Skip to content
Toggle Navigation
ISO/IEC 27001
Introducción a ISO 27001
Requisitos Normativos
ISO 27001 – GAP Analysis (Tool)
Concientización
Todos el contenido
Ciberseguridad
Introducción a la ciberseguridad
Defensa de sistemas informáticos
Amenazas y tendencias
Eventos de ciberseguridad
Glosario
Todos los artículos
Vulnerabilidades CVE
Desarrollo seguro (SDLC)
Desarrollo de software seguro
Normativa y Leyes
Leyes de protección de datos
Agencias nacionales de ciberseguridad
Contacto
Vulnerabilidades CVE
Vulnerabilidades CVE
drmunozcl
2025-06-04T18:44:58-04:00
Vulnerabilidades CVE
A continuación la lista de las últimas vulnerabilidades publicadas por el instituto NIST:
Filtrar por severidad:
Todas
NONE
LOW
MEDIUM
HIGH
CRITICAL
UNKNOWN
Filtrar
CVE ID
Publicado
Severidad
CVSS
Descripción
CVE-2024-50419
2024-10-30
MEDIUM
5.4
Incorrect Authorization vulnerability in Wpsoul Greenshift – animation and page builder blocks allows Exploiting Incorrectly Configured Access Control Security Levels.This…
CVE-2024-48426
2024-10-24
MEDIUM
6.2
A segmentation fault (SEGV) was detected in the SortByPTypeProcess::Execute function in the Assimp library during fuzz testing with AddressSanitizer. The…
CVE-2024-48343
2024-10-25
MEDIUM
6.3
A SQL Injection vulnerability in ESAFENET CDG 5 and earlier allows an attacker to execute arbitrary code via the id…
CVE-2024-10233
2024-10-29
MEDIUM
6.4
The SMS Alert Order Notifications – WooCommerce plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's sa_subscribe…
CVE-2024-9613
2024-10-26
MEDIUM
6.1
The FormFacade – WordPress plugin for Google Forms plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the 'userId'…
CVE-2025-3689
2025-04-16
HIGH
7.3
A vulnerability has been found in PHPGurukul Men Salon Management System 1.0 and classified as critical. This vulnerability affects unknown…
CVE-2024-39635
2024-11-01
MEDIUM
5.4
Missing Authorization vulnerability in KaineLabs Youzify allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Youzify: from n/a through…
CVE-2025-2608
2025-03-21
MEDIUM
6.3
A vulnerability classified as critical has been found in PHPGurukul Banquet Booking System 1.2. This affects an unknown part of…
CVE-2024-48061
2024-11-04
CRITICAL
9.8
langflow
CVE-2025-4213
2025-05-02
HIGH
7.3
A vulnerability has been found in PHPGurukul Online Birth Certificate System 1.0 and classified as critical. This vulnerability affects unknown…
CVE-2025-3728
2025-04-16
MEDIUM
5.3
A vulnerability classified as critical was found in SourceCodester Simple Hotel Booking System 1.0. This vulnerability affects the function Login.…
CVE-2025-3928
2025-04-25
HIGH
8.8
Commvault Web Server has an unspecified vulnerability that can be exploited by a remote, authenticated attacker. According to the Commvault…
CVE-2024-9926
2024-11-07
MEDIUM
4.3
The Jetpack WordPress plugin does not have proper authorisation in one of its REST endpoint, allowing any authenticated users, such…
CVE-2024-50966
2024-11-08
CRITICAL
9.3
dingfanzu CMS V1.0 was discovered to contain a Cross-Site Request Forgery (CSRF) via the component /admin/doAdminAction.php?act=addAdmin.
CVE-2024-10625
2024-11-09
CRITICAL
9.8
The WooCommerce Support Ticket System plugin for WordPress is vulnerable to arbitrary file deletion due to insufficient file path validation…
CVE-2024-10626
2024-11-09
HIGH
8.8
The WooCommerce Support Ticket System plugin for WordPress is vulnerable to arbitrary file deletion due to insufficient file path validation…
CVE-2025-5224
2025-05-27
HIGH
7.3
A vulnerability classified as critical has been found in Campcodes Online Hospital Management System 1.0. Affected is an unknown function…
CVE-2024-45478
2025-01-21
MEDIUM
4.8
Stored XSS vulnerability in Edit Service Page of Apache Ranger UI in Apache Ranger Version 2.4.0. Users are recommended to…
CVE-2024-45479
2025-01-21
CRITICAL
9.1
SSRF vulnerability in Edit Service Page of Apache Ranger UI in Apache Ranger Version 2.4.0. Users are recommended to upgrade…
CVE-2024-56923
2025-01-22
MEDIUM
5.4
Stored Cross-Site Scripting (XSS) Vulnerability in the Categorization Option of My Subscriptions Functionality in Silverpeas Core 6.3.1
CVE-2025-0357
2025-01-25
CRITICAL
9.8
The WPBookit plugin for WordPress is vulnerable to arbitrary file uploads due to insufficient file type validation in the 'WPB_Profile_controller::handle_image_upload'…
CVE-2024-12113
2025-01-25
MEDIUM
4.3
The Youzify – BuddyPress Community, User Profile, Social Network & Membership Plugin for WordPress plugin for WordPress is vulnerable to…
CVE-2025-5225
2025-05-27
HIGH
7.3
A vulnerability, which was classified as critical, was found in Campcodes Advanced Online Voting System 1.0. This affects an unknown…
