Skip to content
Toggle Navigation
ISO/IEC 27001
Introducción a ISO 27001
Requisitos Normativos
ISO 27001 – GAP Analysis (Tool)
Concientización
Todos el contenido
Ciberseguridad
Introducción a la ciberseguridad
Defensa de sistemas informáticos
Amenazas y tendencias
Eventos de ciberseguridad
Glosario
Todos los artículos
Vulnerabilidades CVE
Desarrollo seguro (SDLC)
Desarrollo de software seguro
Normativa y Leyes
Leyes de protección de datos
Agencias nacionales de ciberseguridad
Contacto
Vulnerabilidades CVE
Vulnerabilidades CVE
drmunozcl
2025-06-04T18:44:58-04:00
Vulnerabilidades CVE
A continuación la lista de las últimas vulnerabilidades publicadas por el instituto NIST:
Filtrar por severidad:
Todas
NONE
LOW
MEDIUM
HIGH
CRITICAL
UNKNOWN
Filtrar
CVE ID
Publicado
Severidad
CVSS
Descripción
CVE-2022-28980
2022-09-22
MEDIUM
6.1
Multiple cross-site scripting (XSS) vulnerabilities in Liferay Portal v7.4.3.4 and Liferay DXP v7.4 GA allows attackers to execute arbitrary web…
CVE-2022-28982
2022-09-22
MEDIUM
6.1
A cross-site scripting (XSS) vulnerability in Liferay Portal v7.3.3 through v7.4.2 and Liferay DXP v7.3 before service pack 3 allows…
CVE-2022-37204
2022-09-20
CRITICAL
9.8
Final CMS 5.1.0 is vulnerable to SQL Injection.
CVE-2022-26873
2022-09-20
HIGH
8.2
A potential attacker can execute an arbitrary code at the time of the PEI phase and influence the subsequent boot…
CVE-2024-38749
2024-08-13
MEDIUM
5.3
Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Olive Themes Olive One Click Demo Import allows Accessing Functionality…
CVE-2024-6460
2024-08-16
CRITICAL
9.8
The Grow by Tradedoubler WordPress plugin through 2.0.21 is vulnerable to Local File Inclusion via the component parameter. This makes…
CVE-2024-42639
2024-08-16
CRITICAL
9.8
H3C GR1100-P v100R009 was discovered to use a hardcoded password in /etc/shadow, which allows attackers to log in as root.
CVE-2024-6459
2024-08-17
CRITICAL
9.8
The News Element Elementor Blog Magazine WordPress plugin before 1.0.6 is vulnerable to Local File Inclusion via the template parameter.…
CVE-2024-43239
2024-08-18
MEDIUM
4.3
Authorization Bypass Through User-Controlled Key vulnerability in Masteriyo Masteriyo - LMS.This issue affects Masteriyo - LMS: from n/a through 1.11.4.
CVE-2025-32952
2025-04-22
MEDIUM
6.5
Jmix is a set of libraries and tools to speed up Spring Boot data-centric application development. In versions 1.0.0 to…
CVE-2025-32950
2025-04-22
MEDIUM
6.5
Jmix is a set of libraries and tools to speed up Spring Boot data-centric application development. In versions 1.0.0 to…
CVE-2023-32216
2023-06-19
CRITICAL
9.8
Mozilla developers and community members Ronald Crane, Andrew McCreight, Randell Jesup and the Mozilla Fuzzing Team reported memory safety bugs…
CVE-2023-32215
2023-06-02
HIGH
8.8
Mozilla developers and community members Gabriele Svelto, Andrew Osmond, Emily McDonough, Sebastian Hengst, Andrew McCreight and the Mozilla Fuzzing Team…
CVE-2023-32212
2023-06-02
MEDIUM
4.3
An attacker could have positioned a `datalist` element to obscure the address bar. This vulnerability affects Firefox < 113, Firefox…
CVE-2022-40444
2022-09-22
MEDIUM
5.3
ZZCMS 2022 was discovered to contain a full path disclosure vulnerability via the page /admin/index.PHP? _server.
CVE-2022-40443
2022-09-22
MEDIUM
5.3
An absolute path traversal vulnerability in ZZCMS 2022 allows attackers to obtain sensitive information via a crafted GET request sent…
CVE-2022-35032
2022-09-22
MEDIUM
6.5
OTFCC commit 617837b was discovered to contain a segmentation violation via /release-x64/otfccdump+0x6b6a8f.
CVE-2024-57471
2025-01-14
CRITICAL
9.8
H3C N12 V100R005 contains a buffer overflow vulnerability due to the lack of length verification in the 2.4G wireless network…
CVE-2024-57479
2025-01-14
CRITICAL
9.8
H3C N12 V100R005 contains a buffer overflow vulnerability due to the lack of length verification in the mac address update…
CVE-2024-57482
2025-01-14
CRITICAL
9.8
H3C N12 V100R005 contains a buffer overflow vulnerability due to the lack of length verification in the 5G wireless network…
CVE-2024-57473
2025-01-14
CRITICAL
9.8
H3C N12 V100R005 contains a buffer overflow vulnerability due to the lack of length verification in the mac address editing…
CVE-2024-57480
2025-01-14
CRITICAL
9.8
H3C N12 V100R005 contains a buffer overflow vulnerability due to the lack of length verification in the AP configuration function.…
CVE-2025-32979
2025-04-25
MEDIUM
6.5
NETSCOUT nGeniusONE before 6.4.0 b2350 allows Arbitrary File Creation by authenticated users.
