Skip to content
Toggle Navigation
ISO/IEC 27001
Introducción a ISO 27001
Requisitos Normativos
ISO 27001 – GAP Analysis (Tool)
Concientización
Todos el contenido
Ciberseguridad
Introducción a la ciberseguridad
Defensa de sistemas informáticos
Amenazas y tendencias
Eventos de ciberseguridad
Glosario
Todos los artículos
Vulnerabilidades CVE
Desarrollo seguro (SDLC)
Desarrollo de software seguro
Normativa y Leyes
Leyes de protección de datos
Agencias nacionales de ciberseguridad
Contacto
Vulnerabilidades CVE
Vulnerabilidades CVE
drmunozcl
2025-06-04T18:44:58-04:00
Vulnerabilidades CVE
A continuación la lista de las últimas vulnerabilidades publicadas por el instituto NIST:
Filtrar por severidad:
Todas
NONE
LOW
MEDIUM
HIGH
CRITICAL
UNKNOWN
Filtrar
CVE ID
Publicado
Severidad
CVSS
Descripción
CVE-2022-26424
2025-05-28
N/A
0.0
Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority because it is Unused
CVE-2022-26304
2025-05-28
N/A
0.0
Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority because it is Unused
CVE-2022-26072
2025-05-28
N/A
0.0
Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority because it is Unused
CVE-2022-26056
2025-05-28
N/A
0.0
Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority because it is Unused
CVE-2022-26037
2025-05-28
N/A
0.0
Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority because it is Unused
CVE-2022-37205
2022-09-20
HIGH
8.8
JFinal CMS 5.1.0 is affected by: SQL Injection. These interfaces do not use the same component, nor do they have…
CVE-2022-25909
2025-05-28
N/A
0.0
Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority because it is Unused
CVE-2022-25870
2025-05-28
N/A
0.0
Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority because it is Unused
CVE-2022-25868
2025-05-28
N/A
0.0
Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority because it is Unused
CVE-2022-24067
2025-05-28
N/A
0.0
Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority because it is Unused
CVE-2025-0300
2025-01-07
MEDIUM
6.3
A vulnerability classified as critical was found in code-projects Online Book Shop 1.0. Affected by this vulnerability is an unknown…
CVE-2025-1845
2025-03-03
MEDIUM
6.3
A vulnerability has been found in ESAFENET DSM 3.1.2 and classified as critical. Affected by this vulnerability is the function…
CVE-2025-1844
2025-03-03
MEDIUM
6.3
A vulnerability, which was classified as critical, was found in ESAFENET CDG 5.6.3.154.205_20250114. Affected is an unknown function of the…
CVE-2025-0348
2025-01-09
LOW
3.5
A vulnerability was found in CampCodes DepEd Equipment Inventory System 1.0. It has been rated as problematic. This issue affects…
CVE-2025-4815
2025-05-17
HIGH
7.3
A vulnerability was found in Campcodes Sales and Inventory System 1.0 and classified as critical. Affected by this issue is…
CVE-2024-41550
2024-07-24
HIGH
7.2
CampCodes Supplier Management System v1.0 is vulnerable to SQL injection via Supply_Management_System/admin/view_invoice_items.php?id= .
CVE-2025-30281
2025-04-08
CRITICAL
9.1
ColdFusion versions 2023.12, 2021.18, 2025.0 and earlier are affected by an Improper Access Control vulnerability that could result in arbitrary…
CVE-2025-1841
2025-03-03
HIGH
7.3
A vulnerability classified as critical has been found in ESAFENET CDG 5.6.3.154.205. This affects an unknown part of the file…
CVE-2024-51138
2025-02-27
CRITICAL
9.8
Vigor165/166 4.2.7 and earlier; Vigor2620/LTE200 3.9.8.9 and earlier; Vigor2860/2925 3.9.8 and earlier; Vigor2862/2926 3.9.9.5 and earlier; Vigor2133/2762/2832 3.9.9 and earlier;…
CVE-2024-51139
2025-02-27
CRITICAL
9.8
Buffer Overflow vulnerability in Vigor2620/LTE200 3.9.8.9 and earlier and Vigor2860/2925 3.9.8 and earlier and Vigor2862/2926 3.9.9.5 and earlier and Vigor2133/2762/2832…
CVE-2024-25711
2024-02-27
HIGH
7.5
diffoscope before 256 allows directory traversal via an embedded filename in a GPG file. Contents of any file, such as…
CVE-2023-49493
2023-12-07
MEDIUM
6.1
DedeCMS v5.7.111 was discovered to contain a reflective cross-site scripting (XSS) vulnerability via the v parameter at selectimages.php.
CVE-2023-6512
2023-12-06
MEDIUM
6.5
Inappropriate implementation in Web Browser UI in Google Chrome prior to 120.0.6099.62 allowed a remote attacker to potentially spoof the…
CVE-2023-49404
2023-12-07
CRITICAL
9.8
Tenda W30E V16.01.0.12(4843) was discovered to contain a stack overflow via the function formAdvancedSetListSet.
