Skip to content
Toggle Navigation
ISO/IEC 27001
Introducción a ISO 27001
Requisitos Normativos
ISO 27001 – GAP Analysis (Tool)
Concientización
Todos el contenido
Ciberseguridad
Introducción a la ciberseguridad
Defensa de sistemas informáticos
Amenazas y tendencias
Eventos de ciberseguridad
Glosario
Todos los artículos
Vulnerabilidades CVE
Desarrollo seguro (SDLC)
Desarrollo de software seguro
Normativa y Leyes
Leyes de protección de datos
Agencias nacionales de ciberseguridad
Contacto
Vulnerabilidades CVE
Vulnerabilidades CVE
drmunozcl
2025-06-04T18:44:58-04:00
Vulnerabilidades CVE
A continuación la lista de las últimas vulnerabilidades publicadas por el instituto NIST:
Filtrar por severidad:
Todas
NONE
LOW
MEDIUM
HIGH
CRITICAL
UNKNOWN
Filtrar
CVE ID
Publicado
Severidad
CVSS
Descripción
CVE-2024-47090
2025-05-27
N/A
0.0
Improper neutralization of input in Nagvis before version 1.9.47 which can lead to XSS
CVE-2024-38866
2025-05-27
N/A
0.0
Improper neutralization of input in Nagvis before version 1.9.47 which can lead to livestatus injection
CVE-2025-5232
2025-05-27
MEDIUM
4.7
A vulnerability, which was classified as critical, has been found in PHPGurukul Student Study Center Management System 1.0. This issue…
CVE-2025-5231
2025-05-27
HIGH
7.3
A vulnerability classified as critical was found in PHPGurukul Company Visitor Management System 1.0. This vulnerability affects unknown code of…
CVE-2025-48382
2025-05-27
N/A
0.0
Fess is a deployable Enterprise Search Server. Prior to version 14.19.2, the createTempFile() method in org.codelibs.fess.helper.SystemHelper creates temporary files without…
CVE-2025-48054
2025-05-27
N/A
0.0
Radashi is a TypeScript utility toolkit. Prior to version 12.5.1, the set function within the Radashi library is vulnerable to…
CVE-2025-5230
2025-05-27
HIGH
7.3
A vulnerability classified as critical has been found in PHPGurukul Online Nurse Hiring System 1.0. This affects an unknown part…
CVE-2025-5228
2025-05-27
HIGH
8.8
A vulnerability was found in D-Link DI-8100 up to 20250523. It has been classified as critical. Affected is the function…
CVE-2025-5227
2025-05-27
HIGH
7.3
A vulnerability was found in PHPGurukul Small CRM 3.0 and classified as critical. This issue affects some unknown processing of…
CVE-2025-48828
2025-05-27
CRITICAL
9.0
Certain vBulletin versions might allow attackers to execute arbitrary PHP code by abusing Template Conditionals in the template engine. By…
CVE-2025-48827
2025-05-27
CRITICAL
10.0
vBulletin 5.0.0 through 5.7.5 and 6.0.0 through 6.0.3 allows unauthenticated users to invoke protected API controllers' methods when running on…
CVE-2025-26211
2025-05-27
LOW
3.7
Gibbon before 29.0.00 allows CSRF.
CVE-2025-5226
2025-05-27
HIGH
7.3
A vulnerability has been found in PHPGurukul Small CRM 3.0 and classified as critical. This vulnerability affects unknown code of…
CVE-2025-5221
2025-05-27
HIGH
7.3
A vulnerability was found in FreeFloat FTP Server 1.0.0. It has been classified as critical. This affects an unknown part…
CVE-2025-4683
2025-05-27
MEDIUM
4.3
The MStore API – Create Native Android & iOS Apps On The Cloud plugin for WordPress is vulnerable to unauthorized…
CVE-2025-4682
2025-05-27
MEDIUM
6.4
The Essential Blocks – Page Builder Gutenberg Blocks, Patterns & Templates plugin for WordPress is vulnerable to Stored Cross-Site Scripting…
CVE-2025-48744
2025-05-27
MEDIUM
6.4
In SIGB PMB before 8.0.1.2, attackers can achieve Local File Inclusion and remote code execution.
CVE-2025-48743
2025-05-27
MEDIUM
5.3
SIGB PMB before 8.0.1.2 allows SQL injection.