CVE-2025-32981
2025-04-25
HIGH
7.1
NETSCOUT nGeniusONE before 6.4.0 b2350 allows local users to leverage Insecure Permissions for the nGeniusCLI File.
CVE-2025-32982
2025-04-25
HIGH
7.5
NETSCOUT nGeniusONE before 6.4.0 b2350 has a Broken Authorization Schema for the report module.
CVE-2025-32983
2025-04-25
HIGH
7.5
NETSCOUT nGeniusONE before 6.4.0 b2350 allows Technical Information Disclosure via a Stack Trace.
CVE-2025-32984
2025-04-25
MEDIUM
6.1
NETSCOUT nGeniusONE before 6.4.0 b2350 allows Stored Cross-Site Scripting (XSS) via a certain POST parameter.
CVE-2025-32985
2025-04-25
CRITICAL
9.8
NETSCOUT nGeniusONE before 6.4.0 b2350 has Hardcoded Credentials that can be obtained from JAR files.
CVE-2025-32986
2025-04-25
HIGH
7.5
NETSCOUT nGeniusONE before 6.4.0 b2350 has a Sensitive File Accessible Without Proper Authentication to an endpoint.
CVE-2020-6228
2020-04-14
HIGH
7.5
SAP Business Client, versions 6.5, 7.0, does not perform necessary integrity checks which could be exploited by an attacker under…
CVE-2020-6244
2020-05-12
HIGH
7.8
SAP Business Client, version 7.0, allows an attacker after a successful social engineering attack to inject malicious code as a…
CVE-2021-38150
2021-09-14
MEDIUM
6.5
When an attacker manages to get access to the local memory, or the memory dump of a victim, for example…
CVE-2021-2341
2021-07-21
LOW
3.1
Vulnerability in the Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Networking). Supported versions that are…
CVE-2023-50900
2024-06-19
MEDIUM
4.3
Cross-Site Request Forgery (CSRF) vulnerability in Averta Master Slider.This issue affects Master Slider: from n/a through 3.9.10.
CVE-2021-2388
2021-07-21
HIGH
7.5
Vulnerability in the Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Hotspot). Supported versions that are…
CVE-2024-32600
2024-04-18
HIGH
8.3
Deserialization of Untrusted Data vulnerability in Averta Master Slider.This issue affects Master Slider: from n/a through 3.9.5.
CVE-2024-32580
2024-04-18
MEDIUM
6.5
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Averta Master Slider allows Stored XSS.This issue affects…
CVE-2021-2369
2021-07-21
MEDIUM
4.3
Vulnerability in the Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Library). Supported versions that are…
CVE-2025-44864
2025-05-01
MEDIUM
6.3
Tenda W20E V15.11.0.6 was found to contain a command injection vulnerability in the formSetDebugCfg function via the module parameter. This…
CVE-2025-44865
2025-05-01
MEDIUM
6.3
Tenda W20E V15.11.0.6 was found to contain a command injection vulnerability in the formSetDebugCfg function via the enable parameter. This…
CVE-2025-44866
2025-05-01
MEDIUM
6.3
Tenda W20E V15.11.0.6 was found to contain a command injection vulnerability in the formSetDebugCfg function via the level parameter. This…
CVE-2020-14798
2020-10-21
LOW
3.1
Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: Libraries). Supported versions that are affected…
CVE-2024-37222
2024-06-20
HIGH
7.1
Cross Site Scripting (XSS) vulnerability in Averta Master Slider allows Reflected XSS.This issue affects Master Slider: from n/a through 3.10.0.
CVE-2020-14796
2020-10-21
LOW
3.1
Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: Libraries). Supported versions that are affected…
CVE-2020-14779
2020-10-21
LOW
3.7
Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: Serialization). Supported versions that are affected…
CVE-2020-14781
2020-10-21
LOW
3.7
Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: JNDI). Supported versions that are affected…
CVE-2020-14797
2020-10-21
LOW
3.7
Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: Libraries). Supported versions that are affected…
CVE-2020-14782
2020-10-21
LOW
3.7
Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: Libraries). Supported versions that are affected…
CVE-2020-14792
2020-10-21
MEDIUM
4.2
Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: Hotspot). Supported versions that are affected…
CVE-2020-14803
2020-10-21
MEDIUM
5.3
Vulnerability in the Java SE product of Oracle Java SE (component: Libraries). Supported versions that are affected are Java SE:…
« Anterior
Página 366 de 3517
Siguiente »
Page load link
Go to Top
