Skip to content
Toggle Navigation
ISO/IEC 27001
Introducción a ISO 27001
Requisitos Normativos
ISO 27001 – GAP Analysis (Tool)
Todos el contenido
Ciberseguridad
Introducción a la ciberseguridad
Defensa de sistemas informáticos
Amenazas y tendencias
Eventos de ciberseguridad
Glosario
Todos los artículos
Vulnerabilidades CVE
Desarrollo seguro (SDLC)
Desarrollo de software seguro
Normativa y Leyes
Leyes de protección de datos
Agencias nacionales de ciberseguridad
Contacto
Vulnerabilidades CVE
Vulnerabilidades CVE
drmunozcl
2025-06-04T18:44:58-04:00
Vulnerabilidades CVE
A continuación la lista de las últimas vulnerabilidades publicadas por el instituto NIST:
Filtrar por severidad:
Todas
NONE
LOW
MEDIUM
HIGH
CRITICAL
UNKNOWN
Filtrar
CVE ID
Publicado
Severidad
CVSS
Descripción
CVE-2025-5162
2025-05-26
MEDIUM
6.3
A vulnerability, which was classified as critical, has been found in H3C SecCenter SMP-E1114P02 up to 20250513. Affected by this…
CVE-2025-5161
2025-05-26
MEDIUM
4.3
A vulnerability classified as problematic was found in H3C SecCenter SMP-E1114P02 up to 20250513. Affected by this vulnerability is the…
CVE-2025-27526
2025-05-28
MEDIUM
6.5
Deserialization of Untrusted Data vulnerability in Apache InLong. This issue affects Apache InLong: from 1.13.0 through 2.1.0. This vulnerability which…
CVE-2025-27528
2025-05-28
CRITICAL
9.1
Deserialization of Untrusted Data vulnerability in Apache InLong. This issue affects Apache InLong: from 1.13.0 through 2.1.0. This vulnerability allows…
CVE-2025-45343
2025-05-28
CRITICAL
9.8
An issue in Tenda W18E v.2.0 v.16.01.0.11 allows an attacker to execute arbitrary code via the editing functionality of the…
CVE-2023-41591
2025-05-29
CRITICAL
9.8
An issue in Open Network Foundation ONOS v2.7.0 allows attackers to create fake IP/MAC addresses and potentially execute a man-in-the-middle…
CVE-2024-53423
2025-05-29
MEDIUM
5.6
An issue in Open Network Foundation ONOS v2.7.0 allows attackers to cause a Denial of Service (DoS) via supplying crafted…
CVE-2025-44904
2025-05-30
HIGH
8.8
hdf5 v1.14.6 was discovered to contain a heap buffer overflow via the H5VM_memcpyvv function.
CVE-2025-44905
2025-05-30
HIGH
8.8
hdf5 v1.14.6 was discovered to contain a heap buffer overflow via the H5Z__filter_scaleoffset function.
CVE-2024-31585
2024-04-17
MEDIUM
5.3
FFmpeg version n5.1 to n6.1 was discovered to contain an Off-by-one Error vulnerability in libavfilter/avf_showspectrum.c. This vulnerability allows attackers to…
CVE-2025-5360
2025-05-30
HIGH
7.3
A vulnerability classified as critical was found in Campcodes Online Hospital Management System 1.0. This vulnerability affects unknown code of…
CVE-2025-5361
2025-05-30
HIGH
7.3
A vulnerability, which was classified as critical, has been found in Campcodes Online Hospital Management System 1.0. This issue affects…
CVE-2025-5362
2025-05-30
HIGH
7.3
A vulnerability, which was classified as critical, was found in Campcodes Online Hospital Management System 1.0. Affected is an unknown…
CVE-2025-5363
2025-05-30
HIGH
7.3
A vulnerability has been found in Campcodes Online Hospital Management System 1.0 and classified as critical. Affected by this vulnerability…
CVE-2025-5364
2025-05-30
HIGH
7.3
A vulnerability was found in Campcodes Online Hospital Management System 1.0 and classified as critical. Affected by this issue is…
CVE-2025-5365
2025-05-31
HIGH
7.3
A vulnerability was found in Campcodes Online Hospital Management System 1.0. It has been classified as critical. This affects an…
CVE-2025-5367
2025-05-31
HIGH
7.3
A vulnerability was found in PHPGurukul Online Shopping Portal Project 1.0. It has been declared as critical. This vulnerability affects…
CVE-2024-32228
2024-07-01
MEDIUM
6.6
FFmpeg 7.0 is vulnerable to Buffer Overflow. There is a SEGV at libavcodec/hevcdec.c:2947:22 in hevc_frame_end.
CVE-2025-5368
2025-05-31
MEDIUM
6.3
A vulnerability was found in PHPGurukul Daily Expense Tracker System 1.1. It has been rated as critical. This issue affects…
CVE-2025-5373
2025-05-31
MEDIUM
6.3
A vulnerability has been found in PHPGurukul Online Birth Certificate System 2.0 and classified as critical. This vulnerability affects unknown…
CVE-2025-5374
2025-05-31
MEDIUM
6.3
A vulnerability was found in PHPGurukul Online Birth Certificate System 2.0 and classified as critical. This issue affects some unknown…
CVE-2024-32229
2024-07-01
HIGH
8.4
FFmpeg 7.0 contains a heap-buffer-overflow at libavfilter/vf_tiltandshift.c:189:5 in copy_column.
