Skip to content
Toggle Navigation
ISO/IEC 27001
Introducción a ISO 27001
Requisitos Normativos
ISO 27001 – GAP Analysis (Tool)
Concientización
Todos el contenido
Ciberseguridad
Introducción a la ciberseguridad
Defensa de sistemas informáticos
Amenazas y tendencias
Eventos de ciberseguridad
Glosario
Todos los artículos
Vulnerabilidades CVE
Desarrollo seguro (SDLC)
Desarrollo de software seguro
Normativa y Leyes
Leyes de protección de datos
Agencias nacionales de ciberseguridad
Contacto
Vulnerabilidades CVE
Vulnerabilidades CVE
drmunozcl
2025-06-04T18:44:58-04:00
Vulnerabilidades CVE
A continuación la lista de las últimas vulnerabilidades publicadas por el instituto NIST:
Filtrar por severidad:
Todas
NONE
LOW
MEDIUM
HIGH
CRITICAL
UNKNOWN
Filtrar
CVE ID
Publicado
Severidad
CVSS
Descripción
CVE-2024-37222
2024-06-20
HIGH
7.1
Cross Site Scripting (XSS) vulnerability in Averta Master Slider allows Reflected XSS.This issue affects Master Slider: from n/a through 3.10.0.
CVE-2020-14796
2020-10-21
LOW
3.1
Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: Libraries). Supported versions that are affected…
CVE-2020-14779
2020-10-21
LOW
3.7
Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: Serialization). Supported versions that are affected…
CVE-2020-14781
2020-10-21
LOW
3.7
Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: JNDI). Supported versions that are affected…
CVE-2020-14797
2020-10-21
LOW
3.7
Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: Libraries). Supported versions that are affected…
CVE-2020-14782
2020-10-21
LOW
3.7
Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: Libraries). Supported versions that are affected…
CVE-2020-14792
2020-10-21
MEDIUM
4.2
Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: Hotspot). Supported versions that are affected…
CVE-2020-14803
2020-10-21
MEDIUM
5.3
Vulnerability in the Java SE product of Oracle Java SE (component: Libraries). Supported versions that are affected are Java SE:…
CVE-2020-14581
2020-07-15
LOW
3.7
Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: 2D). Supported versions that are affected…
CVE-2020-14577
2020-07-15
LOW
3.7
Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: JSSE). Supported versions that are affected…
CVE-2020-14579
2020-07-15
LOW
3.7
Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: Libraries). Supported versions that are affected…
CVE-2020-14578
2020-07-15
LOW
3.7
Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: Libraries). Supported versions that are affected…
CVE-2020-14556
2020-07-15
MEDIUM
4.8
Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: Libraries). Supported versions that are affected…
CVE-2025-39412
2025-05-19
MEDIUM
4.3
Missing Authorization vulnerability in Averta Master Slider.This issue affects Master Slider: from n/a through 3.10.8.
CVE-2020-14621
2020-07-15
MEDIUM
5.3
Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: JAXP). Supported versions that are affected…
CVE-2024-6490
2024-07-26
MEDIUM
6.5
During testing of the Master Slider WordPress plugin through 3.9.10, a CSRF vulnerability was found, which allows an unauthorized user…
CVE-2023-51147
2024-03-26
HIGH
8.0
Buffer Overflow vulnerability in TRENDnet Trendnet AC1200 TEW-821DAP with firmware version 3.00b06 allows an attacker to execute arbitrary code via…
CVE-2025-44867
2025-05-01
MEDIUM
6.3
Tenda W20E V15.11.0.6 was found to contain a command injection vulnerability in the formSetNetCheckTools function via the hostName parameter. This…
CVE-2023-51148
2024-03-26
HIGH
8.0
An issue in TRENDnet Trendnet AC1200 Dual Band PoE Indoor Wireless Access Point TEW-821DAP v.3.00b06 allows an attacker to execute…
CVE-2025-4896
2025-05-18
HIGH
8.8
A vulnerability was found in Tenda AC10 16.03.10.13 and classified as critical. Affected by this issue is some unknown functionality…
CVE-2025-4897
2025-05-18
HIGH
8.8
A vulnerability was found in Tenda A15 15.13.07.09/15.13.07.13. It has been classified as critical. This affects an unknown part of…
CVE-2025-4903
2025-05-19
MEDIUM
5.3
A vulnerability, which was classified as critical, was found in D-Link DI-7003GV2 24.04.18D1 R(68125). This affects the function sub_41F4F0 of…
CVE-2025-4904
2025-05-19
MEDIUM
5.3
A vulnerability has been found in D-Link DI-7003GV2 24.04.18D1 R(68125) and classified as problematic. This vulnerability affects the function sub_41F0FC…
CVE-2020-14593
2020-07-15
HIGH
7.4
Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: 2D). Supported versions that are affected…
CVE-2020-14583
2020-07-15
HIGH
8.3
Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: Libraries). Supported versions that are affected…
CVE-2023-40491
2024-05-03
HIGH
7.8
Maxon Cinema 4D SKP File Parsing Use-After-Free Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code…
CVE-2024-37644
2024-06-14
HIGH
8.8
TRENDnet TEW-814DAP v1_(FW1.01B01) was discovered to contain a hardcoded password vulnerability in /etc/shadow.sample, which allows attackers to log in as…
CVE-2024-37641
2024-06-14
HIGH
8.8
TRENDnet TEW-814DAP v1_(FW1.01B01) was discovered to contain a stack overflow via the submit-url parameter at /formNewSchedule
CVE-2024-37642
2024-06-14
CRITICAL
9.1
TRENDnet TEW-814DAP v1_(FW1.01B01) was discovered to contain a command injection vulnerability via the ipv4_ping, ipv6_ping parameter at /formSystemCheck .