CVE-2023-49437
2023-12-07
CRITICAL
9.8
Tenda AX12 V22.03.01.46 has been discovered to contain a command injection vulnerability in the 'list' parameter at /goform/SetNetControlList.
CVE-2023-48834
2023-12-07
HIGH
7.5
A lack of rate limiting in pjActionAjaxSend in Car Rental v3.0 allows attackers to cause resource exhaustion.
CVE-2023-46307
2023-12-07
HIGH
7.5
An issue was discovered in server.js in etcd-browser 87ae63d75260. By supplying a /../../../ Directory Traversal input to the URL's GET…
CVE-2023-49246
2023-12-06
HIGH
7.5
Unauthorized access vulnerability in the card management module. Successful exploitation of this vulnerability may affect service confidentiality.
CVE-2023-40301
2023-12-07
CRITICAL
9.8
NETSCOUT nGeniusPULSE 3.8 has a Command Injection Vulnerability.
CVE-2023-43304
2023-12-07
HIGH
8.2
An issue in PARK DANDAN mini-app on Line v13.6.1 allows attackers to send crafted malicious notifications via leakage of the…
CVE-2023-45210
2023-12-06
MEDIUM
4.3
Pleasanter 1.3.47.0 and earlier contains an improper access control vulnerability, which may allow a remote authenticated attacker to view the…
CVE-2023-41835
2023-12-05
HIGH
7.5
When a Multipart request is performed but some of the fields exceed the maxStringLength limit, the upload files will remain…
CVE-2022-41228
2022-09-21
HIGH
8.8
A missing permission check in Jenkins NS-ND Integration Performance Publisher Plugin 4.8.0.129 and earlier allows attackers with Overall/Read permissions to…
CVE-2022-41227
2022-09-21
HIGH
8.8
A cross-site request forgery (CSRF) vulnerability in Jenkins NS-ND Integration Performance Publisher Plugin 4.8.0.129 and earlier allows attackers to connect…
CVE-2022-41226
2022-09-21
CRITICAL
9.8
Jenkins Compuware Common Configuration Plugin 1.0.14 and earlier does not configure its XML parser to prevent XML external entity (XXE)…
CVE-2022-41225
2022-09-21
MEDIUM
5.4
Jenkins Anchore Container Image Scanner Plugin 1.0.24 and earlier does not escape content provided by the Anchore engine API, resulting…
CVE-2022-41224
2022-09-21
MEDIUM
5.4
Jenkins 2.367 through 2.369 (both inclusive) does not escape tooltips of the l:helpIcon UI component used for some help icons…
CVE-2022-41222
2022-09-21
HIGH
7.0
mm/mremap.c in the Linux kernel before 5.13.3 has a use-after-free via a stale TLB because an rmap lock is not…
CVE-2022-41218
2022-09-21
MEDIUM
5.5
In drivers/media/dvb-core/dmxdev.c in the Linux kernel through 5.19.10, there is a use-after-free caused by refcount races, affecting dvb_demux_open and dvb_dmxdev_release.
CVE-2022-40357
2022-09-20
CRITICAL
9.8
A security issue was discovered in Z-BlogPHP
CVE-2022-40009
2022-09-20
CRITICAL
9.8
SWFTools commit 772e55a was discovered to contain a heap-use-after-free via the function grow_unicode at /lib/ttf.c.
CVE-2022-40008
2022-09-20
CRITICAL
9.8
SWFTools commit 772e55a was discovered to contain a heap-buffer overflow via the function readU8 at /lib/ttf.c.
CVE-2022-38931
2022-09-20
HIGH
8.8
A Server-Side Request Forgery (SSRF) in fetch_net_file_upload function of baijiacmsV4 v4.1.4 allows remote attackers to force the application to make…
CVE-2022-38955
2022-09-20
HIGH
7.5
An exploitable firmware modification vulnerability was discovered on the Netgear WPN824EXT WiFi Range Extender. An attacker can conduct a MITM…
CVE-2022-38178
2022-09-21
HIGH
7.5
By spoofing the target resolver with responses that have a malformed EdDSA signature, an attacker can trigger a small memory…
CVE-2022-38177
2022-09-21
HIGH
7.5
By spoofing the target resolver with responses that have a malformed ECDSA signature, an attacker can trigger a small memory…
CVE-2022-38619
2022-09-21
CRITICAL
9.8
SmartVista SVFE2 v2.2.22 was discovered to contain a SQL injection vulnerability via the UserForm:j_id90 parameter at /SVFE2/pages/feegroups/mcc_group.jsf.
CVE-2022-37884
2022-09-20
HIGH
7.5
A vulnerability exists in the ClearPass Policy Manager Guest User Interface that can allow an unauthenticated attacker to send specific…
CVE-2022-37882
2022-09-20
HIGH
7.2
Vulnerabilities in the ClearPass Policy Manager web-based management interface allow remote authenticated users to run arbitrary commands on the underlying…
CVE-2022-35090
2022-09-21
MEDIUM
5.5
SWFTools commit 772e55a2 was discovered to contain a heap-buffer overflow via __asan_memcpy at /asan/asan_interceptors_memintrinsics.cpp:.
« Anterior
Página 354 de 3516
Siguiente »
Page load link
Go to Top
