Skip to content
Toggle Navigation
ISO/IEC 27001
Introducción a ISO 27001
Requisitos Normativos
ISO 27001 – GAP Analysis (Tool)
Concientización
Todos el contenido
Ciberseguridad
Introducción a la ciberseguridad
Defensa de sistemas informáticos
Amenazas y tendencias
Eventos de ciberseguridad
Glosario
Todos los artículos
Vulnerabilidades CVE
Desarrollo seguro (SDLC)
Desarrollo de software seguro
Normativa y Leyes
Leyes de protección de datos
Agencias nacionales de ciberseguridad
Contacto
Vulnerabilidades CVE
Vulnerabilidades CVE
drmunozcl
2025-06-04T18:44:58-04:00
Vulnerabilidades CVE
A continuación la lista de las últimas vulnerabilidades publicadas por el instituto NIST:
Filtrar por severidad:
Todas
NONE
LOW
MEDIUM
HIGH
CRITICAL
UNKNOWN
Filtrar
CVE ID
Publicado
Severidad
CVSS
Descripción
CVE-2024-13189
2025-01-08
HIGH
7.3
A vulnerability classified as critical has been found in ZeroWdd myblog 1.0. This affects an unknown part of the file…
CVE-2024-20077
2024-07-01
HIGH
7.5
In Modem, there is a possible system crash due to incorrect error handling. This could lead to remote denial of…
CVE-2024-20078
2024-07-01
CRITICAL
9.8
In venc, there is a possible out of bounds write due to type confusion. This could lead to local escalation…
CVE-2024-20080
2024-07-01
CRITICAL
9.8
In gnss service, there is a possible escalation of privilege due to improper certificate validation. This could lead to remote…
CVE-2024-13191
2025-01-08
MEDIUM
6.3
A vulnerability, which was classified as critical, has been found in ZeroWdd myblog 1.0. This issue affects the function upload…
CVE-2024-31403
2024-06-11
MEDIUM
5.4
Incorrect authorization vulnerability in Cybozu Garoon 5.0.0 to 6.0.0 allows a remote authenticated attacker to alter and/or obtain the data…
CVE-2024-31404
2024-06-11
MEDIUM
4.3
Insertion of sensitive information into sent data issue exists in Cybozu Garoon 5.5.0 to 6.0.0, which may allow a user…
CVE-2025-4050
2025-05-05
HIGH
8.8
Out of bounds memory access in DevTools in Google Chrome prior to 136.0.7103.59 allowed a remote attacker who convinced a…
CVE-2025-4051
2025-05-05
MEDIUM
6.3
Insufficient data validation in DevTools in Google Chrome prior to 136.0.7103.59 allowed a remote attacker who convinced a user to…
CVE-2025-4052
2025-05-05
CRITICAL
9.8
Inappropriate implementation in DevTools in Google Chrome prior to 136.0.7103.59 allowed a remote attacker who convinced a user to engage…
CVE-2025-4096
2025-05-05
HIGH
8.8
Heap buffer overflow in HTML in Google Chrome prior to 136.0.7103.59 allowed a remote attacker to potentially exploit heap corruption…
CVE-2025-46335
2025-05-05
MEDIUM
5.4
Mobile Security Framework (MobSF) is a security research platform for mobile applications in Android, iOS and Windows Mobile. A Stored…
CVE-2024-4669
2024-06-11
MEDIUM
6.4
The Events Addon for Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the Basic Slider, Upcoming Events,…
CVE-2024-0427
2024-06-12
MEDIUM
6.3
The ARForms - Premium WordPress Form Builder Plugin WordPress plugin before 6.4.1 does not properly escape user-controlled input when it…
CVE-2025-1909
2025-05-05
CRITICAL
9.8
The BuddyBoss Platform Pro plugin for WordPress is vulnerable to authentication bypass in versions up to, and including, 2.7.01. This…
CVE-2025-4359
2025-05-06
HIGH
7.3
A vulnerability classified as critical was found in itsourcecode Gym Management System 1.0. Affected by this vulnerability is an unknown…
CVE-2025-4360
2025-05-06
HIGH
7.3
A vulnerability, which was classified as critical, has been found in itsourcecode Gym Management System 1.0. Affected by this issue…
CVE-2025-4362
2025-05-06
HIGH
7.3
A vulnerability classified as critical was found in itsourcecode Gym Management System 1.0. This vulnerability affects unknown code of the…
CVE-2025-4372
2025-05-06
HIGH
8.8
Use after free in WebAudio in Google Chrome prior to 136.0.7103.92 allowed a remote attacker to potentially exploit heap corruption…
CVE-2023-6487
2024-05-22
MEDIUM
4.4
The LuckyWP Table of Contents plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘Header Title' field in…
CVE-2024-2119
2024-05-22
MEDIUM
6.1
The LuckyWP Table of Contents plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the attrs parameter in all…
CVE-2024-2953
2024-05-22
MEDIUM
5.5
The LuckyWP Table of Contents plugin for WordPress is vulnerable to Stored Cross-Site Scripting via multiple parameters in versions up…
CVE-2024-35409
2024-05-22
CRITICAL
9.8
WeBid 1.1.2 is vulnerable to SQL Injection via admin/tax.php.
