Skip to content
Toggle Navigation
ISO/IEC 27001
Introducción a ISO 27001
Requisitos Normativos
ISO 27001 – GAP Analysis (Tool)
Concientización
Todos el contenido
Ciberseguridad
Introducción a la ciberseguridad
Defensa de sistemas informáticos
Amenazas y tendencias
Eventos de ciberseguridad
Glosario
Todos los artículos
Vulnerabilidades CVE
Desarrollo seguro (SDLC)
Desarrollo de software seguro
Normativa y Leyes
Leyes de protección de datos
Agencias nacionales de ciberseguridad
Contacto
Vulnerabilidades CVE
Vulnerabilidades CVE
drmunozcl
2025-06-04T18:44:58-04:00
Vulnerabilidades CVE
A continuación la lista de las últimas vulnerabilidades publicadas por el instituto NIST:
Filtrar por severidad:
Todas
NONE
LOW
MEDIUM
HIGH
CRITICAL
UNKNOWN
Filtrar
CVE ID
Publicado
Severidad
CVSS
Descripción
CVE-2022-32843
2022-09-23
HIGH
7.1
An out-of-bounds write issue was addressed with improved bounds checking. This issue is fixed in Security Update 2022-005 Catalina, macOS…
CVE-2022-32832
2022-09-23
MEDIUM
6.7
The issue was addressed with improved memory handling. This issue is fixed in iOS 15.6 and iPadOS 15.6, macOS Big…
CVE-2022-32807
2022-09-23
HIGH
7.1
This issue was addressed with improved file handling. This issue is fixed in Security Update 2022-005 Catalina, macOS Big Sur…
CVE-2022-28722
2022-09-26
CRITICAL
9.8
Certain HP Print Products are potentially vulnerable to Buffer Overflow.
CVE-2022-28979
2022-09-22
MEDIUM
6.1
Liferay Portal v7.1.0 through v7.4.2 and Liferay DXP 7.1 before fix pack 26, 7.2 before fix pack 15, and 7.3…
CVE-2022-28802
2022-09-21
CRITICAL
9.9
Code by Zapier before 2022-08-17 allowed intra-account privilege escalation that included execution of Python or JavaScript code. In other words,…
CVE-2022-28721
2022-09-26
CRITICAL
9.8
Certain HP Print Products are potentially vulnerable to Remote Code Execution.
CVE-2025-31250
2025-05-12
MEDIUM
5.5
An information disclosure issue was addressed with improved privacy controls. This issue is fixed in macOS Sequoia 15.5. An app…
CVE-2025-31251
2025-05-12
MEDIUM
5.5
The issue was addressed with improved input sanitization. This issue is fixed in watchOS 11.5, macOS Sonoma 14.7.6, tvOS 18.5,…
CVE-2025-31253
2025-05-12
HIGH
7.1
This issue was addressed through improved state management. This issue is fixed in iOS 18.5 and iPadOS 18.5. Muting the…
CVE-2025-31256
2025-05-12
MEDIUM
5.5
The issue was addressed with improved handling of caches. This issue is fixed in macOS Sequoia 15.5. Hot corner may…
CVE-2025-31257
2025-05-12
MEDIUM
4.7
This issue was addressed with improved memory handling. This issue is fixed in watchOS 11.5, tvOS 18.5, iOS 18.5 and…
CVE-2025-31258
2025-05-12
MEDIUM
6.5
This issue was addressed by removing the vulnerable code. This issue is fixed in macOS Sequoia 15.5. An app may…
CVE-2025-31259
2025-05-12
HIGH
7.8
The issue was addressed with improved input sanitization. This issue is fixed in macOS Sequoia 15.5. An app may be…
CVE-2025-31260
2025-05-12
MEDIUM
5.5
A permissions issue was addressed with additional restrictions. This issue is fixed in macOS Sequoia 15.5. An app may be…
CVE-2023-7229
2025-05-15
MEDIUM
5.5
The illi Link Party! WordPress plugin through 1.0 does not have CSRF check in place when updating its settings, which…
CVE-2023-7230
2025-05-15
MEDIUM
6.1
The illi Link Party! WordPress plugin through 1.0 does not sanitize and escape some parameters, which could allow users with…
CVE-2023-7231
2025-05-15
HIGH
7.3
The illi Link Party! WordPress plugin through 1.0 lacks proper access controls, allowing unauthenticated visitors to delete links.