CVE-2025-5220
2025-05-27
HIGH
7.3
A vulnerability was found in FreeFloat FTP Server 1.0.0 and classified as critical. Affected by this issue is some unknown…
CVE-2025-33079
2025-05-27
MEDIUM
6.5
IBM Controller 11.0.0, 11.0.1, and 11.1.0 application could allow an authenticated user to obtain sensitive credentials that may be inadvertently…
CVE-2025-5219
2025-05-27
HIGH
7.3
A vulnerability has been found in FreeFloat FTP Server 1.0.0 and classified as critical. Affected by this vulnerability is an…
CVE-2025-5218
2025-05-27
HIGH
7.3
A vulnerability, which was classified as critical, was found in FreeFloat FTP Server 1.0.0. Affected is an unknown function of…
CVE-2025-5217
2025-05-27
HIGH
7.3
A vulnerability, which was classified as critical, has been found in FreeFloat FTP Server 1.0.0. This issue affects some unknown…
CVE-2025-5216
2025-05-27
HIGH
7.3
A vulnerability classified as critical was found in PHPGurukul Student Record System 3.20. This vulnerability affects unknown code of the…
CVE-2025-5214
2025-05-27
HIGH
7.3
A vulnerability was found in Kashipara Responsive Online Learing Platform 1.0. It has been rated as critical. Affected by this…
CVE-2025-5213
2025-05-27
HIGH
7.3
A vulnerability was found in projectworlds Responsive E-Learning System 1.0. It has been declared as critical. Affected by this vulnerability…
CVE-2025-4783
2025-05-27
MEDIUM
6.4
The Exclusive Addons for Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the HTML attributes of the…
CVE-2025-5212
2025-05-26
HIGH
7.3
A vulnerability was found in PHPGurukul Employee Record Management System 1.3. It has been classified as critical. Affected is an…
CVE-2025-5211
2025-05-26
HIGH
7.3
A vulnerability was found in PHPGurukul Employee Record Management System 1.3 and classified as critical. This issue affects some unknown…
CVE-2025-5210
2025-05-26
HIGH
7.3
A vulnerability has been found in PHPGurukul Employee Record Management System 1.3 and classified as critical. This vulnerability affects unknown…
CVE-2025-5208
2025-05-26
HIGH
7.3
A vulnerability, which was classified as critical, was found in SourceCodester Online Hospital Management System 1.0. This affects an unknown…
CVE-2025-5207
2025-05-26
MEDIUM
4.7
A vulnerability, which was classified as critical, has been found in SourceCodester Client Database Management System 1.0. Affected by this…
CVE-2025-5206
2025-05-26
MEDIUM
4.7
A vulnerability classified as critical was found in Pixelimity 1.0. Affected by this vulnerability is an unknown functionality of the…
CVE-2025-46802
2025-05-26
MEDIUM
6.0
For a short time they PTY is set to mode 666, allowing any user on the system to connect to…
CVE-2025-23395
2025-05-26
HIGH
7.8
Screen 5.0.0 when it runs with setuid-root privileges does not drop privileges while operating on a user supplied path. This…
CVE-2025-23394
2025-05-26
CRITICAL
9.8
A UNIX Symbolic Link (Symlink) Following vulnerability in openSUSE Tumbleweed cyrus-imapd allows escalation from cyrus to root.This issue affects openSUSE…
CVE-2025-23392
2025-05-26
MEDIUM
5.2
A Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS) vulnerability in spacewalk-java allows execution of arbitrary…
CVE-2025-46803
2025-05-26
MEDIUM
5.0
The default mode of pseudo terminals (PTYs) allocated by Screen was changed from 0620 to 0622, thereby allowing anyone to…
CVE-2025-46805
2025-05-26
MEDIUM
5.5
Screen version 5.0.0 and older version 4 releases have a TOCTOU race potentially allowing to send SIGHUP, SIGCONT to privileged…
CVE-2025-46804
2025-05-26
LOW
3.3
A minor information leak when running Screen with setuid-root privileges allows unprivileged users to deduce information about a path that…
CVE-2025-39498
2025-05-26
MEDIUM
5.3
Insertion of Sensitive Information Into Sent Data vulnerability in Spotlight Spotlight - Social Media Feeds (Premium) allows Retrieve Embedded Sensitive…
CVE-2025-5185
2025-05-26
MEDIUM
4.3
A vulnerability was found in Summer Pearl Group Vacation Rental Management Platform up to 1.0.1. It has been declared as…
CVE-2025-40667
2025-05-26
N/A
0.0
Missing authorization vulnerability in TCMAN's GIM v11. This allows an authenticated attacker to access any functionality of the application even…
CVE-2025-40666
2025-05-26
N/A
0.0
Time-based blind SQL injection vulnerabilities in TCMAN's GIM v11. These allow an attacker to retrieve, create, update and delete databases…
CVE-2025-40665
2025-05-26
N/A
0.0
Time-based blind SQL injection vulnerabilities in TCMAN's GIM v11. These allow an attacker to retrieve, create, update and delete databases…
CVE-2025-40664
2025-05-26
N/A
0.0
Missing authentication vulnerability in TCMAN GIM v11. This allows an unauthenticated attacker to access the resources /frmGestionUser.aspx/GetData, /frmGestionUser.aspx/updateUser and /frmGestionUser.aspx/DeleteUser.
CVE-2025-40663
2025-05-26
N/A
0.0
Stored Cross-Site Scripting (XSS) vulnerability in i2A-Cronos version 23.02.01.17, from i2A. It allows an authenticated attacker to upload a malicious…
CVE-2025-40653
2025-05-26
N/A
0.0
User enumeration vulnerability in M3M Printer Server Web. This issue occurs during user authentication, where a difference in error messages…
CVE-2025-40652
2025-05-26
N/A
0.0
Stored Cross-Site Scripting (XSS) vulnerability in the CoverManager booking software. This allows an attacker to inject malicious scripts into the…
CVE-2025-40650
2025-05-26
N/A
0.0
Insecure Direct Object Reference (IDOR) vulnerability in Clickedu. This vulnerability could allow an attacker to retrieve information about student report…
« Anterior
Página 358 de 3516
Siguiente »
Page load link
Go to Top
