03
MEDIUM
6.3
A vulnerability, which was classified as critical, has been found in TOTOLINK X15 1.0.0-B20230714.1105. Affected by this issue is the…
CVE-2025-5501
2025-06-03
MEDIUM
5.3
A vulnerability classified as problematic was found in Open5GS up to 2.7.3. Affected by this vulnerability is the function ngap_handle_path_switch_request_transfer…
CVE-2025-5499
2025-06-03
HIGH
7.3
A vulnerability classified as critical has been found in slackero phpwcms up to 1.9.45/1.10.8. Affected is the function is_file/getimagesize of…
CVE-2025-5498
2025-06-03
MEDIUM
5.5
A vulnerability was found in slackero phpwcms up to 1.9.45/1.10.8. It has been rated as critical. This issue affects the…
CVE-2025-46154
2025-06-03
HIGH
8.4
Foxcms v1.25 has a SQL time injection in the $_POST['dbname'] parameter of installdb.php.
CVE-2025-45855
2025-06-03
MEDIUM
5.4
An arbitrary file upload vulnerability in the component /upload/GoodsCategory/image of erupt v1.12.19 allows attackers to execute arbitrary code via uploading…
CVE-2025-5497
2025-06-03
MEDIUM
6.3
A vulnerability was found in slackero phpwcms up to 1.9.45/1.10.8. It has been declared as critical. This vulnerability affects unknown…
CVE-2025-5495
2025-06-03
HIGH
7.3
A vulnerability was found in Netgear WNR614 1.1.0.28_1.0.1WW. It has been classified as critical. This affects an unknown part of…
CVE-2025-4517
2025-06-03
CRITICAL
9.4
Allows arbitrary filesystem writes outside the extraction directory during extraction with filter="data". You are affected by this vulnerability if using…
CVE-2025-4435
2025-06-03
HIGH
7.5
When using a TarFile.errorlevel = 0 and extracting with a filter the documented behavior is that any filtered members would be…
CVE-2025-4330
2025-06-03
HIGH
7.5
Allows the extraction filter to be ignored, allowing symlink targets to point outside the destination directory, and the modification of…
CVE-2025-4138
2025-06-03
HIGH
7.5
Allows the extraction filter to be ignored, allowing symlink targets to point outside the destination directory, and the modification of…
CVE-2024-12718
2025-06-03
MEDIUM
5.3
Allows modifying some file metadata (e.g. last modified) with filter="data" or file permissions (chmod) with filter="tar" of files outside the extraction directory.…
CVE-2025-5340
2025-06-03
MEDIUM
6.4
The Music Player for Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘album_buy_url’ parameter in all…
CVE-2025-4671
2025-06-03
MEDIUM
6.4
The Profile Builder plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's user_meta and compare shortcodes in…
CVE-2025-4205
2025-06-03
MEDIUM
6.4
The Popup Maker plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘popupID' parameter in all versions up…
CVE-2025-5493
2025-06-03
MEDIUM
6.3
A vulnerability was found in Baison Channel Middleware Product 2.0.1 and classified as critical. Affected by this issue is some…
CVE-2025-5492
2025-06-03
MEDIUM
6.3
A vulnerability has been found in D-Link DI-500WF-WT up to 20250511 and classified as critical. Affected by this vulnerability is…
« Anterior
Página 308 de 3509
Siguiente »
Page load link
Go to Top