CVE-2024-6718
2025-05-15
MEDIUM
5.4
The PVN Auth Popup WordPress plugin through 1.0.0 does not validate and escape some of its shortcode attributes before outputting…
CVE-2024-8090
2025-05-15
MEDIUM
6.1
The JavaScript Logic WordPress plugin through 0.1 does not have CSRF check in some places, and is missing sanitisation as…
CVE-2024-8094
2025-05-15
MEDIUM
6.5
The Ntz Antispam WordPress plugin through 2.0e does not have CSRF check in place when updating its settings, which could…
CVE-2024-8095
2025-05-15
MEDIUM
6.1
The BabelZ WordPress plugin through 1.1.5 does not have CSRF check in some places, and is missing sanitisation as well…
CVE-2024-8187
2025-05-15
MEDIUM
4.8
The Smart Post Show WordPress plugin before 3.0.1 does not sanitise and escape some of its settings, which could allow…
CVE-2024-8426
2025-05-15
MEDIUM
4.8
The Page Builder: Pagelayer WordPress plugin before 1.8.8 does not sanitise and escape some of its settings, which could allow…
CVE-2024-8618
2025-05-15
MEDIUM
4.8
The Page Builder: Pagelayer WordPress plugin before 1.9.0 does not sanitise and escape some of its settings, which could allow…
CVE-2025-4717
2025-05-15
HIGH
7.3
A vulnerability, which was classified as critical, was found in PHPGurukul Company Visitor Management System 2.0. Affected is an unknown…
CVE-2025-4725
2025-05-15
HIGH
7.3
A vulnerability, which was classified as critical, was found in itsourcecode Placement Management System 1.0. This affects an unknown part…
CVE-2025-4726
2025-05-15
HIGH
7.3
A vulnerability has been found in itsourcecode Placement Management System 1.0 and classified as critical. This vulnerability affects unknown code…
CVE-2025-4728
2025-05-15
HIGH
7.3
A vulnerability was found in SourceCodester Best Online News Portal 1.0. It has been classified as critical. Affected is an…
CVE-2025-4734
2025-05-16
HIGH
7.3
A vulnerability, which was classified as critical, was found in Campcodes Sales and Inventory System 1.0. Affected is an unknown…
CVE-2025-4736
2025-05-16
HIGH
7.3
A vulnerability was found in PHPGurukul Daily Expense Tracker 1.1 and classified as critical. Affected by this issue is some…
CVE-2025-3201
2025-05-16
MEDIUM
5.9
The Contact Form builder with drag & drop for WordPress WordPress plugin before 2.4.3 does not sanitise and escape some…
CVE-2025-4751
2025-05-16
MEDIUM
5.3
A vulnerability, which was classified as problematic, was found in D-Link DI-7003GV2 24.04.18D1 R(68125). Affected is an unknown function of…
CVE-2025-4757
2025-05-16
HIGH
7.3
A vulnerability was found in PHPGurukul Beauty Parlour Management System 1.1. It has been rated as critical. This issue affects…
CVE-2025-4758
2025-05-16
HIGH
7.3
A vulnerability classified as critical has been found in PHPGurukul Beauty Parlour Management System 1.1. Affected is an unknown function…
CVE-2025-4761
2025-05-16
HIGH
7.3
A vulnerability has been found in PHPGurukul Complaint Management System 2.0 and classified as critical. This vulnerability affects unknown code…
CVE-2025-4765
2025-05-16
HIGH
7.3
A vulnerability was found in PHPGurukul Zoo Management System 2.1. It has been classified as critical. Affected is an unknown…
CVE-2025-4766
2025-05-16
HIGH
7.3
A vulnerability was found in PHPGurukul Zoo Management System 2.1. It has been declared as critical. Affected by this vulnerability…
CVE-2024-48758
2024-10-16
MEDIUM
6.1
dingfanzu CMS V1.0 was discovered to contain a Cross-Site Request Forgery (CSRF) via the addPro parameter of the component doAdminAction.php…
CVE-2024-48249
2024-10-14
HIGH
7.3
Wavelog 1.8.5 allows Gridmap_model.php get_band_confirmed SQL injection via band, sat, propagation, or mode.
CVE-2024-46911
2024-10-14
MEDIUM
4.7
Cross-site Resource Forgery (CSRF), Privilege escalation vulnerability in Apache Roller. On multi-blog/user Roller websites, by default weblog owners are trusted…
CVE-2024-46468
2024-10-11
HIGH
7.5
A Server-Side Request Forgery (SSRF) vulnerability exists in the jpress
CVE-2024-47378
2024-10-05
HIGH
7.1
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in WPCOM WPCOM Member allows Reflected XSS.This…
CVE-2023-26771
2024-10-04
MEDIUM
6.5
Taskcafe 0.3.2 is vulnerable to Cross Site Scripting (XSS). There is a lack of validation in the filetype when uploading…
CVE-2023-26770
2024-10-04
CRITICAL
9.8
TaskCafe 0.3.2 lacks validation in the Cookie value. Any unauthenticated attacker who knows a registered UserID can change the password…
CVE-2025-2872
2025-05-27
N/A
0.0
Rejected reason: ** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2025-47577. Reason: This candidate is a reservation duplicate…
CVE-2024-55569
2025-05-14
HIGH
7.5
An issue was discovered in Samsung Mobile Processor, Wearable Processor, and Modem Exynos 980, 990, 850, 1080, 2100, 1280, 2200,…
CVE-2022-41250
2022-09-21
MEDIUM
6.5
A missing permission check in Jenkins SCM HttpClient Plugin 1.5 and earlier allows attackers with Overall/Read permission to connect to…
CVE-2022-41249
2022-09-21
HIGH
8.8
A cross-site request forgery (CSRF) vulnerability in Jenkins SCM HttpClient Plugin 1.5 and earlier allows attackers to connect to an…
CVE-2022-41248
2022-09-21
MEDIUM
5.3
Jenkins BigPanda Notifier Plugin 1.4.0 and earlier does not mask the BigPanda API key on the global configuration form, increasing…
« Anterior
Página 364 de 3517
Siguiente »
Page load link
Go to Top
