Skip to content
Toggle Navigation
ISO/IEC 27001
Introducción a ISO 27001
Requisitos Normativos
ISO 27001 – GAP Analysis (Tool)
Concientización
Todos el contenido
Ciberseguridad
Introducción a la ciberseguridad
Defensa de sistemas informáticos
Amenazas y tendencias
Eventos de ciberseguridad
Glosario
Todos los artículos
Vulnerabilidades CVE
Desarrollo seguro (SDLC)
Desarrollo de software seguro
Normativa y Leyes
Leyes de protección de datos
Agencias nacionales de ciberseguridad
Contacto
Vulnerabilidades CVE
Vulnerabilidades CVE
drmunozcl
2025-06-04T18:44:58-04:00
Vulnerabilidades CVE
A continuación la lista de las últimas vulnerabilidades publicadas por el instituto NIST:
Filtrar por severidad:
Todas
NONE
LOW
MEDIUM
HIGH
CRITICAL
UNKNOWN
Filtrar
CVE ID
Publicado
Severidad
CVSS
Descripción
CVE-2025-48871
2025-05-30
N/A
0.0
Rejected reason: ** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2024-47056. Reason: This candidate is a duplicate of…
CVE-2025-48870
2025-05-30
N/A
0.0
Rejected reason: ** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2024-47057. Reason: This candidate is a duplicate of…
CVE-2024-22643
2024-01-30
MEDIUM
6.5
A Cross-Site Request Forgery (CSRF) vulnerability in SEO Panel version 4.10.0 allows remote attackers to perform unauthorized user password resets.
CVE-2023-28484
2023-04-24
MEDIUM
6.5
In libxml2 before 2.10.4, parsing of certain invalid XSD schemas can lead to a NULL pointer dereference and subsequently a…
CVE-2022-43680
2022-10-24
HIGH
7.5
In libexpat through 2.4.9, there is a use-after free caused by overeager destruction of a shared DTD in XML_ExternalEntityParserCreate in…
CVE-2022-40674
2022-09-14
HIGH
8.1
libexpat before 2.4.9 has a use-after-free in the doContent function in xmlparse.c.
CVE-2022-37434
2022-08-05
CRITICAL
9.8
zlib through 1.2.12 has a heap-based buffer over-read or buffer overflow in inflate in inflate.c via a large gzip header…
CVE-2022-26764
2022-05-26
MEDIUM
4.7
A memory corruption issue was addressed with improved validation. This issue is fixed in watchOS 8.6, tvOS 15.5, macOS Monterey…
CVE-2022-26763
2022-05-26
HIGH
7.8
An out-of-bounds access issue was addressed with improved bounds checking. This issue is fixed in tvOS 15.5, iOS 15.5 and…
CVE-2022-26761
2022-05-26
HIGH
7.8
A memory corruption issue was addressed with improved memory handling. This issue is fixed in Security Update 2022-004 Catalina, macOS…
CVE-2022-25313
2022-02-18
MEDIUM
6.5
In Expat (aka libexpat) before 2.4.5, an attacker can trigger stack exhaustion in build_model via a large nesting depth in…
CVE-2020-12762
2020-05-09
HIGH
7.8
json-c through 0.14 has an integer overflow and out-of-bounds write via a large JSON file, as demonstrated by printbuf_memappend.
CVE-2024-21309
2024-01-09
HIGH
7.8
Windows Kernel-Mode Driver Elevation of Privilege Vulnerability
CVE-2024-39479
2024-07-05
HIGH
7.8
In the Linux kernel, the following vulnerability has been resolved: drm/i915/hwmon: Get rid of devm When both hwmon and hwmon…
CVE-2024-39291
2024-06-24
HIGH
7.8
In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: Fix buffer size in gfx_v9_4_3_init_ cp_compute_microcode() and rlc_microcode() The…
CVE-2024-39277
2024-06-21
HIGH
7.8
In the Linux kernel, the following vulnerability has been resolved: dma-mapping: benchmark: handle NUMA_NO_NODE correctly cpumask_of_node() can be called for…
CVE-2024-38667
2024-06-24
HIGH
7.8
In the Linux kernel, the following vulnerability has been resolved: riscv: prevent pt_regs corruption for secondary idle threads Top of…
CVE-2024-38664
2024-06-24
HIGH
7.8
In the Linux kernel, the following vulnerability has been resolved: drm: zynqmp_dpsub: Always register bridge We must always register the…
CVE-2024-22569
2024-01-31
MEDIUM
5.4
Stored Cross-Site Scripting (XSS) vulnerability in POSCMS v4.6.2, allows attackers to execute arbitrary code via a crafted payload to /index.php?c=install&m=index&step=2&is_install_db=0.
CVE-2024-24332
2024-01-30
CRITICAL
9.8
TOTOLINK A3300R V17.0.0cu.557_B20221024 was discovered to contain a command injection vulnerability via the url parameter in the setUrlFilterRules function.
