Skip to content
Toggle Navigation
ISO/IEC 27001
Introducción a ISO 27001
Requisitos Normativos
ISO 27001 – GAP Analysis (Tool)
Todos el contenido
Ciberseguridad
Introducción a la ciberseguridad
Defensa de sistemas informáticos
Amenazas y tendencias
Eventos de ciberseguridad
Glosario
Todos los artículos
Vulnerabilidades CVE
Desarrollo seguro (SDLC)
Desarrollo de software seguro
Normativa y Leyes
Leyes de protección de datos
Agencias nacionales de ciberseguridad
Contacto
Vulnerabilidades CVE
Vulnerabilidades CVE
drmunozcl
2025-06-04T18:44:58-04:00
Vulnerabilidades CVE
A continuación la lista de las últimas vulnerabilidades publicadas por el instituto NIST:
Filtrar por severidad:
Todas
NONE
LOW
MEDIUM
HIGH
CRITICAL
UNKNOWN
Filtrar
CVE ID
Publicado
Severidad
CVSS
Descripción
CVE-2021-47037
2024-02-28
MEDIUM
5.5
In the Linux kernel, the following vulnerability has been resolved: ASoC: q6afe-clocks: fix reprobing of the driver Q6afe-clocks driver can…
CVE-2025-37782
2025-05-01
N/A
0.0
Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.
CVE-2024-6538
2024-11-25
MEDIUM
5.3
A flaw was found in OpenShift Console. A Server Side Request Forgery (SSRF) attack can happen if an attacker supplies…
CVE-2025-37832
2025-05-08
N/A
0.0
Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.
CVE-2025-4948
2025-05-19
HIGH
7.5
A flaw was found in the soup_multipart_new_from_message() function of the libsoup HTTP library, which is commonly used by GNOME and…
CVE-2025-32914
2025-04-14
HIGH
7.4
A flaw was found in libsoup, where the soup_multipart_new_from_message() function is vulnerable to an out-of-bounds read. This flaw allows a…
CVE-2025-32049
2025-04-03
HIGH
7.5
A flaw was found in libsoup. The SoupWebsocketConnection may accept a large WebSocket message, which may cause libsoup to allocate…
CVE-2025-2784
2025-04-03
HIGH
7.0
A flaw was found in libsoup. The package is vulnerable to a heap buffer over-read when sniffing content via the…
CVE-2025-49210
2025-06-04
N/A
0.0
Rejected reason: Not used
CVE-2025-49209
2025-06-04
N/A
0.0
Rejected reason: Not used
CVE-2025-49208
2025-06-04
N/A
0.0
Rejected reason: Not used
CVE-2025-49207
2025-06-04
N/A
0.0
Rejected reason: Not used
CVE-2025-49206
2025-06-04
N/A
0.0
Rejected reason: Not used
CVE-2025-49205
2025-06-04
N/A
0.0
Rejected reason: Not used
CVE-2025-49204
2025-06-04
N/A
0.0
Rejected reason: Not used
CVE-2025-49203
2025-06-04
N/A
0.0
Rejected reason: Not used
CVE-2025-49202
2025-06-04
N/A
0.0
Rejected reason: Not used
CVE-2025-24859
2025-04-14
HIGH
8.8
A session management vulnerability exists in Apache Roller before version 6.1.5 where active user sessions are not properly invalidated after…
CVE-2024-34750
2024-07-03
HIGH
7.5
Improper Handling of Exceptional Conditions, Uncontrolled Resource Consumption vulnerability in Apache Tomcat. When processing an HTTP/2 stream, Tomcat did not…
CVE-2024-27181
2024-08-02
HIGH
8.8
In Apache Linkis
CVE-2024-38479
2024-11-14
HIGH
7.5
Improper Input Validation vulnerability in Apache Traffic Server. This issue affects Apache Traffic Server: from 8.0.0 through 8.1.11, from 9.0.0…
CVE-2024-45034
2024-09-07
HIGH
8.8
Apache Airflow versions before 2.10.1 have a vulnerability that allows DAG authors to add local settings to the DAG folder and…
CVE-2024-45498
2024-09-07
HIGH
8.8
Example DAG: example_inlet_event_extra.py shipped with Apache Airflow version 2.10.0 has a vulnerability that allows an authenticated attacker with only DAG…
CVE-2024-45784
2024-11-15
HIGH
7.5
Apache Airflow versions before 2.10.3 contain a vulnerability that could expose sensitive configuration variables in task logs. This vulnerability allows…
CVE-2024-45033
2025-01-08
HIGH
8.1
Insufficient Session Expiration vulnerability in Apache Airflow Fab Provider. This issue affects Apache Airflow Fab Provider: before 1.5.2. When user…
CVE-2025-27018
2025-03-19
MEDIUM
6.3
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Apache Airflow MySQL Provider. When user…
CVE-2024-31309
2024-04-10
HIGH
7.5
