Skip to content
Toggle Navigation
ISO/IEC 27001
Introducción a ISO 27001
Requisitos Normativos
ISO 27001 – GAP Analysis (Tool)
Concientización
Todos el contenido
Ciberseguridad
Introducción a la ciberseguridad
Defensa de sistemas informáticos
Amenazas y tendencias
Eventos de ciberseguridad
Glosario
Todos los artículos
Vulnerabilidades CVE
Desarrollo seguro (SDLC)
Desarrollo de software seguro
Normativa y Leyes
Leyes de protección de datos
Agencias nacionales de ciberseguridad
Contacto
Vulnerabilidades CVE
Vulnerabilidades CVE
drmunozcl
2025-06-04T18:44:58-04:00
Vulnerabilidades CVE
A continuación la lista de las últimas vulnerabilidades publicadas por el instituto NIST:
Filtrar por severidad:
Todas
NONE
LOW
MEDIUM
HIGH
CRITICAL
UNKNOWN
Filtrar
CVE ID
Publicado
Severidad
CVSS
Descripción
CVE-2024-1348
2024-05-02
MEDIUM
6.4
The Shortcodes and extra features for Phlox theme plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the custom…
CVE-2025-2545
2025-05-05
N/A
0.0
Vulnerability in Best Practical Solutions, LLC's Request Tracker prior to v5.0.8, where the Triple DES (3DES) cryptographic algorithm is used…
CVE-2025-47905
2025-05-13
MEDIUM
5.4
Varnish Cache before 7.6.3 and 7.7 before 7.7.1, and Varnish Enterprise before 6.0.13r14, allow client-side desync via HTTP/1 requests, because…
CVE-2024-51754
2024-11-06
LOW
2.2
Twig is a template language for PHP. In a sandbox, an attacker can call `__toString()` on an object even if…
CVE-2025-5147
2025-05-25
MEDIUM
6.3
A vulnerability was found in Netcore NBR1005GPEV2, NBR200V2 and B6V2 up to 20250508 and classified as critical. This issue affects…
CVE-2025-5146
2025-05-25
MEDIUM
6.3
A vulnerability has been found in Netcore NBR1005GPEV2, B6V2, COVER5, NAP830, NAP930, NBR100V2 and NBR200V2 up to 20250508 and classified…
CVE-2025-32911
2025-04-15
CRITICAL
9.0
A use-after-free type vulnerability was found in libsoup, in the soup_message_headers_get_content_disposition() function. This flaw allows a malicious HTTP client to…
CVE-2025-32910
2025-04-14
MEDIUM
6.5
A flaw was found in libsoup, where soup_auth_digest_authenticate() is vulnerable to a NULL pointer dereference. This issue may cause the…
CVE-2025-32909
2025-04-14
MEDIUM
5.3
A flaw was found in libsoup. SoupContentSniffer may be vulnerable to a NULL pointer dereference in the sniff_mp4 function. The…
CVE-2025-32913
2025-04-14
HIGH
7.5
A flaw was found in libsoup, where the soup_message_headers_get_content_disposition() function is vulnerable to a NULL pointer dereference. This flaw allows…
CVE-2025-32907
2025-04-14
MEDIUM
5.3
A flaw was found in libsoup. The implementation of HTTP range requests is vulnerable to a resource consumption attack. This…
CVE-2025-32906
2025-04-14
HIGH
7.5
A flaw was found in libsoup, where the soup_headers_parse_request() function may be vulnerable to an out-of-bound read. This flaw allows…
CVE-2025-32053
2025-04-03
MEDIUM
6.5
A flaw was found in libsoup. A vulnerability in sniff_feed_or_html() and skip_insignificant_space() functions may lead to a heap buffer over-read.
CVE-2025-32052
2025-04-03
MEDIUM
6.5
A flaw was found in libsoup. A vulnerability in the sniff_unknown() function may lead to heap buffer over-read.
CVE-2025-32050
2025-04-03
MEDIUM
5.9
A flaw was found in libsoup. The libsoup append_param_quoted() function may contain an overflow bug resulting in a buffer under-read.
CVE-2025-47287
2025-05-15
HIGH
7.5
Tornado is a Python web framework and asynchronous networking library. When Tornado's ``multipart/form-data`` parser encounters certain errors, it logs a…
CVE-2025-0921
2025-05-15
MEDIUM
6.5
Execution with Unnecessary Privileges vulnerability in the Pager agent of multi-agent notification feature in Mitsubishi Electric Iconics Digital Solutions GENESIS64…
CVE-2021-28423
2021-07-01
HIGH
8.8
Multiple SQL Injection vulnerabilities in Teachers Record Management System 1.0 thru 2.1 allow remote authenticated users to execute arbitrary SQL…
CVE-2023-51756
2025-05-28
N/A
0.0
Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority because it is Unused
CVE-2023-51753
2025-05-28
N/A
0.0
Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority because it is Unused
CVE-2023-50338
2025-05-28
N/A
0.0
Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority because it is Unused
CVE-2023-49904
2025-05-28
N/A
0.0
Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority because it is Unused
CVE-2023-49604
2025-05-28
N/A
0.0
Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority because it is Unused
CVE-2023-49139
2025-05-28
N/A
0.0
Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority because it is Unused
CVE-2023-49137
2025-05-28
N/A
0.0
Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority because it is Unused
CVE-2023-48726
2025-05-28
N/A
0.0
Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority because it is Unused
CVE-2023-29857
2023-05-18
MEDIUM
5.3
An issue in Teslamate v1.27.1 allows attackers to obtain sensitive information via directly accessing the teslamate link.