CVE-2022-26770
2022-05-26
HIGH
7.8
An out-of-bounds read issue was addressed with improved input validation. This issue is fixed in Security Update 2022-004 Catalina, macOS…
CVE-2022-26769
2022-05-26
HIGH
7.8
A memory corruption issue was addressed with improved input validation. This issue is fixed in Security Update 2022-004 Catalina, macOS…
CVE-2022-26768
2022-05-26
HIGH
7.8
A memory corruption issue was addressed with improved state management. This issue is fixed in macOS Monterey 12.4, watchOS 8.6,…
CVE-2022-26767
2022-05-26
MEDIUM
5.5
The issue was addressed with additional permissions checks. This issue is fixed in macOS Monterey 12.4, macOS Big Sur 11.6.6.…
CVE-2022-26766
2022-05-26
MEDIUM
5.5
A certificate parsing issue was addressed with improved checks. This issue is fixed in tvOS 15.5, iOS 15.5 and iPadOS…
CVE-2022-26765
2022-05-26
MEDIUM
4.7
A race condition was addressed with improved state handling. This issue is fixed in watchOS 8.6, tvOS 15.5, macOS Monterey…
CVE-2021-38604
2021-08-12
HIGH
7.5
In librt in the GNU C Library (aka glibc) through 2.34, sysdeps/unix/sysv/linux/mq_notify.c mishandles certain NOTIFY_REMOVED data, leading to a NULL…
CVE-2022-40482
2023-04-25
MEDIUM
5.3
The authentication method in Laravel 8.x through 9.x before 9.32.0 was discovered to be vulnerable to user enumeration via timeless…
CVE-2025-5025
2025-05-28
MEDIUM
4.8
libcurl supports *pinning* of the server certificate public key for HTTPS transfers. Due to an omission, this check is not…
CVE-2025-47748
2025-05-28
MEDIUM
5.3
Netwrix Directory Manager v.11.0.0.0 and before & after v.11.1.25134.03 contains a hardcoded password.
CVE-2025-48746
2025-05-28
MEDIUM
6.5
Netwrix Directory Manager (formerly Imanami GroupID) v.11.0.0.0 and before, as well as after v.11.1.25134.03 lacks Authentication for a Critical Function.
CVE-2025-48416
2025-05-21
HIGH
8.1
An OpenSSH daemon listens on TCP port 22. There is a hard-coded entry in the "/etc/shadow" file in the firmware…
CVE-2024-7097
2025-05-30
MEDIUM
4.3
An incorrect authorization vulnerability exists in multiple WSO2 products due to a flaw in the SOAP admin service, which allows…
CVE-2024-57336
2025-05-28
MEDIUM
6.5
Incorrect access control in M2Soft CROWNIX Report & ERS affected v7.x to v7.4.3.599 and v8.x to v8.0.3.79 allows unauthorized attackers…
CVE-2024-27199
2024-03-04
HIGH
7.3
In JetBrains TeamCity before 2023.11.4 path traversal allowing to perform limited admin actions was possible
CVE-2022-32810
2022-08-24
HIGH
7.8
The issue was addressed with improved memory handling. This issue is fixed in macOS Monterey 12.5, watchOS 8.7, iOS 15.6…
CVE-2022-32793
2022-08-24
HIGH
7.5
Multiple out-of-bounds write issues were addressed with improved bounds checking. This issue is fixed in macOS Monterey 12.5, watchOS 8.7,…
CVE-2022-26776
2022-05-26
CRITICAL
9.8
This issue was addressed with improved checks. This issue is fixed in macOS Monterey 12.4, macOS Big Sur 11.6.6. An…
CVE-2022-26775
2022-05-26
CRITICAL
9.8
An integer overflow was addressed with improved input validation. This issue is fixed in Security Update 2022-004 Catalina, macOS Monterey…
CVE-2022-26774
2022-05-26
HIGH
7.8
A logic issue was addressed with improved state management. This issue is fixed in iTunes 12.12.4 for Windows. A local…
CVE-2022-26773
2022-05-26
HIGH
7.1
A logic issue was addressed with improved state management. This issue is fixed in iTunes 12.12.4 for Windows. An application…
CVE-2022-26772
2022-05-26
HIGH
7.8
A memory corruption issue was addressed with improved state management. This issue is fixed in macOS Monterey 12.4. An application…
CVE-2022-26771
2022-05-26
HIGH
7.8
A memory corruption issue was addressed with improved state management. This issue is fixed in watchOS 8.6, tvOS 15.5, iOS…
CVE-2024-20082
2024-08-14
CRITICAL
9.8
In Modem, there is a possible memory corruption due to a missing bounds check. This could lead to remote code…
CVE-2024-20083
2024-08-14
CRITICAL
9.8
In venc, there is a possible out of bounds write due to a missing bounds check. This could lead to…
CVE-2025-40573
2025-05-13
MEDIUM
4.4
A vulnerability has been identified in SCALANCE LPE9403 (6GK5998-3GS00-2AC2) (All versions). Affected devices are vulnerable to path traversal attacks. This…
CVE-2025-40575
2025-05-13
MEDIUM
4.3
A vulnerability has been identified in SCALANCE LPE9403 (6GK5998-3GS00-2AC2) (All versions). Affected devices do not properly validate incoming Profinet packets.…
CVE-2025-40582
2025-05-13
HIGH
7.8
A vulnerability has been identified in SCALANCE LPE9403 (6GK5998-3GS00-2AC2) (All versions with SINEMA Remote Connect Edge Client installed). Affected devices…
CVE-2025-40583
2025-05-13
MEDIUM
4.4
A vulnerability has been identified in SCALANCE LPE9403 (6GK5998-3GS00-2AC2) (All versions with SINEMA Remote Connect Edge Client installed). Affected devices…
CVE-2023-40490
2024-05-07
HIGH
7.8
Maxon Cinema 4D SKP File Parsing Use-After-Free Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code…
« Anterior
Página 331 de 3514
Siguiente »
Page load link
Go to Top
