Skip to content
Toggle Navigation
ISO/IEC 27001
Introducción a ISO 27001
Requisitos Normativos
ISO 27001 – GAP Analysis (Tool)
Concientización
Todos el contenido
Ciberseguridad
Introducción a la ciberseguridad
Defensa de sistemas informáticos
Amenazas y tendencias
Eventos de ciberseguridad
Glosario
Todos los artículos
Vulnerabilidades CVE
Desarrollo seguro (SDLC)
Desarrollo de software seguro
Normativa y Leyes
Leyes de protección de datos
Agencias nacionales de ciberseguridad
Contacto
Vulnerabilidades CVE
Vulnerabilidades CVE
drmunozcl
2025-06-04T18:44:58-04:00
Vulnerabilidades CVE
A continuación la lista de las últimas vulnerabilidades publicadas por el instituto NIST:
Filtrar por severidad:
Todas
NONE
LOW
MEDIUM
HIGH
CRITICAL
UNKNOWN
Filtrar
CVE ID
Publicado
Severidad
CVSS
Descripción
CVE-2022-38177
2022-09-21
HIGH
7.5
By spoofing the target resolver with responses that have a malformed ECDSA signature, an attacker can trigger a small memory…
CVE-2022-38619
2022-09-21
CRITICAL
9.8
SmartVista SVFE2 v2.2.22 was discovered to contain a SQL injection vulnerability via the UserForm:j_id90 parameter at /SVFE2/pages/feegroups/mcc_group.jsf.
CVE-2022-37884
2022-09-20
HIGH
7.5
A vulnerability exists in the ClearPass Policy Manager Guest User Interface that can allow an unauthenticated attacker to send specific…
CVE-2022-37882
2022-09-20
HIGH
7.2
Vulnerabilities in the ClearPass Policy Manager web-based management interface allow remote authenticated users to run arbitrary commands on the underlying…
CVE-2022-35090
2022-09-21
MEDIUM
5.5
SWFTools commit 772e55a2 was discovered to contain a heap-buffer overflow via __asan_memcpy at /asan/asan_interceptors_memintrinsics.cpp:.
CVE-2022-37881
2022-09-20
HIGH
7.2
Vulnerabilities in the ClearPass Policy Manager web-based management interface allow remote authenticated users to run arbitrary commands on the underlying…
CVE-2022-37880
2022-09-20
HIGH
7.2
Vulnerabilities in the ClearPass Policy Manager web-based management interface allow remote authenticated users to run arbitrary commands on the underlying…
CVE-2022-37879
2022-09-20
HIGH
7.2
Vulnerabilities in the ClearPass Policy Manager web-based management interface allow remote authenticated users to run arbitrary commands on the underlying…
CVE-2022-37878
2022-09-20
HIGH
7.2
Vulnerabilities in the ClearPass Policy Manager web-based management interface allow remote authenticated users to run arbitrary commands on the underlying…
CVE-2022-37395
2022-09-20
HIGH
7.5
A Huawei device has an input verification vulnerability. Successful exploitation of this vulnerability may lead to DoS attacks.Affected product versions…
CVE-2022-35089
2022-09-21
MEDIUM
5.5
SWFTools commit 772e55a2 was discovered to contain a heap-buffer-overflow via getTransparentColor at /home/bupt/Desktop/swftools/src/gif2swf.
CVE-2022-35088
2022-09-21
MEDIUM
5.5
SWFTools commit 772e55a2 was discovered to contain a heap buffer-overflow via getGifDelayTime at /home/bupt/Desktop/swftools/src/src/gif2swf.c.
CVE-2022-35087
2022-09-21
MEDIUM
5.5
SWFTools commit 772e55a2 was discovered to contain a segmentation violation via MovieAddFrame at /src/gif2swf.c.
CVE-2022-35086
2022-09-21
MEDIUM
5.5
SWFTools commit 772e55a2 was discovered to contain a segmentation violation via /multiarch/memmove-vec-unaligned-erms.S.