CVE-2024-37643
2024-06-14
HIGH
8.8
TRENDnet TEW-814DAP v1_(FW1.01B01) was discovered to contain a stack overflow vulnerability via the submit-url parameter at /formPasswordAuth .
CVE-2024-37645
2024-06-14
HIGH
8.8
TRENDnet TEW-814DAP v1_(FW1.01B01) was discovered to contain a stack overflow vulnerability via the submit-url parameter at /formSysLog .
CVE-2024-38902
2024-06-24
CRITICAL
9.8
H3C Magic R230 V100R002 was discovered to contain a hardcoded password vulnerability in /etc/shadow, which allows attackers to log in…
CVE-2024-31374
2024-04-15
MEDIUM
4.3
Cross-Site Request Forgery (CSRF) vulnerability in AppPresser Team AppPresser.This issue affects AppPresser: from n/a through 4.3.0.
CVE-2024-38903
2024-06-24
MEDIUM
4.1
H3C Magic R230 V100R002's udpserver opens port 9034, allowing attackers to execute arbitrary commands.
CVE-2024-42637
2024-08-16
CRITICAL
9.8
H3C R3010 v100R002L02 was discovered to contain a hardcoded password vulnerability in /etc/shadow, which allows attackers to log in as…
CVE-2025-5100
2025-05-23
HIGH
8.0
A double-free condition occurs during the cleanup of temporary image files, which can be exploited to achieve memory corruption and…
CVE-2025-26466
2025-02-28
MEDIUM
5.9
A flaw was found in the OpenSSH package. For each ping packet the SSH server receives, a pong packet is…
CVE-2023-50456
2023-12-10
MEDIUM
5.3
An issue was discovered in Zammad before 6.2.0. An attacker can trigger phishing links in generated notification emails via a…
CVE-2023-49485
2023-12-08
MEDIUM
5.4
JFinalCMS v5.0.0 was discovered to contain a cross-site scripting (XSS) vulnerability in the column management department.
CVE-2023-48928
2023-12-08
MEDIUM
6.1
Franklin Fueling Systems System Sentinel AnyWare (SSA) version 1.6.24.492 is vulnerable to Open Redirect. The 'path' parameter of the prefs.asp…
CVE-2023-46932
2023-12-09
CRITICAL
9.8
Heap Buffer Overflow vulnerability in GPAC version 2.3-DEV-rev617-g671976fcc-master, allows attackers to execute arbitrary code and cause a denial of service…
CVE-2023-46494
2023-12-08
MEDIUM
6.1
Cross Site Scripting vulnerability in EverShop NPM versions before v.1.0.0-rc.5 allows a remote attacker to obtain sensitive information via a…
CVE-2023-48421
2023-12-08
HIGH
7.8
In gpu_pixel_handle_buffer_liveness_update_ioctl of private/google-modules/gpu/mali_kbase/platform/pixel/pixel_gpu_slc.c, there is a possible out of bounds write due to improper input validation. This could lead…
CVE-2023-43743
2023-12-08
HIGH
8.8
A SQL injection vulnerability in Zultys MX-SE, MX-SE II, MX-E, MX-Virtual, MX250, and MX30 with firmware versions prior to 17.0.10…
CVE-2022-40935
2022-09-22
HIGH
7.2
Online Pet Shop We App v1.0 is vulnerable to SQL Injection via /pet_shop/classes/Master.php?f=delete_category,id.
CVE-2022-40934
2022-09-22
HIGH
7.2
Online Pet Shop We App v1.0 is vulnerable to SQL injection via /pet_shop/classes/Master.php?f=delete_sub_category,id
CVE-2022-40933
2022-09-22
HIGH
7.2
Online Pet Shop We App v1.0 by oretnom23 is vulnerable to SQL injection via /pet_shop/classes/Master.php?f=delete_order,id.
CVE-2022-40932
2022-09-22
HIGH
7.2
In Zoo Management System v1.0, there is an arbitrary file upload vulnerability in the picture upload point of the "gallery"…
CVE-2022-40298
2022-09-23
HIGH
8.8
Crestron AirMedia for Windows before 5.5.1.84 has insecure inherited permissions, which leads to a privilege escalation vulnerability found in the…
CVE-2022-38573
2022-09-23
CRITICAL
9.8
10-Strike Network Inventory Explorer v9.3 was discovered to contain a buffer overflow via the Add Computers function.
« Anterior
Página 367 de 3517
Siguiente »
Page load link
Go to Top
