Skip to content
Toggle Navigation
ISO/IEC 27001
Introducción a ISO 27001
Requisitos Normativos
Todos el contenido
Ciberseguridad
Introducción a la ciberseguridad
Defensa de sistemas informáticos
Amenazas y tendencias
Eventos de ciberseguridad
Glosario
Todos los artículos
Vulnerabilidades CVE
Desarrollo seguro (SDLC)
Desarrollo de software seguro
Normativa y Leyes
Leyes de protección de datos
Agencias nacionales de ciberseguridad
Contacto
Vulnerabilidades CVE
Vulnerabilidades CVE
drmunozcl
2025-06-04T18:44:58-04:00
Vulnerabilidades CVE
A continuación la lista de las últimas vulnerabilidades publicadas por el instituto NIST:
Filtrar por severidad:
Todas
NONE
LOW
MEDIUM
HIGH
CRITICAL
UNKNOWN
Filtrar
CVE ID
Publicado
Severidad
CVSS
Descripción
CVE-2023-32253
2025-08-02
MEDIUM
5.9
A flaw was found in the Linux kernel's ksmbd component. A deadlock is triggered by sending multiple concurrent session setup…
CVE-2025-23288
2025-08-02
LOW
3.3
NVIDIA GPU Display Driver for Windows contains a vulnerability where an attacker may cause an exposure of sensitive system information…
CVE-2025-23287
2025-08-02
LOW
3.3
NVIDIA GPU Display Driver for Windows contains a vulnerability where an attacker may access sensitive system-level information. A successful exploit…
CVE-2025-23286
2025-08-02
MEDIUM
4.4
NVIDIA GPU Display Driver for Windows and Linux contains a vulnerability where an attacker could read invalid memory. A successful…
CVE-2025-23283
2025-08-02
HIGH
7.8
NVIDIA vGPU software for Linux-style hypervisors contains a vulnerability in the Virtual GPU Manager, where a malicious guest could cause…
CVE-2025-23281
2025-08-02
HIGH
7.0
NVIDIA GPU Display Driver for Windows contains a vulnerability where an attacker with local unprivileged access that can win a…
CVE-2025-23279
2025-08-02
HIGH
7.0
NVIDIA .run Installer for Linux and Solaris contains a vulnerability where an attacker could use a race condition to escalate…
CVE-2025-23278
2025-08-02
HIGH
7.1
NVIDIA Display Driver for Windows and Linux contains a vulnerability where an attacker might cause an improper index validation by…
CVE-2025-23277
2025-08-02
HIGH
7.3
NVIDIA Display Driver for Linux and Windows contains a vulnerability in the kernel mode driver, where an attacker could access…
CVE-2025-23276
2025-08-02
HIGH
7.8
NVIDIA Installer for Windows contains a vulnerability where an attacker may be able to escalate privileges. A successful exploit of…
CVE-2025-8471
2025-08-02
HIGH
7.3
A vulnerability, which was classified as critical, has been found in projectworlds Online Admission System 1.0. This issue affects some…
CVE-2025-8470
2025-08-02
HIGH
7.3
A vulnerability classified as critical was found in SourceCodester Online Hotel Reservation System 1.0. This vulnerability affects unknown code of…
CVE-2025-8469
2025-08-02
HIGH
7.3
A vulnerability classified as critical has been found in SourceCodester Online Hotel Reservation System 1.0. This affects an unknown part…
CVE-2025-8468
2025-08-02
HIGH
7.3
A vulnerability was found in code-projects Wazifa System 1.0. It has been rated as critical. Affected by this issue is…
CVE-2025-7710
2025-08-02
CRITICAL
9.8
The Brave Conversion Engine (PRO) plugin for WordPress is vulnerable to Authentication Bypass in all versions up to, and including,…
CVE-2025-7500
2025-08-02
MEDIUM
6.4
The Ocean Social Sharing plugin for WordPress is vulnerable to Stored Cross-Site Scripting via social icon titles in all versions…
CVE-2025-8467
2025-08-02
HIGH
7.3
A vulnerability was found in code-projects Wazifa System 1.0. It has been declared as critical. Affected by this vulnerability is…
CVE-2025-8488
2025-08-02
MEDIUM
4.3
The Ultimate Addons for Elementor (Formerly Elementor Header & Footer Builder) plugin for WordPress is vulnerable to unauthorized modification of…
CVE-2025-6722
2025-08-02
MEDIUM
5.3
The BitFire Security – Firewall, WAF, Bot/Spam Blocker, Login Security plugin for WordPress is vulnerable to Sensitive Information Exposure in…
CVE-2025-8466
2025-08-02
HIGH
7.3
A vulnerability was found in code-projects Online Farm System 1.0. It has been classified as critical. Affected is an unknown…
CVE-2025-8400
2025-08-02
MEDIUM
6.1
The Image Gallery plugin for WordPress is vulnerable to Reflected Cross-Site Scripting in all versions up to, and including, 1.0.0…
CVE-2025-8399
2025-08-02
MEDIUM
6.4
The Mmm Unity Loader plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘attributes’ parameter in all versions…
CVE-2025-8391