CVE-2022-33735
2022-09-20
MEDIUM
6.5
There is a password verification vulnerability in WS7200-10 11.0.2.13. Attackers on the LAN may use brute force cracking to obtain…
CVE-2022-2906
2022-09-21
HIGH
7.5
An attacker can leverage this flaw to gradually erode available memory to the point where named crashes for lack of…
CVE-2022-32880
2022-09-20
MEDIUM
6.5
This issue was addressed by enabling hardened runtime. This issue is fixed in macOS Monterey 12.5. An app may be…
CVE-2022-32802
2022-09-20
HIGH
7.8
A logic issue was addressed with improved checks. This issue is fixed in iOS 15.6 and iPadOS 15.6, tvOS 15.6,…
CVE-2022-32788
2022-09-20
CRITICAL
9.8
A buffer overflow was addressed with improved bounds checking. This issue is fixed in watchOS 8.7, tvOS 15.6, iOS 15.6…
CVE-2022-30579
2022-09-20
HIGH
7.1
The Web Player component of TIBCO Software Inc.'s TIBCO Spotfire Analytics Platform for AWS Marketplace and TIBCO Spotfire Server contains…
CVE-2022-2881
2022-09-21
MEDIUM
5.5
The underlying bug might cause read past end of the buffer and either read memory it should not read, or…
CVE-2022-28640
2022-09-20
HIGH
8.8
A potential local adjacent arbitrary code execution vulnerability that could potentially lead to a loss of confidentiality, integrity, and availability…
CVE-2022-26696
2022-09-20
HIGH
8.8
This issue was addressed with improved environment sanitization. This issue is fixed in macOS Monterey 12.4. A sandboxed process may…
CVE-2022-23696
2022-09-20
HIGH
8.8
Vulnerabilities in the web-based management interface of ClearPass Policy Manager could allow an authenticated remote attacker to conduct SQL injection…
CVE-2022-23693
2022-09-20
HIGH
8.8
Vulnerabilities in the web-based management interface of ClearPass Policy Manager could allow an authenticated remote attacker to conduct SQL injection…
CVE-2022-23692
2022-09-20
HIGH
8.8
Vulnerabilities in the web-based management interface of ClearPass Policy Manager could allow an authenticated remote attacker to conduct SQL injection…
CVE-2021-46835
2022-09-20
MEDIUM
4.3
There is a traffic hijacking vulnerability in WS7200-10 11.0.2.13. Successful exploitation of this vulnerability can cause packets to be hijacked…
CVE-2021-46834
2022-09-20
MEDIUM
5.5
A permission bypass vulnerability in Huawei cross device task management could allow an attacker to access certain resource in the…
CVE-2020-36602
2022-09-20
MEDIUM
6.1
There is an out-of-bounds read and write vulnerability in some headset products. An unauthenticated attacker gets the device physically and…
CVE-2025-31494
2025-04-15
LOW
3.5
AutoGPT is a platform that allows users to create, deploy, and manage continuous artificial intelligence agents that automate complex workflows.…
CVE-2025-3209
2025-04-04
MEDIUM
6.3
A vulnerability was found in code-projects Patient Record Management System 1.0. It has been declared as critical. Affected by this…
CVE-2025-44835
2025-05-01
MEDIUM
6.3
D-Link DIR-816 A2V1.1.0B05 was found to contain a command injection in iptablesWebsFilterRun, which allows remote attackers to execute arbitrary commands…
CVE-2025-46566
2025-05-01
CRITICAL
9.8
DataEase is an open-source BI tool alternative to Tableau. Prior to version 2.10.9, authenticated users can complete RCE through the…
CVE-2025-4197
2025-05-02
MEDIUM
6.3
A vulnerability classified as critical has been found in code-projects Patient Record Management System 1.0. Affected is an unknown function…
CVE-2025-3513
2025-05-02
LOW
3.5
The SureForms WordPress plugin before 1.4.4 does not sanitise and escape some of its Form settings, which could allow high…
CVE-2025-3514
2025-05-02
LOW
3.5
The SureForms WordPress plugin before 1.4.4 does not sanitise and escape some of its Form settings, which could allow high…
CVE-2025-3136
2025-04-03
LOW
3.3
A vulnerability, which was classified as problematic, has been found in PyTorch 2.6.0. This issue affects the function torch.cuda.memory.caching_allocator_delete of…
CVE-2025-3123
2025-04-02
MEDIUM
4.7
A vulnerability, which was classified as critical, has been found in WonderCMS 3.5.0. Affected by this issue is the function…
CVE-2025-1986
2025-04-01
MEDIUM
4.1
The Gutentor WordPress plugin before 3.4.7 does not sanitize and escape a parameter before using it in a SQL statement,…
CVE-2025-4250
2025-05-04
HIGH
7.3
A vulnerability was found in code-projects Nero Social Networking Site 1.0. It has been classified as critical. This affects an…
CVE-2024-29643
2025-04-18
CRITICAL
9.1
An issue in croogo v.3.0.2 allows an attacker to perform Host header injection via the feed.rss component.
CVE-2025-3796
2025-04-18
MEDIUM
6.3
A vulnerability classified as critical has been found in PHPGurukul Men Salon Management System 1.0. This affects an unknown part…
CVE-2024-13926
2025-04-19
HIGH
7.5
The WP-Syntax WordPress plugin through 1.2 does not properly handle input, allowing an attacker to create a post containing a…
CVE-2025-25228
2025-04-21
LOW
3.8
A SQL injection in VirtueMart component 1.0.0 - 4.4.7 for Joomla allows authenticated attackers (administrator) to execute arbitrary SQL commands…
CVE-2025-29446
2025-04-21
LOW
3.3
open-webui v0.5.16 is vulnerable to SSRF in routers/ollama.py in function verify_connection.
CVE-2025-28103
2025-04-21
MEDIUM
6.4
Incorrect access control in laskBlog v2.6.1 allows attackers to arbitrarily delete user accounts via a crafted request.
CVE-2025-28104
2025-04-21
CRITICAL
9.1
Incorrect access control in laskBlog v2.6.1 allows attackers to access all usernames via a crafted input.
CVE-2025-4114
2025-04-30
HIGH
8.8
A vulnerability classified as critical has been found in Netgear JWNR2000v2 1.0.0.11. Affected is the function check_language_file. The manipulation of…
CVE-2025-4543
2025-05-11
HIGH
7.3
A vulnerability, which was classified as critical, was found in LyLme Spage 2.1. This affects an unknown part of the…
CVE-2024-12679
2025-05-15
MEDIUM
4.8
The Prisna GWT WordPress plugin before 1.4.14 does not sanitise and escape some of its settings, which could allow high…
« Anterior
Página 355 de 3516
Siguiente »
Page load link
Go to Top
