Skip to content
Toggle Navigation
Kit ISO 27001
Ingeniería y Consultoría
Recursos
ISO 27001
ISO 27001 – GAP Analysis Tool
Ciberseguridad
Vulnerabilidades CVE
Blog
Contacto
Obtener el Toolkit
Toggle Navigation
Kit ISO 27001
Ingeniería y Consultoría
Recursos
ISO 27001
ISO 27001 – GAP Analysis Tool
Ciberseguridad
Vulnerabilidades CVE
Blog
Contacto
Obtener el Toolkit
Vulnerabilidades CVE
Vulnerabilidades CVE
drmunozcl
2025-06-04T18:44:58-04:00
Vulnerabilidades CVE
A continuación la lista de las últimas vulnerabilidades publicadas por el instituto NIST:
Severidad:
Todas
NONE
LOW
MEDIUM
HIGH
CRITICAL
UNKNOWN
CVE:
Aplicar
Borrar filtros
CVE ID
Publicado
Severidad
CVSS
Descripción
CVE-2025-15566
2026-02-06
HIGH
8.8
A security issue was discovered in ingress-nginx where the `nginx.ingress.kubernetes.io/auth-proxy-set-headers` Ingress annotation can be used to inject configuration into nginx. This can lead to arbitrary code execution in the…
CVE-2026-1976
2026-02-06
MEDIUM
5.3
A weakness has been identified in Free5GC up to 4.1.0. Affected is the function SessionDeletionResponse of the component SMF. This manipulation causes null pointer dereference. The attack is…
CVE-2026-1975
2026-02-06
MEDIUM
5.3
A security flaw has been discovered in Free5GC up to 4.1.0. This impacts the function identityTriggerType of the file pfcp_reports.go. The manipulation results in null pointer dereference. The…
CVE-2026-1228
2026-02-06
MEDIUM
4.3
The Timeline Block – Beautiful Timeline Builder for WordPress (Vertical & Horizontal Timelines) plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to,…
CVE-2026-1974
2026-02-06
MEDIUM
5.3
A vulnerability was identified in Free5GC up to 4.1.0. This affects the function ResolveNodeIdToIp of the file internal/sbi/processor/datapath.go of the component SMF. The manipulation leads to denial of…
CVE-2026-1973
2026-02-06
MEDIUM
5.3
A vulnerability was determined in Free5GC up to 4.1.0. The impacted element is the function establishPfcpSession of the component SMF. Executing a manipulation can lead to null pointer…
CVE-2026-1972
2026-02-06
MEDIUM
5.3
A vulnerability was found in Edimax BR-6208AC 2_1.02. The affected element is the function auth_check_userpass2. Performing a manipulation of the argument Username/Password results in use of default credentials.…
CVE-2026-1971
2026-02-06
LOW
2.4
A vulnerability has been found in Edimax BR-6288ACL up to 1.12. Impacted is the function wiz_WISP24gmanual of the file wiz_WISP24gmanual.asp. Such manipulation of the argument manualssid leads to…
CVE-2026-23623
2026-02-06
MEDIUM
5.3
Collabora Online is a collaborative online office suite based on LibreOffice technology. Prior to Collabora Online Development Edition version 25.04.08.2 and prior to Collabora Online versions 23.05.20.1, 24.04.17.3,…
CVE-2026-24302
2026-02-05
HIGH
8.6
Azure Arc Elevation of Privilege Vulnerability
CVE-2026-24300
2026-02-05
CRITICAL
9.8
Azure Front Door Elevation of Privilege Vulnerability
CVE-2026-21532
2026-02-05
HIGH
8.2
Azure Function Information Disclosure Vulnerability
CVE-2026-0391
2026-02-05
MEDIUM
6.5
User interface (ui) misrepresentation of critical information in Microsoft Edge for Android allows an unauthorized attacker to perform spoofing over a network.