HTTP/2 CONTINUATION DoS attack can cause Apache Traffic Server to consume more resources on the server. Version from 8.0.0 through 8.1.9,…
CVE-2021-32030
2021-05-06
CRITICAL
9.8
The administrator application on ASUS GT-AC2900 devices before 3.0.0.4.386.42643 and Lyra Mini before 3.0.0.4_384_46630 allows authentication bypass when processing remote…
CVE-2024-23222
2024-01-23
HIGH
8.8
A type confusion issue was addressed with improved checks. This issue is fixed in iOS 17.3 and iPadOS 17.3, macOS…
CVE-2025-35939
2025-05-07
MEDIUM
5.3
Craft CMS stores arbitrary content provided by unauthenticated users in session files. This content could be accessed and executed, possibly…
CVE-2023-39780
2023-09-11
HIGH
8.8
On ASUS RT-AX55 3.0.0.4.386.51598 devices, authenticated attackers can perform OS command injection via the /start_apply.htm qos_bw_rulelist parameter. NOTE: for the…
CVE-2025-31200
2025-04-16
HIGH
7.5
A memory corruption issue was addressed with improved bounds checking. This issue is fixed in tvOS 18.4.1, visionOS 2.4.1, iOS…
CVE-2024-56145
2024-12-18
CRITICAL
9.8
Craft is a flexible, user-friendly CMS for creating custom digital experiences on the web and beyond. Users of affected versions…
CVE-2025-3935
2025-04-25
HIGH
8.1
ScreenConnect versions 25.2.3 and earlier versions may be susceptible to a ViewState code injection attack. ASP.NET Web Forms use ViewState…
CVE-2024-23550
2024-02-03
MEDIUM
6.2
HCL DevOps Deploy / HCL Launch (UCD) could disclose sensitive user information when installing the Windows agent.
CVE-2024-23553
2024-02-02
LOW
3.0
A cross-site scripting (XSS) vulnerability in the Web Reports component of HCL BigFix Platform exists due to missing a specific…
CVE-2024-23741
2024-01-28
CRITICAL
9.8
An issue in Hyper on macOS version 3.4.1 and before, allows remote attackers to execute arbitrary code via the RunAsNode…
CVE-2024-22022
2024-02-07
HIGH
8.8
Vulnerability CVE-2024-22022 allows a Veeam Recovery Orchestrator user that has been assigned a low-privileged role to access the NTLM hash…
CVE-2024-22241
2024-02-06
MEDIUM
4.3
Aria Operations for Networks contains a cross site scripting vulnerability. A malicious actor with admin privileges can inject a malicious payload…
CVE-2024-22238
2024-02-06
MEDIUM
6.4
Aria Operations for Networks contains a cross site scripting vulnerability. A malicious actor with admin privileges may be able to inject…
CVE-2024-21888
2024-01-31
HIGH
8.8
A privilege escalation vulnerability in web component of Ivanti Connect Secure (9.x, 22.x) and Ivanti Policy Secure (9.x, 22.x) allows…
CVE-2024-22236
2024-01-31
LOW
3.3
In Spring Cloud Contract, versions 4.1.x prior to 4.1.1, versions 4.0.x prior to 4.0.5, and versions 3.1.x prior to 3.1.10,…
CVE-2024-20979
2024-01-16
MEDIUM
5.4
Vulnerability in the Oracle BI Publisher product of Oracle Analytics (component: Web Server). Supported versions that are affected are 6.4.0.0.0,…
CVE-2024-20971
2024-01-16
MEDIUM
4.9
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.35 and…
CVE-2024-20969
2024-01-16
MEDIUM
5.5
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: DDL). Supported versions that are affected are 8.0.35 and…
CVE-2024-20959
2024-01-16
MEDIUM
4.4
Vulnerability in the Oracle ZFS Storage Appliance Kit product of Oracle Systems (component: Core). The supported version that is affected…
CVE-2024-20955
2024-01-16
LOW
3.7
Vulnerability in the Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Compiler). Supported versions…
CVE-2024-21673
2024-01-16
HIGH
8.8
This High severity Remote Code Execution (RCE) vulnerability was introduced in versions 7.13.0 of Confluence Data Center and Server. Remote…
CVE-2024-1143
2024-02-02
CRITICAL
9.3
Central Dogma versions prior to 0.64.1 is vulnerable to Cross-Site Scripting (XSS), which could allow for the leakage of user…
CVE-2024-20938
2024-01-16
MEDIUM
6.1
Vulnerability in the Oracle iStore product of Oracle E-Business Suite (component: ECC). Supported versions that are affected are 12.2.3-12.2.13. Easily…
« Anterior
Página 311 de 3509
Siguiente »
Page load link
Go to Top