CVE-2024-1805
2024-05-02
MEDIUM
6.4
The wpbakery plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the button onclick attribute in all versions up…
CVE-2024-1840
2024-05-02
MEDIUM
6.4
The wpbakery plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the Post Author tag attribute in all versions…
CVE-2024-1841
2024-05-02
MEDIUM
6.4
The wpbakery plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the Post Title tag attribute in all versions…
CVE-2024-1842
2024-05-02
MEDIUM
6.4
The wpbakery plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the Custom Heading tag attribute in all versions…
CVE-2024-22871
2024-02-29
HIGH
7.5
An issue in Clojure versions 1.20 to 1.12.0-alpha5 allows an attacker to cause a denial of service (DoS) via the…
CVE-2023-50378
2024-03-01
MEDIUM
6.1
Lack of proper input validation and constraint enforcement in Apache Ambari prior to 2.7.8 Impact : As it will be…
CVE-2024-27138
2024-03-01
HIGH
7.5
** UNSUPPORTED WHEN ASSIGNED ** Incorrect Authorization vulnerability in Apache Archiva. Apache Archiva has a setting to disable user registration,…
CVE-2024-27139
2024-03-01
HIGH
7.5
** UNSUPPORTED WHEN ASSIGNED ** Incorrect Authorization vulnerability in Apache Archiva: a vulnerability in Apache Archiva allows an unauthenticated attacker…
CVE-2024-27140
2024-03-01
MEDIUM
5.4
** UNSUPPORTED WHEN ASSIGNED ** Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Apache Archiva. This…
CVE-2024-24766
2024-03-06
MEDIUM
6.2
CasaOS-UserService provides user management functionalities to CasaOS. Starting in version 0.4.4.3 and prior to version 0.4.7, the Casa OS Login…
CVE-2024-5709
2024-08-06
HIGH
8.8
The WPBakery Visual Composer plugin for WordPress is vulnerable to Local File Inclusion in all versions up to, and including,…
CVE-2024-7082
2024-08-06
MEDIUM
6.1
The Easy Table of Contents WordPress plugin before 2.0.68 does not sanitise and escape some parameters, which could allow users…
CVE-2024-7084
2024-08-06
MEDIUM
4.8
The Ajax Search Lite WordPress plugin before 4.12.1 does not sanitise and escape some parameters, which could allow users with…
CVE-2024-3973
2024-08-07
MEDIUM
4.8
The House Manager WordPress plugin through 1.0.8.4 does not sanitise and escape a parameter before outputting it back in the…
CVE-2024-6481
2024-08-08
MEDIUM
4.8
The Search & Filter Pro WordPress plugin before 2.5.18 does not sanitise and escape some of its settings, which could…
CVE-2024-7704
2024-08-12
MEDIUM
5.3
A vulnerability was found in Weaver e-cology 8. It has been classified as problematic. Affected is an unknown function of…
CVE-2025-3242
2025-04-04
MEDIUM
6.3
A vulnerability has been found in PHPGurukul e-Diary Management System 1.0 and classified as critical. This vulnerability affects unknown code…
CVE-2025-3211
2025-04-04
MEDIUM
6.3
A vulnerability classified as critical has been found in code-projects Patient Record Management System 1.0. This affects an unknown part…
CVE-2025-4501
2025-05-10
MEDIUM
5.3
A vulnerability, which was classified as critical, was found in code-projects Album Management System 1.0. This affects the function searchalbum…
CVE-2025-4499
2025-05-10
MEDIUM
5.3
A vulnerability classified as critical was found in code-projects Simple Hospital Management System 1.0. Affected by this vulnerability is the…
CVE-2025-4498
2025-05-10
MEDIUM
5.3
A vulnerability classified as critical has been found in code-projects Simple Bus Reservation System 1.0. Affected is the function a::install…
CVE-2024-57698
2025-04-29
HIGH
7.5
An issue in modernwms v.1.0 allows an attacker view the MD5 hash of the administrator password and other attributes without…
CVE-2025-46560
2025-04-30
MEDIUM
6.5
vLLM is a high-throughput and memory-efficient inference and serving engine for LLMs. Versions starting from 0.8.0 and prior to 0.8.5…
CVE-2022-47914
2025-05-28
N/A
0.0
Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority because it is Unused
CVE-2022-46739
2025-05-28
N/A
0.0
Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority because it is Unused
CVE-2022-46736
2025-05-28
N/A
0.0
Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority because it is Unused
CVE-2022-46735
2025-05-28
N/A
0.0
Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority because it is Unused
« Anterior
Página 348 de 3516
Siguiente »
Page load link
Go to Top