CVE-2025-68458
2026-02-05
LOW
3.7
Webpack is a module bundler. From version 5.49.0 to before 5.104.1, when experiments.buildHttp is enabled, webpack’s HTTP(S) resolver (HttpUriPlugin) can be bypassed to fetch resources from hosts outside…
CVE-2025-68157
2026-02-05
LOW
3.7
Webpack is a module bundler. From version 5.49.0 to before 5.104.0, when experiments.buildHttp is enabled, webpack’s HTTP(S) resolver (HttpUriPlugin) enforces allowedUris only for the initial URL, but does…
CVE-2025-32393
2026-02-05
N/A
0.0
AutoGPT is a platform that allows users to create, deploy, and manage continuous artificial intelligence agents that automate complex workflows. Prior to autogpt-platform-beta-v0.6.32, there is a DoS vulnerability…
CVE-2026-25815
2026-02-05
LOW
3.2
Fortinet FortiOS through 7.6.6 allows attackers to decrypt LDAP credentials stored in device configuration files, as exploited in the wild from 2025-12-16 through 2026 (by default, the encryption…
CVE-2026-1970
2026-02-05
LOW
3.5
A flaw has been found in Edimax BR-6258n up to 1.18. This issue affects the function formStaDrvSetup of the file /goform/formStaDrvSetup. This manipulation of the argument submit-url causes…
CVE-2026-1964
2026-02-05
MEDIUM
4.3
A vulnerability was determined in WeKan up to 8.20. This impacts an unknown function of the file models/boards.js of the component REST Endpoint. This manipulation causes improper access…
CVE-2026-1963
2026-02-05
MEDIUM
6.3
A vulnerability was found in WeKan up to 8.20. This affects an unknown function of the file models/attachments.js of the component Attachment Storage. The manipulation results in improper…
CVE-2026-1962
2026-02-05
MEDIUM
6.3
A vulnerability has been found in WeKan up to 8.20. The impacted element is an unknown function of the file server/attachmentMigration.js of the component Attachment Migration. The manipulation…
CVE-2026-0106
2026-02-05
CRITICAL
9.3
In vpu_mmap of vpu_ioctl, there is a possible arbitrary address mmap due to a missing bounds check. This could lead to local escalation of privilege with no additional…
CVE-2026-25698
2026-02-06
N/A
0.0
Rejected reason: Not used
CVE-2026-25697
2026-02-06
N/A
0.0
Rejected reason: Not used
CVE-2026-25696
2026-02-06
N/A
0.0
Rejected reason: Not used
CVE-2026-25695
2026-02-06
N/A
0.0
Rejected reason: Not used
CVE-2026-25694
2026-02-06
N/A
0.0
Rejected reason: Not used
CVE-2026-25693
2026-02-06
N/A
0.0
Rejected reason: Not used
CVE-2026-25692
2026-02-06
N/A
0.0
Rejected reason: Not used
CVE-2020-37121
2026-02-05
MEDIUM
5.5
CODE::BLOCKS 16.01 contains a buffer overflow vulnerability that allows attackers to execute arbitrary code by overwriting Structured Exception Handler with crafted Unicode characters. Attackers can create a malicious…
CVE-2025-70792
2026-02-05
MEDIUM
6.1
Cross Site Scripting vulnerability in the "/admin/category/create" endpoint of Microweber 2.0.19. An attacker can manipulate the "rel_id" parameter in a crafted URL and lure a user with admin…
CVE-2025-70791
2026-02-05
MEDIUM
6.1
Cross Site Scripting vulnerability in the "/admin/order/abandoned" endpoint of Microweber 2.0.19. An attacker can manipulate the "orderDirection" parameter in a crafted URL and lure a user with admin…
CVE-2025-68722
2026-02-05
HIGH
8.8
Axigen Mail Server before 10.5.57 and 10.6.x before 10.6.26 contains a Cross-Site Request Forgery (CSRF) vulnerability in the WebAdmin interface through improper handling of the _s (breadcrumb) parameter.…
CVE-2025-68721
2026-02-05
CRITICAL
9.1
Axigen Mail Server before 10.5.57 contains an improper access control vulnerability in the WebAdmin interface. A delegated admin account with zero permissions can bypass access control checks and…
CVE-2025-12131
2026-02-05
N/A
0.0
A truncated 802.15.4 packet can lead to an assert, resulting in a denial of service.
CVE-2026-1301
2026-02-05
N/A
0.0
In builds with PubSub and JSON enabled, a crafted JSON message can cause the decoder to write beyond a heap-allocated array before authentication, reliably crashing the process and…
CVE-2025-15343
2026-02-05
MEDIUM
6.5
Tanium addressed an incorrect default permissions vulnerability in Enforce.
CVE-2025-15342
2026-02-05
MEDIUM
4.3
Tanium addressed an improper access controls vulnerability in Reputation.
CVE-2025-15341
2026-02-05
MEDIUM
6.5
Tanium addressed an incorrect default permissions vulnerability in Benchmark.
CVE-2025-15340
2026-02-05
MEDIUM
6.5
Tanium addressed an incorrect default permissions vulnerability in Comply.
CVE-2025-15339
2026-02-05
MEDIUM
6.5
Tanium addressed an incorrect default permissions vulnerability in Discover.
CVE-2025-15338
2026-02-05
MEDIUM
6.5
Tanium addressed an incorrect default permissions vulnerability in Partner Integration.
CVE-2025-15337
2026-02-05
MEDIUM
6.5
Tanium addressed an incorrect default permissions vulnerability in Patch.
CVE-2025-15336
2026-02-05
MEDIUM
6.5
Tanium addressed an incorrect default permissions vulnerability in Performance.
CVE-2025-15335
2026-02-05
MEDIUM
4.3
Tanium addressed an information disclosure vulnerability in Threat Response.
CVE-2025-15334
2026-02-05
MEDIUM
4.3
Tanium addressed an information disclosure vulnerability in Threat Response.
CVE-2025-15333
2026-02-05
MEDIUM
4.3
Tanium addressed an information disclosure vulnerability in Threat Response.
CVE-2025-15332
2026-02-05
MEDIUM
4.9
Tanium addressed an information disclosure vulnerability in Threat Response.
CVE-2025-15331
2026-02-05
MEDIUM
4.3
Tanium addressed an uncontrolled resource consumption vulnerability in Connect.
CVE-2025-15330
2026-02-05
HIGH
8.8
Tanium addressed an improper input validation vulnerability in Deploy.
« Anterior
Página 334 de 4238
Siguiente »
Page load link
Go to Top