CVE-2025-5375
2025-05-31
MEDIUM
6.3
A vulnerability was found in PHPGurukul HPGurukul Online Birth Certificate System 2.0. It has been classified as critical. Affected is…
CVE-2024-31581
2024-04-17
CRITICAL
9.8
FFmpeg version n6.1 was discovered to contain an improper validation of array index vulnerability in libavcodec/cbs_h266_syntax_template.c. This vulnerability allows attackers…
CVE-2023-43843
2024-05-28
HIGH
7.3
Incorrect access control in the account management function of web interface in Aten PE6208 2.3.228 and 2.4.232 allows remote authenticated…
CVE-2023-43842
2024-05-28
HIGH
7.3
Incorrect access control in the account management function of web interface in Aten PE6208 2.3.228 and 2.4.232 allows remote authenticated…
CVE-2024-23059
2024-01-11
CRITICAL
9.8
TOTOLINK A3300R V17.0.0cu.557_B20221024 was discovered to contain a command injection vulnerability via the username parameter in the setDdnsCfg function.
CVE-2024-22942
2024-01-11
CRITICAL
9.8
TOTOLINK A3300R V17.0.0cu.557_B20221024 was discovered to contain a command injection vulnerability via the hostName parameter in the setWanCfg function.
CVE-2024-22164
2024-01-09
MEDIUM
4.3
In Splunk Enterprise Security (ES) versions below 7.1.2, an attacker can use investigation attachments to perform a denial of service…
CVE-2024-22368
2024-01-09
MEDIUM
5.5
The Spreadsheet::ParseXLSX package before 0.28 for Perl can encounter an out-of-memory condition during parsing of a crafted XLSX document. This…
CVE-2024-21773
2024-01-11
HIGH
8.8
Multiple TP-LINK products allow a network-adjacent unauthenticated attacker with access to the product from the LAN port or Wi-Fi to…
CVE-2024-22087
2024-01-05
CRITICAL
9.8
route in main.c in Pico HTTP Server in C through f3b69a6 has an sprintf stack-based buffer overflow via a long…
CVE-2024-22049
2024-01-04
MEDIUM
5.3
httparty before 0.21.0 is vulnerable to an assumed-immutable web parameter vulnerability. A remote and unauthenticated attacker can provide a crafted…
CVE-2024-21909
2024-01-03
HIGH
7.5
PeterO.Cbor versions 4.0.0 through 4.5.0 are vulnerable to a denial of service vulnerability. An attacker may trigger the denial of…
CVE-2024-21732
2024-01-01
MEDIUM
6.1
FlyCms through abbaa5a allows XSS via the permission management feature.
CVE-2024-20805
2024-01-04
LOW
3.3
Path traversal vulnerability in ZipCompressor of MyFiles prior to SMR Jan-2024 Release 1 in Android 11 and Android 12, and…
CVE-2024-0333
2024-01-10
MEDIUM
5.3
Insufficient data validation in Extensions in Google Chrome prior to 120.0.6099.216 allowed an attacker in a privileged network position to…
CVE-2023-6830
2024-01-09
MEDIUM
6.5
The Formidable Forms plugin for WordPress is vulnerable to HTML injection in versions up to, and including, 6.7. This vulnerability…
CVE-2023-6984
2024-01-03
MEDIUM
5.3
The PowerPack Addons for Elementor (Free Widgets, Extensions and Templates) plugin for WordPress is vulnerable to Cross-Site Request Forgery in…
CVE-2023-6506
2024-01-11
MEDIUM
4.3
The WP 2FA – Two-factor authentication for WordPress plugin for WordPress is vulnerable to Insecure Direct Object Reference in all…
CVE-2023-6223
2024-01-11
MEDIUM
4.3
The LearnPress plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 4.2.5.7…
CVE-2023-6528
2024-01-08
HIGH
8.8
The Slider Revolution WordPress plugin before 6.6.19 does not prevent users with at least the Author role from unserializing arbitrary…
CVE-2023-6551
2024-01-04
MEDIUM
5.4
As a simple library, class.upload.php does not perform an in-depth check on uploaded files, allowing a stored XSS vulnerability when…
CVE-2023-6600
2024-01-03
HIGH
8.6
The OMGF | GDPR/DSGVO Compliant, Faster Google Fonts. Easy. plugin for WordPress is vulnerable to unauthorized modification of data and…
CVE-2023-6158
2024-01-10
MEDIUM
6.5
The EventON - WordPress Virtual Event Calendar Plugin plugin for WordPress is vulnerable to unauthorized modification of data and loss…
CVE-2023-6139
2024-01-08
MEDIUM
6.5
The Essential Real Estate WordPress plugin before 4.4.0 does not apply proper capability checks on its AJAX actions, which among…
CVE-2023-6042
2024-01-08
HIGH
7.5
Any unauthenticated user may send e-mail from the site with any title or content to the admin
CVE-2023-52323
2024-01-05
MEDIUM
5.9
PyCryptodome and pycryptodomex before 3.19.1 allow side-channel leakage for OAEP decryption, exploitable for a Manger attack.
CVE-2023-5877
2024-01-01
CRITICAL
9.8
The affiliate-toolkit WordPress plugin before 3.4.3 lacks authorization and authentication for requests to it's affiliate-toolkit-starter/tools/atkp_imagereceiver.php endpoint, allowing unauthenticated visitors to…
CVE-2023-52064
2024-01-10
CRITICAL
9.8
Wuzhicms v4.1.0 was discovered to contain a SQL injection vulnerability via the $keywords parameter at /core/admin/copyfrom.php.
« Anterior
Página 316 de 3511
Siguiente »
Page load link
Go to Top