CVE-2022-23126
2022-01-24
CRITICAL
9.8
TeslaMate before 1.25.1 (when using the default Docker configuration) allows attackers to open doors of Tesla vehicles, start Keyless Driving,…
CVE-2022-44581
2024-05-17
MEDIUM
5.0
Insecure Storage of Sensitive Information vulnerability in WPMU DEV Defender Security allows : Screen Temporary Files for Sensitive Information.This issue…
CVE-2024-37444
2024-11-01
MEDIUM
5.3
Missing Authorization vulnerability in WPMU DEV Defender Security allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Defender Security:…
CVE-2024-25595
2024-05-17
MEDIUM
5.3
Authentication Bypass by Spoofing vulnerability in WPMU DEV Defender Security allows Functionality Bypass.This issue affects Defender Security: from n/a through…
CVE-2024-13484
2025-01-28
HIGH
8.2
A flaw was found in openshift-gitops-operator-container. The openshift.io/cluster-monitoring label is applied to all namespaces that deploy an ArgoCD CR instance,…
CVE-2025-47851
2025-05-20
MEDIUM
4.8
In JetBrains TeamCity before 2025.03.2 stored XSS via GitHub Checks Webhook was possible
CVE-2025-47852
2025-05-20
MEDIUM
4.8
In JetBrains TeamCity before 2025.03.2 stored XSS via YouTrack integration was possible
CVE-2025-47853
2025-05-20
MEDIUM
4.8
In JetBrains TeamCity before 2025.03.2 stored XSS via Jira integration was possible
CVE-2025-47854
2025-05-20
MEDIUM
4.3
In JetBrains TeamCity before 2025.03.2 open redirect was possible on editing VCS Root page
CVE-2025-3243
2025-04-04
MEDIUM
6.3
A vulnerability was found in code-projects Patient Record Management System 1.0 and classified as critical. This issue affects some unknown…
CVE-2025-3304
2025-04-05
MEDIUM
6.3
A vulnerability, which was classified as critical, was found in code-projects Patient Record Management System 1.0. This affects an unknown…
CVE-2025-3347
2025-04-07
MEDIUM
6.3
A vulnerability classified as critical has been found in code-projects Patient Record Management System 1.0. This affects an unknown part…
CVE-2025-3348
2025-04-07
MEDIUM
6.3
A vulnerability classified as critical was found in code-projects Patient Record Management System 1.0. This vulnerability affects unknown code of…
CVE-2025-3685
2025-04-16
MEDIUM
6.3
A vulnerability classified as critical has been found in code-projects Patient Record Management System 1.0. Affected is an unknown function…
CVE-2025-4214
2025-05-02
HIGH
7.3
A vulnerability was found in PHPGuruku Online DJ Booking Management System 1.0 and classified as critical. This issue affects some…
CVE-2025-3258
2025-04-04
HIGH
7.3
A vulnerability classified as critical was found in PHPGurukul Old Age Home Management System 1.0. This vulnerability affects unknown code…
CVE-2025-3311
2025-04-06
HIGH
7.3
A vulnerability classified as critical was found in PHPGurukul Men Salon Management System 1.0. This vulnerability affects unknown code of…
CVE-2024-50419
2024-10-30
MEDIUM
5.4
Incorrect Authorization vulnerability in Wpsoul Greenshift – animation and page builder blocks allows Exploiting Incorrectly Configured Access Control Security Levels.This…
CVE-2024-48426
2024-10-24
MEDIUM
6.2
A segmentation fault (SEGV) was detected in the SortByPTypeProcess::Execute function in the Assimp library during fuzz testing with AddressSanitizer. The…
CVE-2024-48343
2024-10-25
MEDIUM
6.3
A SQL Injection vulnerability in ESAFENET CDG 5 and earlier allows an attacker to execute arbitrary code via the id…
CVE-2024-10233
2024-10-29
MEDIUM
6.4
The SMS Alert Order Notifications – WooCommerce plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's sa_subscribe…
CVE-2024-9613
2024-10-26
MEDIUM
6.1
The FormFacade – WordPress plugin for Google Forms plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the 'userId'…
CVE-2025-3689
2025-04-16
HIGH
7.3
A vulnerability has been found in PHPGurukul Men Salon Management System 1.0 and classified as critical. This vulnerability affects unknown…
« Anterior
Página 346 de 3516
Siguiente »
Page load link
Go to Top