CVE-2025-5229
2025-05-27
HIGH
7.3
A vulnerability was found in Campcodes Online Hospital Management System 1.0. It has been rated as critical. Affected by this…
CVE-2025-5246
2025-05-27
HIGH
7.3
A vulnerability classified as critical was found in Campcodes Online Hospital Management System 1.0. This vulnerability affects unknown code of…
CVE-2025-5298
2025-05-28
HIGH
7.3
A vulnerability, which was classified as critical, was found in Campcodes Online Hospital Management System 1.0. Affected is an unknown…
CVE-2025-2912
2025-03-28
LOW
3.3
A vulnerability was found in HDF5 up to 1.14.6. It has been declared as problematic. Affected by this vulnerability is…
CVE-2025-2913
2025-03-28
LOW
3.3
A vulnerability was found in HDF5 up to 1.14.6. It has been rated as problematic. Affected by this issue is…
CVE-2024-10720
2025-03-20
MEDIUM
6.1
A stored cross-site scripting (XSS) vulnerability exists in phpipam/phpipam version 1.5.2. The vulnerability occurs in the 'Device Management' section under…
CVE-2024-10722
2025-03-20
MEDIUM
5.4
A stored cross-site scripting (XSS) vulnerability exists in phpipam/phpipam version 1.5.2. The vulnerability allows attackers to inject malicious scripts into…
CVE-2024-10723
2025-03-20
MEDIUM
5.4
A stored cross-site scripting (XSS) vulnerability was discovered in phpipam/phpipam version 1.5.2. This vulnerability allows an attacker to inject malicious…
CVE-2024-10724
2025-03-20
MEDIUM
5.4
A stored cross-site scripting (XSS) vulnerability exists in phpipam/phpipam version 1.5.2, specifically in the Subnet NAT translations section when editing…
CVE-2024-10725
2025-03-20
MEDIUM
5.4
A stored cross-site scripting (XSS) vulnerability exists in phpipam/phpipam version 1.5.2. This vulnerability allows an attacker to inject malicious scripts…
CVE-2024-10719
2025-03-20
MEDIUM
5.4
A stored cross-site scripting (XSS) vulnerability exists in phpipam version 1.5.2, specifically in the circuits options functionality. This vulnerability allows…
CVE-2025-1813
2025-03-02
MEDIUM
4.3
A vulnerability classified as problematic was found in zj1983 zz up to 2024-08. Affected by this vulnerability is an unknown…
CVE-2025-22212
2025-03-05
LOW
2.7
A SQL injection vulnerability in the Convert Forms component versions 1.0.0-1.0.0 - 4.4.9 for Joomla allows authenticated attackers (administrator) to…
CVE-2025-2120
2025-03-09
LOW
2.1
A vulnerability was found in Thinkware Car Dashcam F800 Pro up to 20250226. It has been rated as problematic. This…
CVE-2025-2121
2025-03-09
MEDIUM
6.3
A vulnerability classified as critical has been found in Thinkware Car Dashcam F800 Pro up to 20250226. Affected is an…
CVE-2024-12964
2024-12-26
HIGH
7.3
A vulnerability was found in 1000 Projects Daily College Class Work Report Book 1.0. It has been classified as critical.…
CVE-2024-43158
2024-11-01
HIGH
7.5
Missing Authorization vulnerability in Masteriyo Masteriyo - LMS allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Masteriyo -…
CVE-2024-43159
2024-11-01
MEDIUM
5.3
Missing Authorization vulnerability in Masteriyo Masteriyo - LMS allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Masteriyo -…
CVE-2023-50904
2024-12-09
MEDIUM
5.3
Missing Authorization vulnerability in Poll Maker Team Poll Maker allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Poll…
CVE-2023-45766
2025-01-02
MEDIUM
5.3
Missing Authorization vulnerability in Poll Maker Team Poll Maker allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Poll…
CVE-2024-12986
2024-12-27
HIGH
7.3
A vulnerability, which was classified as critical, has been found in DrayTek Vigor2960 and Vigor300B 1.5.1.3/1.5.1.4. This issue affects some…
CVE-2024-56295
2025-01-15
MEDIUM
6.5
Missing Authorization vulnerability in Poll Maker Team Poll Maker allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Poll…
CVE-2024-12988
2024-12-27
HIGH
7.3
A vulnerability has been found in Netgear R6900P and R7000P 1.3.3.154 and classified as critical. Affected by this vulnerability is…
CVE-2024-48814
2025-01-03
HIGH
7.5
SQL Injection vulnerability in Silverpeas 6.4.1 allows a remote attacker to obtain sensitive information via the ViewType parameter of the…
CVE-2025-26817
2025-04-03
CRITICAL
9.8
Netwrix Password Secure 9.2.0.32454 allows OS command injection.
CVE-2025-3155
2025-04-03
HIGH
7.4
A flaw was found in Yelp. The Gnome user help application allows the help document to execute arbitrary scripts. This…
CVE-2024-20076
2024-07-01
HIGH
7.5
In Modem, there is a possible system crash due to incorrect error handling. This could lead to remote denial of…
« Anterior
Página 347 de 3516
Siguiente »
Page load link
Go to Top