2025-08-02
MEDIUM
6.4
The Magic Edge – Lite plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘height’ parameter in all…
CVE-2025-6832
2025-08-02
MEDIUM
6.1
The All in One Time Clock Lite – Tracking Employee Time Has Never Been Easier plugin for WordPress is vulnerable…
CVE-2025-8317
2025-08-02
MEDIUM
6.4
The Custom Word Cloud plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘angle’ parameter in all versions…
CVE-2025-8212
2025-08-02
MEDIUM
6.4
The Medical Addon for Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's Typewriter widget in…
CVE-2025-8152
2025-08-02
MEDIUM
5.3
The WP CTA – Call To Action Plugin, Sticky CTA, Sticky Buttons plugin for WordPress is vulnerable to unauthorized modification…
CVE-2025-6754
2025-08-02
HIGH
8.8
The SEO Metrics plugin for WordPress is vulnerable to Privilege Escalation due to missing authorization checks in both the seo_metrics_handle_connect_button_click()…
CVE-2025-6626
2025-08-02
MEDIUM
4.4
The ShortPixel Adaptive Images – WebP, AVIF, CDN, Image Optimization plugin for WordPress is vulnerable to Stored Cross-Site Scripting via…
CVE-2025-4588
2025-08-02
MEDIUM
6.4
The 360 Photo Spheres plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'sphere' shortcode in all…
CVE-2025-8146
2025-08-02
MEDIUM
6.4
The Qi Addons For Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's TypeOut Text widget…
CVE-2025-7694
2025-08-02
MEDIUM
6.8
The Woffice Core plugin for WordPress is vulnerable to arbitrary file deletion due to insufficient file path validation in the…
CVE-2025-6078
2025-08-02
N/A
0.0
Partner Software's Partner Software application and Partner Web application allows an authenticated user to add notes on the 'Notes' page…
CVE-2025-6077
2025-08-02
N/A
0.0
Partner Software's Partner Software Product and corresponding Partner Web application use the same default username and password for the administrator…
CVE-2025-6076
2025-08-02
N/A
0.0
Partner Software's Partner Software application and Partner Web application do not sanitize files uploaded on the "reports" tab, allowing an…
CVE-2025-54796
2025-08-02
HIGH
7.5
Copyparty is a portable file server. Versions prior to 1.18.9, the filter parameter for the "Recent Uploads" page allows arbitrary…
CVE-2025-54790
2025-08-02
N/A
0.0
Files is a module for managing files inside spaces and user profiles. In versions 0.16.9 and below, Files does not…
CVE-2025-54789
2025-08-02
N/A
0.0
Files is a module for managing files inside spaces and user profiles. In versions 0.16.9 and below, the File Move…
CVE-2025-54782
2025-08-02
N/A
0.0
Nest is a framework for building scalable Node.js server-side applications. In versions 0.2.0 and below, a critical Remote Code Execution…
CVE-2025-54781
2025-08-02
LOW
2.8
Himmelblau is an interoperability suite for Microsoft Azure Entra ID and Intune. When debugging is enabled for Himmelblau in version…
CVE-2025-54386
2025-08-02
N/A
0.0
Traefik is an HTTP reverse proxy and load balancer. In versions 2.11.27 and below, 3.0.0 through 3.4.4 and 3.5.0-rc1, a…
CVE-2025-54136
2025-08-02
HIGH
7.2
Cursor is a code editor built for programming with AI. In versions 1.2.4 and below, attackers can achieve remote and…
CVE-2025-54133
2025-08-02
N/A
0.0
Cursor is a code editor built for programming with AI. In versions 1.17 through 1.2, there is a UI information…
CVE-2025-54792
2025-08-01
N/A
0.0
LocalSend is an open-source app to securely share files and messages with nearby devices over local networks without needing an…
CVE-2025-54424
2025-08-01
HIGH
8.1
1Panel is a web interface and MCP Server that manages websites, files, containers, databases, and LLMs on a Linux server.…
CVE-2025-54132
2025-08-01
MEDIUM
4.4
Cursor is a code editor built for programming with AI. In versions below 1.3, Mermaid (which is used to render…
CVE-2025-54131
2025-08-01
MEDIUM
6.4
Cursor is a code editor built for programming with AI. In versions below 1.3, an attacker can bypass the allow…
CVE-2024-13978
2025-08-01
LOW
2.5
A vulnerability was found in LibTIFF up to 4.7.0. It has been declared as problematic. Affected by this vulnerability is…
CVE-2013-10063
2025-08-01
N/A
0.0
A path traversal vulnerability exists in the Netgear SPH200D Skype phone firmware versions
CVE-2013-10062
2025-08-01
N/A
0.0
A directory traversal vulnerability exists in Linksys router's web interface (tested on the E1500 model firmware versions 1.0.00, 1.0.04, and…
« Anterior
Página 35 de 3394
Siguiente »
Page load link
Go to Top
